Online companies in the EU can no longer present internet users with a pre-checked box telling them cookies will be planted on their smartphone or computer if they don’t deselect the option, under a ruling issued Tuesday.
The decision by the European Court of Justice means that users need to give “active consent” — rather than opt-out of an automatic default that would otherwise plant cookies in their device’s system.
The EU court was responding to a German court’s request for interpretation of an EU law protecting privacy through electronic communications.
It arose from a challenge lodged by a German consumer federation against a German company, Planet49, which presented users wanting to play its promotional lottery with a pre-checked cookie box.
The tracking cookies were to gather information on the users for advertising products from Planet49’s commercial partners — a common method by online companies.
But the court determined that “consent must be specific” and pressing a website button to participate in a lottery “is not sufficient for it to be concluded that the user validly gave his or her consent to the storage of cookies”.
The ruling comes with authorities in Europe, and increasingly in the United States and elsewhere, grappling with how to protect citizens’ privacy online as internet companies gather and cross-reference information gleaned from web use.
Cookies are small pieces of computer code that are downloaded into a user’s device to track what sites they visit, how they interact with them, and potentially other bits of information.
In Tuesday’s ruling, the EU court also ruled that users accepting cookies must be notified of how long those cookies will track them, and whether or not third parties have access to the information they gather.
Related: European Government Websites Are Delivering Tracking Cookies to Visitors
Related: UK Regulator Calls Out Compliance Failures in Targeted Advertising Industry

More from AFP
- UK Minister Warns Meta Over End-to-End Encryption
- ‘Cybersecurity Incident’ Hits ICC
- China Says No Law Banning iPhone Use in Govt Agencies
- Spies, Hackers, Informants: How China Snoops on the West
- Meta Fights Sprawling Chinese ‘Spamouflage’ Operation
- Two Men Arrested Following Poland Railway Hacking
- UK Court Concludes Teenager Behind Huge Hacking Campaign
- Suspected N. Korean Hackers Target S. Korea-US Drills
Latest News
- Researchers Discover Attempt to Infect Leading Egyptian Opposition Politician With Predator Spyware
- In Other News: New Analysis of Snowden Files, Yubico Goes Public, Election Hacking
- China’s Offensive Cyber Operations in Africa Support Soft Power Efforts
- Air Canada Says Employee Information Accessed in Cyberattack
- BIND Updates Patch Two High-Severity DoS Vulnerabilities
- Faster Patching Pace Validates CISA’s KEV Catalog Initiative
- SANS Survey Shows Drop in 2023 ICS/OT Security Budgets
- Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones
