The Consumers’ Association once again shows its venomous side by publishing a investigation that says that of 150 popular websites more than 100 do not comply with the AVG (GDPR) rules. They checked that immediately on 27 May, two days after the rules had been implemented. Now honesty demands to say that everyone has had several years to conform to the rules so that “we did not have the time!” no valid excuse for the websites in question.
There is a lot of cheating with cookies. According to the survey, more than 50 percent of the sites already place cookies before you can indicate whether you want to. Very often it concerns advertising cookies from Facebook and Google. Examples that are mentioned are Booking.com, Eneco, Nationale Nederlanden and Bever. Also in the list? Facebook and YouTube. The website of Google then complies with the rules.
No free choice
But even after that, things are not going well. The AVG states that permission must be ‘free’ but also ‘unambiguous, specific and informed’. This means that you as a visitor must also be given the choice to refuse all cookies, without being denied access to the site. Fewer than 50 of the 150 sites did the same, while 26 of the sites force you to accept the cookies to see the site. The rest makes the choice very unclear, and let your pages search deeply whether or not cookies are used that infringe on your privacy, so you accept them faster. The option to refuse them is also hidden behind a ‘more information’ link, which is technically a violation, but in any case better than the rest.
The authorities that deal with it (Consumer and Market and Personal Data) have already been informed by the Consumers’ Association, but whether this will lead to fines is only a matter of waiting. Both have already said that they have other things to do at the moment than going straight after. Presumably they are also already busy with the tax authorities, which previously indicated that they will need another year to comply with all privacy rules.
So it will take some time before all websites are AVG-proof, but every step forward is one and as more sites keep this as standard, you will not get away with it. You can assume that if we are one year further and there is another such research results, the response will be a lot less friendly.