Digital media fined for violating cookie regulations

The Spanish Data Protection Agency (AEPD) issued a sanction on February 25 against a news website for failing to comply with cookie regulations. You can read the AEPD's published resolution here.

It all started with a complaint

The Spanish Data Protection Agency (AEPD) issued a sanction against a news website for failing to comply with cookie regulations.

The investigation began after a user filed a complaint, alleging that the website did not meet legal requirements regarding its cookie policy. Specifically, the following issues were identified:

• Cookies installed without prior consent: The website was found to be downloading Google Analytics cookies before obtaining user consent.
• No free option to reject cookies: Users were required to subscribe and pay a monthly fee to browse the site without accepting cookies—an approach known as a "cookie wall," which is against regulations.
• No way to modify consent: Once a user gave consent for cookie usage, there was no accessible mechanism to revoke or change it.

Analysis and sanction

The AEPD determined that these practices violated Article 22.2 of the Spanish Information Society Services Act (LSSI), which mandates obtaining user consent before installing non-essential cookies and ensuring that consent can be revoked at any time.

The infringement was classified as minor, and an initial fine of €2,000 was imposed. However, since EDA TV opted for early payment and admitted responsibility, the fine was reduced to €1,200.

Conclusion

This case underscores the importance of strict compliance with cookie regulations for websites. The guidelines are clear:

• A website must not install cookies (including Google Analytics cookies) before obtaining user consent via a cookie banner.
• The cookie banner must always include an option to reject cookies, and this option must be free for users.
• Even after a user has given consent, there must be an easily accessible tab or section on the website that allows them to modify their selection.

Want the easiest way to ensure your cookie banner is compliant? Install Lawwwing’s cookie banner! It detects all the cookies on your website (often more than you’d expect), categorizes them, and generates a banner that fully complies with privacy laws.

Plus, the Lawwwing cookie banner is fully customizable—you can place it in the footer, center of the page, choose the colors, and design the "Accept" and "Reject" buttons however you like!

This ruling serves as a reminder for online businesses of the need to adapt their websites to current privacy and data protection regulations—you never know when you might be audited!acy and data protection laws is essential—you never know when you might be audited!