Latest news for Small Business Owners

How do you keep up to date with new ideas, new technology & market changes?
Do you have time to scour the web looking for new ideas & the next best thing to add to your website?
You want the latest news about your company & industry news all in one easy-to-access place.
2 minutes reading time (466 words)

Google and Facebook fined for making cookies hard to refuse

Expensive cookies Is your website compliant?

French privacy watchdog, the Commission Nationale de l'Informatique et des Libertés (CNIL), has hit Google with a 150 million euro fine and Facebook with a 60 million euro fine, because their websites—,, and—don't make refusing cookies as easy as accepting them.

The CNIL carried out an online investigation after receiving complaints from users about the way cookies were handled on these sites. It found that while the sites offered buttons for allowing immediate acceptance of cookies, the sites didn't implement an equivalent solution to let users refuse them. Several clicks were required to refuse all cookies, against a single one to accept them.

In addition to the fines, the companies have been given three months to provide Internet users in France with a way to refuse cookies that's as simple as accepting them. If they don't, the companies will have to pay a penalty of 100,000 euros for each day they delay.

One of the reasons given for the fines is the use of dark patterns, which make it difficult for users to reject the use of cookies.

 Dark patterns

For example, YouTube's choice between "I agree" and "Customize" rather than "I agree" and "I don't agree" is a dark pattern, a design that subtly and deliberately nudges you in the direction of a choice that benefits the designer. They are everywhere on the web, and they're a problem.

This explains why the French watchdog objects to the skewed balance between accepting or rejecting cookies from these sites—the path to privacy is long and difficult.

How does this affect me? 

If you have a website, you need to be sure that it complies with relevant laws.
The above ruling was made in terms of GDPR, which is the EU privacy law.

In South Africa, the equivalent law is the POPI Act, which requires all sites to:

  • declare their cookie and privacy policies
  • allow user to accept or reject the use of cookies
  • provide a way for user information to be "forgotten" if requested by the user.

To avoid issues, make sure that you have complied with all relevant laws for the countries you operate in (not just where your website is hosted).

If you don't have a privacy policy in place, or you are uncertain if you comply, give us a call.
We can help get you compliant.

Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

Does good website SEO matter?
Website performance metrics

Related Posts



No comments made yet. Be the first to submit a comment
Sunday, 21 July 2024

Captcha Image