Online companies in the EU can no longer present internet users with a pre-checked box telling them cookies will be planted on their smartphone or computer if they don’t deselect the option, under a ruling issued Tuesday.
The decision by the European Court of Justice means that users need to give “active consent” — rather than opt-out of an automatic default that would otherwise plant cookies in their device’s system.
The EU court was responding to a German court’s request for interpretation of an EU law protecting privacy through electronic communications.
It arose from a challenge lodged by a German consumer federation against a German company, Planet49, which presented users wanting to play its promotional lottery with a pre-checked cookie box.
The tracking cookies were to gather information on the users for advertising products from Planet49’s commercial partners — a common method by online companies.
But the court determined that “consent must be specific” and pressing a website button to participate in a lottery “is not sufficient for it to be concluded that the user validly gave his or her consent to the storage of cookies”.
The ruling comes with authorities in Europe, and increasingly in the United States and elsewhere, grappling with how to protect citizens’ privacy online as internet companies gather and cross-reference information gleaned from web use.
Cookies are small pieces of computer code that are downloaded into a user’s device to track what sites they visit, how they interact with them, and potentially other bits of information.
In Tuesday’s ruling, the EU court also ruled that users accepting cookies must be notified of how long those cookies will track them, and whether or not third parties have access to the information they gather.
Related: European Government Websites Are Delivering Tracking Cookies to Visitors
Related: UK Regulator Calls Out Compliance Failures in Targeted Advertising Industry

More from AFP
- France Punishes Clearview AI For Failing To Pay Fine
- Twitter Celebrity Hacker Pleads Guilty in US
- Pro-Russian Hackers Claim Downing of French Senate Website
- Microsoft Expands AI Access to Public
- Hackers Promise AI, Install Malware Instead
- Australian Finance Company Refuses Hackers’ Ransom Demand
- Tesla Sued Over Workers’ Alleged Access to Car Video Imagery
- Secret US Documents on Ukraine War Plan Spill Onto Internet: Report
Latest News
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Organizations Worldwide Targeted in Rapidly Evolving Buhti Ransomware Operation
- Google Cloud Users Can Now Automate TLS Certificate Lifecycle
- Zyxel Firewalls Hacked by Mirai Botnet
- Watch Now: Threat Detection and Incident Response Virtual Summit
- NCC Group Releases Open Source Tools for Developers, Pentesters
- Memcyco Raises $10 Million in Seed Funding to Prevent Website Impersonation
- New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grids
