Latvia: Latvian Data Protection Authority closes investigation into e-commerce use of cookies

On 18 January 2022, the Data State Inspectorate of Latvia closed its investigation into cookie usage. The preventative investigation started in 2021 and scrutinised the usage of cookies on 29 websites (belonging to 26 online merchants). Compliance with the conditions for the use of cookies on the website was verified, including the use of marketing, statistical and analytical cookies, and compliance with the General Data Protection Regulation and the Information Society Services Act, which regulates the use of cookies on websites. The investigation discovered that 9 out of 29 websites met the criterion, 18 websites only partially met the need, and two websites did not have a cookie policy. Mmost infractions were connected to inappropriate consent from website users. The DSI has set different deadlines for compliance. Three large e-commerce providers were found in significant violation of the regulatory framework on the use of cookies and given the deadline on 11 April 2022. 23 e-commerce providers were found in violation of the regulatory framework on the use of cookies and given the deadline on 12 August 2022. The DSI noted that if the providers do not remedy the infractions within the specified timeframe, the DSI would use further GDPR powers.