noyb success: ORF.at must correct misleading cookie banner

May 21, 2026 at 05:00 AM UTC
noyb.eu
Original: EN
noyb success: ORF.at must correct misleading cookie banner

**Austrian Public Broadcaster Ordered to Rectify Misleading Cookie Banner Under GDPR** The Federal Administrative Court (BVwG) has ruled that the Austrian Broadcasting Corporation (ORF) must revise its cookie banner on ORF.at to comply with the General Data Protection Regulation (GDPR). This decision upholds a prior finding by the Austrian Data Protection Authority, mandating that options to accept or reject tracking cookies must be presented with equal prominence to prevent users from inadvertently consenting. The current banner's visually distinct "Accept" button has been identified as a misleading practice, potentially leading to unintended data collection. The ruling stems from a complaint lodged by noyb.eu, which initiated 422 GDPR complaints against websites with non-compliant cookie banners in August 2021. ORF.at, identified as Austria's most visited news website, was among those cited for not offering an immediate option to reject tracking cookies. While ORF subsequently added a "Reject" button, its less conspicuous design compared to the "Accept" option was deemed insufficient by authorities and now by the court. This court decision emphasizes that any implementation of a "Reject" option must be of equal visual weight as the "Accept" button, addressing the use of "dark patterns" to guide user choices. The Federal Administrative Court's reasoning highlights that the unequal prominence violates GDPR principles of transparency and unambiguous consent, meaning ORF has not obtained valid consent for its tracking practices. The implications of this ruling are likely to extend beyond ORF, potentially impacting numerous other websites that employ similar misleading design choices. The court's clear stance that less conspicuous rejection buttons are inadequate sets a significant precedent for how online platforms must present cookie consent choices to ensure genuine user control over their data.

Curated and translated by Europe Digital for our multilingual European audience.

Why this matters for European digital sovereignty

The Austrian court's ruling against ORF.at reinforces GDPR requirements for clear and equally prominent cookie consent options. This decision, stemming from a noyb.eu complaint, addresses the use of "dark patterns" that can mislead users into unintended data collection. It underscores the ongoing enforcement of data protection principles across European digital platforms.

Source Information

Publication: noyb.eu
Published: May 21, 2026 at 05:00 AM UTC
All rights remain with the original publisher.

European Alternatives You Might Like

Pixelfed logo

Pixelfed

Pixelfed is a decentralized, open-source social media platform for sharing images. Users can upload and share photos, follow other users, and interact through likes, comments, and shares. Utilizing the ActivityPub protocol, Pixelfed allows for federation, enabling users to interact with individuals on other compatible platforms. It is designed for photographers and anyone seeking a privacy-focused, community-driven alternative to centralized image-sharing services.

Element (Matrix) logo

Element (Matrix)

Element is a secure, decentralized communication platform built on the Matrix protocol. It allows users to send end-to-end encrypted messages, share files, and participate in group chats. Key features include voice and video calls, bridging with other communication platforms like Slack and Discord, and the ability to host your own server for enhanced privacy and control. Element is suitable for individuals, teams, and organizations seeking secure and private communication, and is particularly beneficial for those who value data sovereignty and open-source solutions.

CryptPad logo

CryptPad

CryptPad is an end-to-end encrypted online office suite offering collaborative document creation and editing. It provides functionalities similar to other office suites, including text documents, spreadsheets, presentations, and code editors, all with a priority on user privacy. Unique features include its zero-knowledge architecture, which prevents the server from accessing user data, and its open-source nature, which allows for independent audits and community contributions. This makes it suitable for individuals and teams seeking secure and private online collaboration, especially those who prioritize data confidentiality.

SoundCloud logo

SoundCloud

SoundCloud is a digital audio distribution platform where users can upload, promote, and share their original music and audio. Key features include music streaming, direct messaging, commenting, and the ability to follow artists and playlists. This platform is primarily used by independent musicians, DJs, and podcasters to share their work, connect with listeners, and build an audience. SoundCloud offers a vast library of user-generated content, providing access to a wide range of music and audio not always available on other streaming services.