Show all guides
Europe
GDPR

Dutch DPA warns companies over dark patterns in consent banners

Last update:
Dec 18, 2025

The Dutch Data Protection Authority (AP) issued a public warning to companies using deceptive cookie banners and consent interfaces, stating that nudging users toward “accept all” choices violates GDPR requirements for freely given consent. The authority signaled that enforcement actions will follow in 2026 if practices do not change.

The full guidelines can be found
here

Related Guides

23andMe fined £2.3M by UK ICO for 2023 credential-stuffing breach

June 5, 2025

The UK ICO fined 23andMe £2.3M after a 2023 cyberattack exposed genetic data of 150K users. The regulator found insufficient safeguards for highly sensitive data, reinforcing strict UK GDPR security obligations.
Europe
GDPR

Netflix fined €4.75 million in the Netherlands

December 12, 2024

The Dutch DPA fined Netflix €4.75 million for failing to provide users with transparent privacy disclosures and mishandling access requests between 2018 and 2020.
Europe
GDPR
The information provided on this website does not, and is not intended to, constitute legal advice; instead, all information, content, and materials available on this site are for general informational purposes only