If you read the case about IAB Europe, you will see that the handling of cookies is a central part of the decision and the requirement for correction. The pressure on cookies is increasing and here in Norway we are now among the "worst" when it comes to accepting and using cookies. This is because we, strangely enough, still accept browser consents. The Norwegian Data Protection Authority has therefore sent a letter to the Ministry of Local Government and Regional Development to streamline Norwegian cookie rules with those that apply in the EU.
Regardless of this it is our strong recommendation that companies with activities in several countries not wait for the Ministry's response but should comply with EU rule as it simplifies internal administration. A similar situation has been criticized by the Danish Data Protection Authority in a new critique of the magazine "Den Blaa Avis":
The Danish Data Protection Authority assesses that the various types of processsing, which a visitor accepted by clicking "Accept", constituted several different processing purposes, including marketing, collection of information in order to improve and personalize the user experience on the website and disclosure of information to third party companies such that these third parties could process the information. The purposes were therefore not divided and precisely stated.
Furthermore, the third party companies were not specifically identified, nor was there a link or drop-down menu in close connection with the purpose for which the information was passed on.