I read the opinion now. You’re right in that their analysis too is actually rather harsh! E.g, no long-term shopping carts are allowed, only for the current session plus “a few hours” which presumably would stretch to tomorrow but not more. Still, I’d say that it’s really strict compared to the actual court cases, and probably in any case wouldn’t prevent a website from delivering an optimal experience for the user without needing a cookie banner at all. if I was designing a shopping website I wouldn’t lose sleep over having a shopping cart expire after a week, assuming I could actually justify that the users would benefit from it.
For the curia.europa.eu cookie banner they present it doesn’t give you the opportunity to reject “technical” cookies, just the analytics and YouTube stuff. That implies that the cookies for language and such is exempt, and the reason for the banner is those other ones. They also set the “clicked the cookie banner”-cookie expiry time to a year, also implying it’s okay to store it for that length of time.
it doesn’t give you the opportunity to reject “technical” cookies, just the analytics and YouTube stuff
I think that’s because then the weaker “legitimate purpose” standard applies? (“Access to specific website content may still be made conditional on the well-informed acceptance of a cookie or similar device, if it is used for a legitimate purpose.”)
I read the opinion now. You’re right in that their analysis too is actually rather harsh! E.g, no long-term shopping carts are allowed, only for the current session plus “a few hours” which presumably would stretch to tomorrow but not more. Still, I’d say that it’s really strict compared to the actual court cases, and probably in any case wouldn’t prevent a website from delivering an optimal experience for the user without needing a cookie banner at all. if I was designing a shopping website I wouldn’t lose sleep over having a shopping cart expire after a week, assuming I could actually justify that the users would benefit from it.
For the curia.europa.eu cookie banner they present it doesn’t give you the opportunity to reject “technical” cookies, just the analytics and YouTube stuff. That implies that the cookies for language and such is exempt, and the reason for the banner is those other ones. They also set the “clicked the cookie banner”-cookie expiry time to a year, also implying it’s okay to store it for that length of time.
I think that’s because then the weaker “legitimate purpose” standard applies? (“Access to specific website content may still be made conditional on the well-informed acceptance of a cookie or similar device, if it is used for a legitimate purpose.”)