Among other things, it was asked whether third-party services (e.g. map or weather services) had been integrated, whether cookies had been set and whether consent had been properly obtained. In addition, a technical check of the relevant websites was carried out.
An effective consent requires that the website operator informs the users transparently and completely about which data is collected and to which recipient it is forwarded. Here, significant shortcomings of the websites became apparent, which in some cases even led to the consent being ineffective, namely in all cases in which the necessary information was not provided at all. In some cases, subtle influences – so-called nudging – were also used to press for consent. This is always the case when the “Agree” option in the cookie banner is more eye-catching in colour compared to the “Reject” option or when the process of rejection is unnecessarily complicated by longer click paths.
A positive result of the study was that the controlled websites used cookies relatively sparingly. A maximum of 14 cookies were found, some even used only one. It can be assumed that the relevance of the cookie issue in terms of data protection law has been dealt with.
The State Commissioner for Data Protection (LfD) in Lower Saxony is currently carrying out a coordinated inspection of online media websites with the supervisory authorities of several other federal states. The final results are not yet available.
We will report on the results in one of the next ePrivacy newsletters …