The Dutch Court of Amsterdam has made a significant ruling regarding LinkedIn Ireland Unlimited Company and LinkedIn Netherlands BV (LinkedIn), Microsoft Corporation, Microsoft Ireland Operations Ltd, and Microsoft BV (Microsoft), along with Xandr Inc. (collectively referred to as the Defendants). The Court has mandated that these entities must stop the placement of cookies without obtaining explicit consent from users.
This decision emphasizes that, according to Article 11.7a of the Telecommunications Act, any placement of cookies requires prior consent from the data subject. This is in alignment with the requirements for processing personal data under the General Data Protection Regulation (GDPR). The ruling was based on evidence showing that, out of 52 websites visited by the plaintiff, 19 placed cookies on the plaintiff’s device either without prior consent or even after consent had been explicitly refused.
Furthermore, the Court clarified that Article 11.7a of the Telecommunications Act applies to any individual or entity that stores or accesses information on a user’s device. This means that even when third parties are involved in placing cookies, the website provider has certain obligations. In this case, the cookies were placed due to agreements between the Defendants and third-party operators. Crucially, the Court found that the Defendants had not taken adequate measures to prevent third parties from placing cookies without user consent.
Consequently, the Court concluded that the Defendants violated both the Telecommunications Act and the GDPR by allowing cookies to be placed on the plaintiff’s device without proper consent. This ruling underscores the importance of obtaining explicit user consent before placing cookies and highlights the responsibilities of website providers in ensuring compliance with data protection regulations.
Protect Your Business and Stay Compliant with iubenda
This landmark ruling by the Dutch Court of Amsterdam highlights the critical importance of obtaining explicit user consent for cookie placement and adhering to data protection regulations. Ensure your website is fully compliant with GDPR, the Telecommunications Act, and other relevant laws by implementing a robust cookie consent solution.
iubenda offers comprehensive tools and services to help your business navigate the complexities of data privacy laws. From creating legally compliant cookie banners to managing consent records, iubenda simplifies compliance so you can focus on what you do best.
Don’t leave your business at risk.
Get started with iubenda today and ensure you’re always one step ahead in protecting your users’ privacy and maintaining regulatory compliance.