EU Cookies Privacy Law Confusion Continues

Although this article applies to European websites, it should be of interest to any global web users who might visit a website based in the EU. Back in April I reported on a new EU privacy law that could gift a competitive advantage to websites based in the US and the rest of the world.

The Privacy and Electronic Communications (EC Directive) Regulations duly became law on 25th May 2011 and European countries were forced to enshrine it in their own laws.The most significant change is to the use of cookies (small text files that websites put on a user’s computer to store information such as user preferences). Cookies are also used by most forms of online advertising.

Organizations running EU websites will need to obtain the user’s permission before a cookie can be used. The Regulations also apply to any cookies set on mobile devices (e.g. phones, tablets) or internet enabled televisions and games consoles – good luck with that…

As I said in April, the EU are too stupid to predict the possible consequences of this law – websites may decide not to offer a genuine choice because, if visitors choose not to accept cookies, the website will just block them from viewing the site – until they do accept…

How likely is that approach? In my opinion, very likely considering that few websites could survive without revenue from advertising (and cookies are a fundamental part of adverts, as well as statistical analysis) – it stands to reason that many website owners are not going to let users in unless they accept cookies first – and this approach would be in line with the rest of the world who don’t allow users to opt out of cookies before they use the site.

Of course this approach would not give visitors an informed choice because they would have no real option but to accept cookies if they want to use the site. Websites would still be complying with the letter of EU law but users would not benefit and everyone would soon learn to just click ‘OK’ to accept cookies on every site.

However, this extra step would still delay browsing unnecessarily and could annoy non-EU visitors who were unused to the concept, driving them into the welcoming arms of websites outside the EU – who don’t have to jump through this extra legal hoop.

Are EU Websites Following The Law?

Different countries have their own policy on these regulations. The UK provided website owners with a 12 month grace period to implement changes – perhaps hoping that the whole policy would be reversed… However, new guidance from the UK Information Commissioner’s Office (ICO) confirms that the law stands and enforcement will begin on 25th May 2012.

However, British Minister Ed Vaizey said (in an open letter to businesses in May) that companies should not be forced to obtain consent before using cookies. So the UK is left in the bizarre situation where a government minister gives advice that conflicts with that of his own government’s Information Commissioner…

When there is this much disagreement at the heart of government about a new law, it is a sure sign that it’s a really bad one.

I have yet to hear of any major UK websites implementing the guidelines – even the ICO’s website appears to flout its own rules by setting a session cookie before you have a chance to opt out. Their disclaimer “one of the cookies we use is essential for parts of the site to operate and has already been set” seems a poor excuse to me…

1 Response to: "EU Cookies Privacy Law Confusion Continues"

  1. Joe 90 says:

    typical EU crackpots, couldn’t organise a p*ss up in a brewery! Why on earth do we let people with zero tech knowledge pass laws like this, the rest of the world must be rofl