Home Data Protection The Irish Data Protection Commission’s Updated Guidance on Cookie Law and Privacy Controls

The Irish Data Protection Commission’s Updated Guidance on Cookie Law and Privacy Controls

by delta
0 comment

The Irish Data Protection Commission (DPC) has recently published updated guidance on cookie law and privacy controls, which has implications for businesses operating in the EU and UK. In this article, we will provide an overview of the key points covered in the guidance and what steps businesses need to take to comply.

Implied Consent is Not Legal or Appropriate

According to the DPC’s latest guidance, businesses must obtain clear and explicit consent from users before using cookies on their website. Implied consent, where users are assumed to have consented by continuing to use the website, is not legal or appropriate.

Ensure Privacy-Friendly Options and Accessibility

In addition to obtaining clear consent, site owners must ensure that their website offers privacy-friendly options to users. The interface should be designed with accessibility in mind, including considerations for users with visual impairments or dyslexia.

Avoid Pre-Checked Boxes and Cookie Walls

Websites should not use pre-checked boxes to obtain consent, as this is illegal. Similarly, cookie walls that require users to consent to cookies in order to access the website are also not permitted, unless specific functionality of the website may be impacted by refusal.

Transparency Obligations

Website owners must comply with transparency requirements under Articles 12 to 14 of the GDPR, including clearly explaining the use of cookies to visitors. Banners should be legible and not interrupted by other features on the page, and all third parties whose cookies or assets affect the website should be listed.

Sensitive Data and Accountability

The guidance highlights the Commissioner’s concern over the unlawful sharing of special categories of data, such as health data, for financial or marketing purposes. Processing of precise location data requires clear and explicit consent, and businesses must conduct a Data Protection Impact Assessment (DPIA) if they systematically monitor and track user location or behavior for profiling purposes.

Complying with the Guidance

All businesses operating in the EU and UK have an eight-week period to switch to using a compliant cookie consent management solution. Seers’ market-leading cookie consent management solution helps organizations protect and comply with regulations, and takes less than a few minutes to implement.


The DPC’s updated guidance on cookie law and privacy controls emphasizes the importance of obtaining clear and explicit consent from users, offering privacy-friendly options and accessibility, and complying with transparency obligations. Businesses must also avoid using pre-checked boxes and cookie walls and be accountable for sensitive data. By implementing a compliant cookie consent management solution, businesses can protect themselves from legal threats, compliance concerns, and litigation risks.

DELTA Data Protection & Compliance, Inc. Academy & Consulting – The DELTA NEWS – Visit: delta-compliance.com

Author: Shernaz Jaehnel, Attorney at Law, CDPO/CIPP/CIPM, Compliance, ESG & Risk Manager

You may also like

Leave a Comment


Delta-Compliance.com is a premier news website that provides in-depth coverage of the latest developments in finance, startups, compliance, business, science, and job markets.

Editors' Picks

Latest Posts

This Website is operated by the Company DELTA Data Protection & Compliance, Inc., located in Lewes, DE 19958, Delaware, USA.
All feedback, comments, notices of copyright infringement claims or requests for technical support, and other communications relating to this website should be directed to: info@delta-compliance.com. The imprint also applies to the social media profiles of DELTA Data Protection & Compliance.

Copyright ©️ 2023  Delta Compliance. All Rights Reserved