cnil-compliant-cookies

Installation
SKILL.md

Implementing CNIL-Compliant Cookies

Overview

The French Commission Nationale de l'Informatique et des Libertés (CNIL) has been the most aggressive European enforcer of cookie consent rules. In January 2022, CNIL issued a EUR 150 million fine to Google LLC and a EUR 60 million fine to Meta Platforms Ireland Ltd. for cookie consent violations. These enforcement actions, combined with CNIL Deliberation No. 2020-091 (September 17, 2020), establish the most detailed cookie consent standards in Europe.

CNIL Cookie Consent Requirements

1. Equal Prominence of Accept and Reject (CNIL Deliberation 2020-091, Section 2.1)

Requirement: Users must be able to refuse cookies as easily as accepting them. The "Refuse All" option must be presented with the same visual prominence as the "Accept All" option.

Specific CNIL Requirements:

  • "Accept All" and "Refuse All" buttons must be on the same hierarchical level (same layer of the interface)
  • Both buttons must have comparable visual treatment (size, color, font, position)
  • Neither button may be visually promoted or demoted relative to the other
  • A "Manage Preferences" option may be offered as a third option but must not replace "Refuse All"
Installs
7
GitHub Stars
187
First Seen
Jun 9, 2026
cnil-compliant-cookies — mukul975/privacy-data-protection-skills