Deep Dive into the DPC's Cookie Sweep- Podcast
05th May 2020
The following Podcast takes a deep dive into the DPC's Cookie Sweep.
Regulation 5(3), 5(4) and 5(5) from S.I. 336/2011 :
5(3) A person shall not use an electronic communications network to store information, or to gain access to information already stored in the terminal equipment of a subscriber or user, unless
(a) the subscriber or user has given his or her consent to that use, and/p>
(b) the subscriber or user has been provided with clear and comprehensive information in accordance with the Data Protection Acts which—
(i) is both prominently displayed and easily accessible, and
(ii) includes, without limitation, the purposes of the processing of the information.
5(4) For the purpose of paragraph (3), the methods of providing information and giving consent should be as user-friendly as possible. Where it is technically possible and effective, having regard to the relevant provisions of the Data Protection Acts, the user’s consent to the storing of information or to gaining access to information already stored may be given by the use of appropriate browser settings or other technological application by means of which the user can be considered to have given his or her consent.
5(5) Paragraph (3) does not prevent any technical storage of, or access to, information for the sole purpose of carrying out the transmission of a communication over an electronic communications network or which is strictly necessary in order to provide an information society service explicitly requested by the subscriber or user.
The A29WP opinion on the cookie consent exemption is available here.