Bavarian data protection authority identifies deficits on website tracking

The German Data Protection Conference (Datenschutzkonferenz DSK) has always had the opinion that consent for website tracking is required. In April 2018 they announced their position in a following paper (only in German available):
https://www.ldi.nrw.de/mainmenu_Datenschutz/submenu_Technik/Inhalt/TechnikundOrganisation/Inhalt/Zur-Anwendbarkeit-des-TMG-fuer-nicht-oeffentliche-Stellen-ab-dem-25_-Mai-2018/Positionsbestimmung-TMG.pdf
 
In this context, § 15 German Telemedia Act and article 47 GDPR are ignored. Nevertheless, so far, no fine has been imposed to examine this central issue for website operators.
 
On Safer Internet Day on 5 February 2019, the Bavarian State Office for Data Protection Supervision (BayLDA) examined websites with a large reach and found numerous deficits in tracking. According to the president of the BayLDA, all websites audited committed data protection violations when using the tracking tools.
 
“For the companies responsible, our audit will have an after-effect. We have decided to remedy these shortcomings and to investigate the initiation of fine proceedings. We expect large companies in particular to be in a position to comply with legal requirements,” said the president of the BayLDA.
 
The BayLDA also agrees with the equally exciting follow-up question as to whether “consent” in tracking means genuine GDPR consent (prior, voluntary, informed).
 
Furthermore, the recently published new proposal to the ePrivacy regulation obviously assumes a consent requirement for tracking cookies, which however can be given more or less generalized.
 
The consent requirement would have far-reaching consequences for website operators. We would be pleased to inform you about further developments in this matter.