Have you ever had a €30K cookie? Cookie banners appear on almost every website we visit, intended to allow us to control the cookies dropped on our device. Most of us ignore them, and even if we do notice them, many of them do not allow us to effectively opt-out of cookies being saved on our browser.

This leaves us with two options – reconsider entering the site or reluctantly agree and click ‘’Accept all’’, knowingly consenting to the dropping of multiple cookies on our browser. It happens to me a lot, and annoys me every time.

Yesterday, the Spanish data protection authority fined Twitter with €30,000 for violating cookies regulation. The AEPD held that Twitter’s cookie banner did not provide any link within the banner to reject the use of cookies or redirect the user to a second layer of the cookie banner presenting cookie configuration options. Furthermore, the AEPD stated that cookies, including ad cookies, should not be placed on end user devices automatically when a user accesses the site.

Therefore, the AEPD has fined Twitter and required it to take appropriate remediation measures.

While €30,000 may seem like “pocket money” for Twitter or any other well established tech company, it is a good note for us data protection activists.