The European data protection organization noby is following up in its fight against illegal cookie consent requests on the web.

After an initial wave of complaints, which was addressed to the website operator themselves at the end of May, the team around the Austrian data protection activist Max Schrems now wants to submit 422 formal complaints to ten data protection authorities.

Cookies are small data sets that websites store in order to make users identifiable.

With their help, individual profiles can be created that allow far-reaching conclusions about surfing behavior, preferences and lifestyle.

This knowledge is then used, for example, for personalized advertising.

Many companies use "dark patterns"

According to the letters to more than 500 companies on May 31, 42 percent of all violations on more than 516 websites have been removed.

Companies that have completely stopped using dark patterns to obtain consent include global brands such as Mastercard, Procter & Gamble, Forever 21, Seat and Nikon.

"Dark patterns" are user interfaces that are intended to induce users to take an action that does not correspond to their actual intentions.

In the case of cookies, the buttons, structure and labeling are specifically chosen so that website visitors are most likely to make a selection that is unfriendly to data protection.

Only a minority of the companies contacted followed noyb's request to make the revocation as easy as giving consent.

Only 18 percent would have set up such an option as a kind of cancellation symbol on their website.

The advertising industry has an influential opponent in the cookie dispute.

Schrems has already brought Facebook to its knees in two spectacular cases.

On the one hand, he enforced in October 2015 before the European Court of Justice (ECJ) that the transatlantic data protection agreement “Safe Harbor” used by Facebook was overturned.

In June 2020, he finally brought down the successor regulation “Privacy Shield” before the ECJ.

Schrems has now said that companies have expressed concerns that their competitors will fail to comply, which will lead to unfair competition.

“Others said they are waiting for a clear decision from the authorities before complying with the law.

We therefore hope that the data protection authorities will soon issue decisions and sanctions. "