Yesterday, Brave Software, the maker of ad blocking web browser Brave, filed a formal data protection complaint against Adtech industry body IAB Europe for a cookie wall stalking one site.
According to Dr. Johnny Ryan, the Chief Policy & Industry Officer of Brave, the company wants to know the methods employed to “force users to choose between cookies and accessing IAB's site.”
On the site, a notice reads that those cookies are for “functional and analytic purposes” adding that “those deployed by third parties may be used for targeted advertising.”
This move forces visitors to accept tracking by Google, Facebook, and many other sites which may monitor all their activities.
Dr. Ryan thinks such a move is a breach of the EU General Data Protection Regulation, “which protects citizens in Europe from being forced to accept processing for their data for other reasons rather than the provision of the requested service.”
“One should not be forced to accept web-wide profiling by unknown companies as a condition of access to a website,” Dr. Johnny Ryan of Brave said in a press release.
“This would be like Facebook preventing you from accessing the Newsfeed until you have clicked a button permitting it to share your data with Cambridge Analytica.”
However, there is still a lot of missing details about these claims including what data will be processed, under what legal basis, for how long, and at what time.
Simon McGarr, who has worked on data protection cases for Digital Rights Ireland, represents Dr. Ryan in his complaint.
McGarr argues that, “Where companies rely on consent to process people's data it is critical that this is more than a box-ticking exercise. For consent to be valid, it must be freely given, informed, specific and unambiguous…in a way which respects individuals' rights.”
Ryan wants to see the Irish Data Protection Commissioner crack down on the IAB's processing of data collected through the cookie wall.
In its defense, IAB Europe alleged a conflict of interest for Ryan and Brave, saying their claim was a PR campaign against the digital advertising industry.
Last month, IAB's Matthias Matthiesen said in a Twitter dispute with Ryan and other privacy activists that there was “nothing in either the GDPR or the ePrivacy Directive that prohibits so-called cookie walls (or consent walls for that matter)”.