The NOYB recently announced a new wave of complaints against websites with cookie banners that do not comply with the GDPR. Many internet users are frustrated with consent popups that don’t seem to give them a real choice or are intrusive to the browsing experience – and the NOYB seeks to remedy that.
Their initial efforts in May 2021 were very successful, and there was a clear improvement in the way websites were managing their cookie banners. As such, they just issued an additional 270 notices to websites that were not following the guidelines for cookies and data tracking consent.
NOYB launches second wave of cookie banner complaints
Cooperation is the Goal
The GDPR requires websites to obtain consent as simple yes or no – it shouldn’t be more complicated than that. Many sites have deceptive designs that make it difficult for users to understand their rights, which violates the law.
The NOYB’s goal is to cooperate with these websites so they can address the issues and develop a compliant solution. As a result, these formal complaints were only filed after they failed to make corrections during the 60-day grace period.
In other words, if the website cooperated with the NOYB and followed their step-by-step guide to adjusting their settings, the case would not be filed with the relevant authority. They are prepared to enforce users’ rights, though, so failure to work with them results in a formal complaint and a hefty fine.
The NOYB even withdrew 3 separate complaints after the websites worked to bring their cookie banners into full compliance with the GDPR.
More Work is Needed to Achieve Compliance
Almost half of the identified violations were corrected within 30 days, but there is much more work that needs to be done. More than 80% of all the sites did not comply completely, which led to 456 complaints across the data protection authorities.
There have been some improvements in banner design, but non-compliance is still persistent. The violations are so prevalent that the European Data Protection Board (EDPB) created a special task force to address the complaints.
Positive Impacts Across the Web
The efforts of the NOYB have created a significant spillover effect across the web. When starting their secondary scan for the next wave of complaints, they realized that many organizations had taken proactive steps to improve GDPR compliance.
Nikon, Unilever, and Domino’s Pizza are just a few of the brands that have adapted their cookie banners to comply with the GDPR. The new yes/no approach is much more user-friendly and follows the NOYB guidelines.
This shift shows that the initial enforcement efforts not only changed the behavior of individual websites – they also spurred change across the industry. The NOYB hopes this positive impact will grow as information continues to spread about ongoing enforcement and best practices for GDPR compliance.
They will continue to follow up with the 270 complaints and plan to extend their scope to websites that use other types of consent management platforms. For instance, sites that rely on other CMP’s than Cookiebot, TrustArc, or Quantcast are not detected by their software – but they will be soon.
NOYB cookie banner guidelines – CookieFirst
In one of our earlier blogposts we introduced our own cookie banner guideline with best practices in order to make your CookieFirst banner compliant with the NOYB requirements.
You can find it by clicking the link below.