Why does this matter?
In October 2020, the French Data Protection Authority (CNIL) published revised cookies guidelines on obtaining user consent to collect or store non-essential cookies -- cookies deployed for advertising purposes.
The CNIL guidelines call for entities to give more information than previously required under GDPR guidelines to collect consent. Now, the minimum information described to users must include the identity of the data controller and the purpose of the cookies deployed. It must also tell users how they can withdraw consent and the potential consequences of either choice.
The new guidelines also state that a user’s failure to opt-in to cookies must, by default, be considered non-consent.
In addition, the rules no longer completely ban cookie walls. But the CNIL indicates it frowns upon it because it’s less representative of true “affirmative consent.”
Previously, the CNIL allowed sites to collect user consent for a group of sites, provided they notified users. Now, the CNIL “strongly recommends” seeking consent for each site from each user if an entity other than the first-party website deploys non-essential cookies.
CNIL gave sites six months to comply with the new rules. That window closed in March 2021, and the regulator has since started auditing sites and issuing non-compliance letters.
Now, Osano customers can provide the correct consent banner for CNIL compliance.