I found the European CoJ (I think that's the English acronym...) case
I'm not really seeing any statements about when consent is required, rather about how it may be given required. In addressing question 1(b) they even specifically mention the need to protect users from hidden identifiers. I would argue a shopping cart is, at least, not the intended target here.
Nevertheless, you have convinced me that it is a good precaution to ask for permission for any and all persistent retrievable data, particularly in light of the wording of directive 2002/58.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I found the European CoJ (I think that's the English acronym...) case
I'm not really seeing any statements about when consent is required, rather about how it may be given required. In addressing question 1(b) they even specifically mention the need to protect users from hidden identifiers. I would argue a shopping cart is, at least, not the intended target here.
Nevertheless, you have convinced me that it is a good precaution to ask for permission for any and all persistent retrievable data, particularly in light of the wording of directive 2002/58.