- Cologne Regional Court ruled on October 29, 2020 that cookies without active consent constitute a violation.
- The General Data Protection Regulation (GDPR) is not applicable here, pursuant to Art. 95 in relation to Directive 2002/58/EC.
- Consent is not necessary if cookies are only required for technical purposes.
- Cookies may be set to ensure the transmission of messages in an electronic communications network.
- Important for service providers: Consent is not required if there is a user-specific service request.
- Legal force of the decision is unclear; website operators should consider using a cookie blocker tool.
In a decision dated October 29, 2020, the Regional Court of Cologne made an interesting decision on the subject of cookies
1. the setting of cookies without first obtaining the active consent of the users concerned constitutes a violation of §§ 12 I, 15 III TMG.
2. the provisions of the General Data Protection Regulation are not applicable here. The GDPR claims according to. Art. 95 does not take precedence over Directive 2002/58/EC and therefore allows the continued application of Sections 12, 15 TMG.
3. taking into account Art. 5 III Directive 2002/58/EC, Section 15 I, III TMG is to be interpreted to the effect that consent is not required for the setting of cookies in the case of purely technical storage or if the sole purpose is to carry out the transmission of a message in an electronic communications network or if this is absolutely necessary so that the provider of an information society service that has been expressly requested by the subscriber or user can provide this service, for example in the case of a requested cookie.
Unfortunately, I have not yet been able to find out whether the resolution has become legally binding. However, every website owner should look into a cookie blocker tool!