At the end of April, the independent data protection authorities of the German federal and state governments (DSK) published a position paper on the topic of tracking opt-in. This is not a resolution, but a „position“ that an opt-in for cookies will be required in the future. A month before the GDPR came into force, the position paper came as quite a surprise. Because the TMG (Telemediengesetz) \u00a715.3 is a further existing law, according to which pseudonymous user profiles without opt-in are permitted under German law, if an opt-out is offered.<\/p>\n\n\n\n
Therefore, from ePrivacy’s point of view, this position is hardly legally enforceable. ePrivacy also sticks to the position that an opt-out model for cookies can be used legally in Germany as in the past.<\/p>\n\n\n\n
This is also the view of the authors of the following articles, including BVDW (available only in German):<\/p>\n\n\n\n
Apart from the legal situation, the practice develops in a different way. Google for example requires an opt-in for cookies from its partners for certain business models. The IAB EU with the IAB Transparency & Consent Network developed a technical standard for tracking based on both cookie opt-in and legitimate interest as a legal basis.
In practice, more and more companies seem to use an opt-in for cookies in addition to the use of cookies without opt-in on a different legal basis. Even if, according to ePrivacy experts, it is not legally necessary in Germany. The legal interpretation in the UK and France is different: an opt-in for cookies tends to be required, this has been already implemented by many companies as an implied consent or an opt-in model. <\/p>\n\n\n\n
Do you have any further questions related to the GDPR? Please feel free to contact us<\/a>!<\/p>\n","protected":false},"excerpt":{"rendered":" At the end of April, the independent data protection authorities of the German federal and state governments (DSK) published a position paper<\/p>\n