noyb has lodged a number of grievances against websites and data brokers for not properly responding to requests of access that utilized cookies for authentication. Incidents that ran from refusal to grant access to requiring additional, unnecessary information to identify users were reported.
Given the use of tracking cookies to target users with tailored advertisements, cookie data can also be used to help users exercise their protection rights provided by the GDPR. Thus it is evident that people should not be pressured into supplying extra personal details when attempting to verify identity, due to the fact that identification by already collected data is both possible and recommended.
Users attached cookies received from websites to their access requests in order to obtain relevant information, yet faced perfunctory reactions from servers. In light of this, noyb has argued that these perpetrators are guilty of neglecting user rights under both the data minimization principle and recent edpb guidelines on authentication through unique identifiers such as cookies. As a result they have been brought to court.