A Dutch Consumers' Association concludes that a large majority of 150 well-known websites in the Netherlands are in breach of the new privacy act GDPR. The new European privacy act, which in the Netherlands is called the AVG (General Data Protection Regulation), contains specific requirements for websites regarding cookies.
Cookies are small text files that are placed on your computer by a website to track your browsing behaviour. This information is valuable to advertisers because it allows them to target their advertising more specifically at you. The information is also used for analysis purposes.
Visitors should be able to give their consent "freely, specifically, informatively and unequivocally". The consumer organisation concludes that this is not the case here. For example, 52 percent of the 150 site place cookies before you, as a user, can indicate whether you want to.
The Consumers' Association carried out the check on 27 May, two days after the new privacy law came into force. It is possible that sites have changed their policy in the meantime.
The Consumers' Association has informed the ACM and the Personal Data Authority about the infringements. The Authority confirms to the NOS that the functioning of the sites under investigation is not allowed.