IIJ Cookie Consent Management Platform Implementation Support

About the Service Overview

Regulations requiring the provision of information to users and the acquisition of their consent (or the provision of opt-out opportunities) for cookies* and SDKs used in websites and mobile applications operated by companies (hereinafter, cookie regulations) are being strengthened in countries around the world.

In particular, data protection Supervisory Authorities in the UK, Germany, and France have successively declared that they are strengthening their enforcement of cookie regulations.

Furthermore, the California Consumer Privacy Act (CCPA), enacted on January 1, 2020, and subsequently amended on January 1, 2023, imposes an obligation to provide consumers with the opportunity to opt out of cross-site behavioral targeting advertising, which is often done through the use of cookies. Compliance with this requirement is facilitated through the use of cookie consent management tools.

In addition, under Japan's Act on the Protection of Personal Information, information collected through cookies is defined as personally identifiable information, and obtaining consent from the individual is generally required when it is anticipated that personally identifiable information will be acquired as personal data by the recipient. Moreover, under the External Transmission Regulations newly established in the amended Telecommunications Business Act that went into effect on June 16, 2023, regardless of whether or not a company is engaged in a telecommunications business that requires registration or notification, when user information is externally transmitted through cookies or SDKs by websites and mobile applications that provide intermediary services for communication of others or "places" that connect unspecified users in response to the demand of others, or online information provision services and the like, that entity is now required to either provide information, obtain consent, or provide opt-out opportunities. However, even in cases where such legal obligations do not apply, companies are increasingly proactive in disclosing information and functions that allow individuals to refuse cookies at any time from the perspective of improving corporate transparency. The name of the service is "IIJ Implementation Assistance of Cookie Banner Platform for Consent Management", but consent is not necessarily required. There may also be cases where you do not want to display banners from the perspective of UX. We will assess the specific situation of individual corporate websites and, depending on the situation, provide advice on whether or not banners should be displayed, whether or not consent should be obtained, appropriate implementation of functions that provide opportunities for user involvement, revisions to cookie policies, designs that do not constitute dark patterns, and UX.

IIJ offers sales, implementation, and support for cookie tools with a proven track record worldwide that includes OneTrust.

* The term "cookies" is used here as a convenient term encompassing all technologies that perform reading/writing from/to devices, including other tracking technologies used on websites and mobile applications.