Websites that only allow visitors to access their site if they agree to the placing of so-called ‘tracking cookies’ or other similar means of tracking and recording behaviour are not complying with the GDPR, stated this week the Autoriteit Persoonsgegevens (AP), the Netherlands’ privacy watchdog.
AP released this interpretation of the GDPR following dozens of complaints from website visitors who, after refusing tracking cookies, were unable to access the web pages they wanted to consult.
AP says that will intensify its monitoring of compliance and has sent letters to this effect.
“The digital tracking and recording of surfing behaviour on the Internet via tracking software or other digital methods is one of the largest processing of personal data, because almost everyone is active on the Internet. In order to protect privacy, it is therefore important that parties ask website visitors for permission in a proper manner. In this way, people can consciously and properly exercise their right to the protection of personal data. If a website requests permission for tracking cookies and access to the website or service is not possible if the cookie is refused, people are under pressure to give up their personal data, which is unlawful.” said Aleid Wolfsen, chairman of the AP.