Support Centre

Spain: AEPD issues €30,000 fine against Twitter for unlawful cookie banner

The Spanish data protection authority ('AEPD') issued, on 9 June 2020, a resolution ('the Resolution') in proceeding PS/00299/2019, in which it fined Twitter, Inc. €30,000 for violating regulations on the use of cookies. In particular, the AEPD held that Twitter’s cookie banner stated that, by using Twitter's services, the user would accept the cookie policy, and did not provide any further link within the banner to reject the use of cookies or redirect the user to a second layer of the cookie banner including management and configuration options. Moreover, the AEPD held that, in order to manage cookies, the user had to click on a link at the bottom of the website.

Furthermore, the AEPD stated that cookies, including advertisement cookies, would be placed on end user devices once the user accessed the website and without having carried out any other type of action. Therefore, the AEPD held that Twitter had violated Spanish data protection laws and required Twitter to take appropriate measures within one month of the notification of the Decision, taking into account the AEPD's Guide on the Use of Cookies.

You can read the Resolution, only available in Spanish, here.