Irish DPC issue full guidance on the use of Cookies

Irish DPC issue full guidance on the use of Cookies

The Irish Data Protection Commission has released a new guidance on the use of cookies and other tracking technologies.

The guidance is the result of a sweep on 38 websites in Ireland which showed that users of Irish websites “are being tracked by third parties to a significant degree across their browsing habits and daily online activities”.

Data controllers and website operators are allowed a six-month grace period to comply with the requirements before enforcements are commenced.

Read the full report here.

Six main points from the document

  1. All cookies require consent except strictly necessary cookies and cookies used for communication. Analytics Marketing cookies always require consent.
  2. Consent must be reaffirmed within 6 months and must be given to each cookie purpose (e.g. statistics, functional, marketing).
  3. Pre-checked boxes and implied consent is not allowed. Websites may not assume that users give consent merely by scrolling down the website or has seen information in a cookie pop-up.
  4. Cookie pop-ups must give users the option to decline cookies. Pop-ups only with ‘accept’ buttons are not compliant.
  5. Cookie pop-ups may not ‘nudge’ users into accepting cookies or make it difficult to reject cookies.

Ensure your website is PECR and ePrivacy compliant

Create a FREE CookieScan account today and start managing your cookie consent.

Get Started