The Crux of Cookies Consent: A Legal and Technical Analysis of Shortcomings of Cookie Policies in the Age of the GDPR

Research output: Contribution to journalArticlepeer-review

Authors

Departments

External departments

  • FH Joanneum University of Applied Sciences

Details

Publication type

Research output: Contribution to journalArticlepeer-review

Abstract

EU legislation such as the ePrivacy Regulation and the GDPR impose a variety of obligations on how browser cookies need to be implemented on web pages. While almost all website operators adhere to the letter of the law, many websites fail to uphold the spirit of the law. Website operators may nudge visitors into accepting superfluous cookies by carefully crafting cookie popups; thus impinging on visitors’ right to self-determination of their data. The authors propose to define a machine-readable representation for cookie policies. This representation can then be used to present the cookie policy to website visitors in a standardized manner, thus reducing the potential for deceptive cookie policies.