Background As noted, CNIL's new guidance arrives in the context of a complex regulatory patchwork knit by several major regulatory stakeholders at a national and EU level. Cookie walls have been the subject of major contention in ePrivacy regulation for many years now, with the issue of whether their implementation runs contrary to the key principle of freedom of consent under data protection law at the centre of debates. Caught between the EDPB and the Council of State? The prevalent regulatory approach in Europe is that currently advocated by the European Data Protection Board ('EDPB') in its Guidelines 05/2020 on Consent under Regulation 2016/679 whereby the EDPB provides in no uncertain
Insight
France: CNIL opens door to cookie walls - a closer look at the new criteria
May 24, 2022
Summary
The French data protection authority CNIL issued guidance on cookie walls, following the Council of State's decision that CNIL cannot impose a blanket ban on them. CNIL's guidance outlines criteria for assessing cookie walls' legality, emphasizing the need for real alternatives to consent and reasonable paywall prices. The guidance arrives amid complex regulatory dynamics, with CNIL caught between the EDPB's stance and the Council of State's decision. CNIL's criteria include ensuring fair alternatives, reasonable paywall prices, justified user account creation, specified cookie purposes, and limited cookie deposition when alternatives are chosen.