Are cookie banners indeed compliant with the law? - Archive ouverte HAL Access content directly
Journal Articles Technology and Regulation Year : 2020

Are cookie banners indeed compliant with the law?

(1) , (2) ,
1
2
Cristiana Santos
  • Function : Author
  • PersonId : 1069319
Célestin Matte

Abstract

In this paper, we describe how cookie banners, as a consent mechanism in web applications, should be designed and implemented to be compliant with the ePrivacy Directive and the GDPR, defining 22 legal requirements. While some are provided by legal sources, others result from the domain expertise of computer scientists. We perform a technical assessment of whether technical (with computer science tools), manual (with a human operator) or user studies verification is needed. We show that it is not possible to assess legal compliance for the majority of requirements because of the current architecture of the web. With this approach, we aim to support policy makers assessing compliance in cookie banners, especially under the current revision of the EU ePrivacy framework.
Fichier principal
Vignette du fichier
2020-09-22-journal.pdf (4.14 Mo) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-02875447 , version 1 (19-06-2020)
hal-02875447 , version 2 (23-09-2020)

Identifiers

Cite

Cristiana Santos, Nataliia Bielova, Célestin Matte. Are cookie banners indeed compliant with the law?: Deciphering EU legal requirements on consent and technical means to verify compliance of cookie banners. Technology and Regulation, 2020, 2020, pp.91-135. ⟨10.26116/TECHREG.2020.009⟩. ⟨hal-02875447v2⟩
2470 View
2438 Download

Altmetric

Share

Gmail Facebook Twitter LinkedIn More