Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Audits

Activists Launch Action Against ‘Cookie Banner Terror’

A group of online privacy activists said Monday it is taking action against hundreds of websites over their use of pop-up banners asking users to consent to “cookies”, the files that track users’ activity.

A group of online privacy activists said Monday it is taking action against hundreds of websites over their use of pop-up banners asking users to consent to “cookies”, the files that track users’ activity.

The Vienna-based NOYB group (an acronym of “none of your business”) said it would be presenting more than 500 draft complaints to companies over what it calls the “cookie banner terror” which has turned the internet into “a frustrating experience for users all over Europe”.

NOYB says many of the consent pop-ups which have become almost ubiquitous on the internet do not conform to EU laws, including the landmark General Data Protection Regulation (GDPR).

The group says the pop-ups in question do not give the user the simple “yes or no” to data collection that the law requires.

It says the banners are often designed in a way that make it “extremely complicated to click anything but the ‘accept’ button”.

The draft complaints are being lodged with companies in 33 countries, among them every European Economic Area (EEA) member state except Malta and Liechtenstein.

NOYB says it will file the complaints to regulatory authorities in a month’s time if the sites haven’t taken action to make the cookie banners comply with the requirements of privacy laws and rectify what NOYB calls their “unfair” and “frustrating” design.

The founders of NOYB include Austrian activists Max Schrems, who has notched up a series of legal victories over online privacy, including scuppering major EU-US data exchange arrangements.

“Frustrating people into clicking ‘okay’ is a clear violation of the GDPR’s principles,” Schrems said in a statement, adding: “Under the law, companies must facilitate users to express their choice and design systems fairly.”

NOYB says it has devised an automated system for identifying cookie banners that violate privacy regulations which could enable the group to file up to 10,000 complaints over the course of a year.

The group hopes that if its action is successful, “users should see simple and clear “yes or no” options” for data collection on more and more websites over the coming months.

Search giant Google has pledged to steer clear of tracking individual online activity when it begins implementing a new system for targeting ads without the use of cookies.

The company’s widely used Chrome browser recently began testing an alternative to the tracking practice that it believes could improve online privacy while still enabling advertisers to serve up relevant messages.

Related: EU Privacy Groups Set Sights on Facial Recognition Firm

Related: Privacy Activists in EU File Complaints Over iPhone Tracking

Related: Austria Privacy NGO Takes on Apple Over ‘Tracking Code’

Written By

AFP 2023

Click to comment

Expert Insights

Related Content

Audits

Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Privacy

The EU's digital policy chief warned TikTok’s boss that the social media app must fall in line with tough new rules for online platforms...

Privacy

Meta was fined an additional $5.9 million for violating EU data protection regulations with WhatsApp messaging app.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...