|
|
|
|
|
|
by M2Ys4U
1772 days ago
|
|
|
>I think a lot of sites are conflating cookie consent and GDPR consent. They are doing that, however the the legal standard of consent under the ePrivacy Directive is the same as the GDPR. The ePD initially referenced the definition in the Data Protection Directive, but that was replaced by the GDPR. |
|
|
Here's what they say about analytics for example:
> Audience measurement shall be limited to non-intrusive practices that are not likely to create a privacy risk for users
> The Council’s position creates a new exception for audience measurement as suggested by the Article 29 Working Party6. However, the derogation for audience measurement as proposed by the Council is worded too broadly and could lead to an overly broad interpretation of what could fall under the scope of the derogation and consequently lower the level of protection of end users’ terminals.
> Therefore, the EDPB stresses that the derogation for audience measurement should be limited to low level analytics necessary for the analysis of the performance of the service requested by the user and should be solely limited to providing statistics to the service operator, and must be put in place by the operator or their processors. Therefore, this processing operation cannot give rise, by itself or in combination with other tracking solutions, to any singling-out or any profiling of users by the provider or other data controllers. Moreover, the audience measurement service should not allow to collect navigation information related to users across distinct websites/applications and should include a user-friendly mechanism to opt-out from any data collection.
https://edpb.europa.eu/system/files/2021-03/edpb_statement_0...