Abanca Corporación Bancaria was found to be using unnecessary cookies on its website without obtaining prior consent from users, leading to a fine by the Spanish Data Protection Agency (AEPD).
Abanca was fined €5,000 by the AEPD, which was later reduced to €3,000 as a result of the company acknowledging its responsibility and making an early payment. The AEPD also ordered Abanca to implement necessary modifications to their websites to ensure that cookies are not used without obtaining the user's consent.
D.A.A.A. (complainant) and Abanca Corporacion Bancaria, S.A.
Related deceptive patterns
Forced action involves a provider offering users something they want - but requiring them to do something in return. It may be combined with other deceptive patterns like sneaking (so users don't notice it happening) or trick wording (to make the action seem more desirable than it is). Sometimes an optional action is presented as a forced action, through the use of visual interference or trick wording. In cookie consent interfaces, forced action is sometimes carried out through "bundled consent". This involves combining multiple agreements into a single action, and making it hard or impossible for a user to selectively grant consent.
Sneaking involves intentionally withholding or obscuring information that is relevant to the user (e.g. additional costs or unwanted consequences), often in order to manipulate them into taking an action they would not otherwise choose.
Requires informed consent for the use of data storage and retrieval devices, unless they are strictly necessary for service provision, and mandates clear information provision for such use.