In December 2019, noyb had filed complaints against three providers of French websites, because they had implemented cookie banners that turned a clear “NO” into “fake consent”. Even if a user went through the trouble of rejecting countless cookies on the eCommerce page CDiscount, the movie guide Allocine .fr and the fashion magazine Vanity Fair, these websites sent digital signals to tracking companies claiming that users had agreed to being tracked online. CDiscount sent “fake consent” signals to 431 tracking companies per user, Allocine to 565, and Vanity Fair to 375, an analysis of the data flows had shown.
CNIL sanctions Conde Nast. Today, almost six (!) years after these complaints had originally been filed, the French data protection authority CNIL has finally reached a decision in the case against Vanity Fair: Conde Nast, the publisher behind Vanity Fair, has failed to obtain user consent before placing cookies. In addition, the company failed to sufficiently inform its users about the purpose of supposedly “necessary” cookies. Thirdly, the implemented mechanisms for refusing and withdrawing consent was ineffective. Conde Nast must therefore pay a fine of €750.000.