From the guest article by lawyer Martin Steiger, Steiger Legal AG, for the cyon blog of 21 August 2024. The link to the full article can be found at www.cyon.ch/blog.
If cookies are used directly or indirectly, website visitors from the EU must be bothered with a cookie banner according to the current legal situation. For visitors from the Principality of Liechtenstein and even more so from Switzerland, a cookie banner can – legally speaking – almost always be dispensed with. Irrespective of obligations under European law, website operators must still comply with any contractual obligations. The best-known example is the EU User Consent Policy from Google.
In any case, there is a lot of room for manoeuvre when it comes to implementation. This is shown by the many cookie banners that do not work or obviously do not comply with the legal requirements.
From a Swiss perspective, it may make sense to differentiate between website visitors from different countries. Anyone whose IP address is from Switzerland or possibly also from the Principality of Liechtenstein will not see a cookie banner. All other visitors, especially those from the EU, will see a cookie banner. Many cookie banner solutions, including plugins, can differentiate based on the origin of website visitors.
How you implement any cookie banners is a question of your own willingness to take risks. If you do without a cookie banner, you won’t annoy users, which is an important consideration, especially in e-commerce.
Without a cookie banner, website operators are at best better off than with a “fake cookie banner”. At the same time, it is often difficult to explain why a cookie banner is not required, even if one is not actually necessary. The risk of sanctions and proceedings by European supervisory authorities and warnings from German data protection activists is low. A warning or a fine would be unpleasant, but not the end of the world for many responsible parties in Switzerland.
