Sites and RGPD: the cookies of discord

The cookies of discord, between website and RGPD

Enforceable since May 2018, the European regulation has caused a lot of ink to flow. It's the management of cookies and consents that represents one of the main challenges for companies and web agencies. Almost two years on, cookie (di)management is still having trouble getting through. This term is to be taken in its broadest sense. It covers all traces deposited or read when web pages are consulted. Some cookies can be used to uniquely identify an individual. This is where the RGPD comes in.

The CNIL reminds us that before depositing or reading a cookie, site or application publishers must :

Inform Internet users of the purpose of cookies;
Obtain their consent (this consent is valid for a maximum of 13 months);
Provide Internet users with a way to refuse them.

But this is far from being the case. For a variety of reasons: unwillingness on the part of companies, lack of knowledge of the RGPD on the part of web agencies, the feeling that the CNIL is focusing (wrongly) on the "big boys" like GAFA...

Whatever the case, one thing is certain: a website is a company's showcase. It's what inspires confidence, or not. And the stakes aren't technical or legal; they're economic!

According to a recent survey carried out by the French Institute of Public Opinion (IFOP), at the request of the CNIL, 70% of those questioned believe that their consent should be obtained before their browsing data is used.

RGPD: More transparency for more trust

Above all, a very large majority (90%) would like to know which companies can track their browsing habits, believing that information in this area is insufficiently precise. Finally, 65% of respondents say that current authorization requirements are insufficient to protect them effectively against privacy risks.

Another IFOP survey published in 2018 had indicated that personal data protection was becoming a purchasing criterion. With the RGPD, companies must change paradigm and begin their "cultural revolution". With a niche: more transparency for more trust.

It is therefore important to follow the rules imposed by the RGPD. Thus, the CNIL specifies that "consent must be manifested by a positive action of the person previously informed of the consequences of his choice and having the means to exercise it. (...). Acceptance of general conditions of use cannot be a valid way of obtaining consent."

It's up to the website publisher to have complete control over all the cookies deposited and read on its website, and to inform visitors accordingly. It's up to them to choose!

In the same category

Expert's Word

THE 07/18/2023

MSSP: why entrust your cybersecurity to an expert?

The digital landscape of industrial companies is undergoing unprecedented change. While the opening up of information systems boosts productivity, it

News

THE 05/25/2023

Scalair & Cato Netwokrs offers a Managed SASE offer!

News

THE 29/03/2023

Scalair's Managed EDR solution wins the label!

Scalair was recently awarded the Label France Cybersecurity 2023 for its Managed EDR (Endpoint Detection and Response) solution. This solution

Expert's Word

THE April 9, 2026

AI for Cybersecurity: Secure Your Industry with Confidence in 2026

The industrial digital landscape is undergoing a major technological transformation. By 2026, the sophistication of attacks will increasingly rely on

Expert's Word

THE February 26, 2026

Zero Trust Security: The Practical Guide to Protecting Your Privileged Access

Practical guide: Implementing a zero trust architecture in 5 key steps The traditional security perimeter, once

Success Story

THE February 17, 2026

Case study: MPLS migration to Cato Networks SASE for a local government

How Scalair supported the network modernization of the Osartis-Marquion Community of Municipalities The Osartis-Marquion Community of Municipalities (49 municipalities,