Cookie paywalls allow visitors of a website to access its content only after they make a choice between paying a fee or accept tracking. European Data Protection Authorities (DPAs) recently issued guidelines and decisions on paywalls lawfulness, but it is yet unknown whether websites comply with them. We study in this paper the prevalence of cookie paywalls on the top one million websites using an automatic crawler. We identify 431 cookie paywalls, all using the Transparency and Consent Framework (TCF). We then analyse the data these paywalls communicate through the TCF, and in particular, the legal grounds and the purposes used to collect personal data. We observe that cookie paywalls extensively rely on legitimate interest legal basis systematically conflated with consent. We also observe a lack of correlation between the presence of paywalls and legal decisions or guidelines by DPAs.
翻译:暂无翻译