The Data Protection Commission (“DPC”) issued a guidance note in April 2020 on its expectations regarding the use of cookies on websites and mobile apps. The guidance was published in response to shortcomings identified by the DPC regarding the use of cookies across a range of different industry sectors, including the financial services sector. A key focus of the guidance is the issue of user consent and how it should be obtained in practice. 

The DPC allowed a period of six months from publication of the guidance (i.e. 6 October 2020) for organisations to bring their practices into compliance, after which enforcement action would commence.  With this deadline fast approaching and given that compliance can easily be verified by the DPC, organisations should take action now to ensure that they are fully in compliance with the guidance in advance of 6 October 2020.