The ruling issued by Germany’s Federal Court of Justice (BGH) on May 28, 2020 made clear what many people had long suspected: The “opt-out-of-cookies” approach favoured by many German companies violates Germany’s data protection legislation and also – as previously established by the European Court of Justice – European data protection law.
Other cookies, however, are not “technically necessary”. Typically, these include cookies that enable companies to analyse their websites’ performance or display relevant advertisements to visitors based on cookies that track their online interests.
According to the Federal Court of Justice ruling, websites may only set cookies that are not technically necessary if the user has “given his or her voluntary, informed and documented consent” to the collection of his or her personal data. This automatically invalidates the widespread practice of asking users to opt out by “de-selecting” cookies for website analysis and marketing from a list of preselected cookies (rather than asking them to opt in by selecting the cookies they are prepared to accept).
Based on the abovementioned guidelines, as well as the recommendations of our external Data Protection Officer and our own in-house legal guidelines, we formulated the following key requirements for implementing a legally compliant cookie consent manager for the www.frankfurt-school.de website:
Whether a cookie may be classified as “technically necessary” or not will depend on the specific website and what it offers. The criterion for differentiating between the two is whether the “cookie is required to deliver the original scope of functionality”. We have classified our own cookies by applying the above criterion to ensure that only cookies that meet the provisions of the latest FCJ ruling are designated “technically necessary”. Our website only sets any other (non-technical) cookies once you have given your consent.
To technically implement the above requirements, we partially programmed our cookie consent manager ourselves and also worked with a WordPress plug-in on some of the lower-tier pages. In addition to the requirements listed above, it was very important to us that it should only take two mouse-clicks for users to be able to access all information on our cookies and their functions. This is the only way to ensure that visitors to our website are able to make well-informed decisions. Unlike many other websites, we have no desire to obtain your consent “by the backdoor”.
We look forward to receiving your consent – and wish you every success in implementing your own cookie consent system!