Must consent be granular in the UK? What about implied and on-scroll consent? Cookie consent rules may differ depending on the EU country. In this post, we’ll take a look at which GDPR cookie rules apply in the UK.
No, the UK’s Information Commissioner’s Office (ICO) does not recognize consent by scrolling to be a valid indication of affirmative consent.
No. As with consent on scroll, the UK does not recognize consent via continued browsing to be valid. Consent should be given via a direct affirmative action.
Yes, this feature is explicitly required according to the UK’s latest ICO guidelines. The explicit reject button is also required by Germany, Ireland and the Netherlands.
The ICO seems to favor combining both the “accept” and the “reject” buttons on the banner. This combination should put the options at equal prominence, in order to avoid any “nudging behaviour”.
“A consent mechanism that emphasises ‘agree’ or ‘allow’ over ‘reject’ or ‘block’ represents a non-compliant approach, as the online service is influencing users towards the ‘accept’ option”.
Yes. Except for exempt categories (which very few cookies fall into), cookies must be blocked until users have given their informed consent.
The consent must be specific to the particular service. Users should be able to manage consent to individual third parties on a granular basis – however, global consent can be used, provided that the user at least has the option to consent on an individual basis, should they choose to.
Yes, GDPR records of consent are also required for cookie consent, according to the ICO. You can read more about records of consent here.
Our comprehensive cookie management solution allows you to:
Cookie consent management for the ePrivacy, GDPR and CCPA