Here comes the EU Cookie Monster

Next Wednesday is the day which sees the revised “EU e-Privacy Directive” come into law, and in theory, that should affect your website and everyone else’s. Like so much of the legal nonsense which pervades our lives, mainly because we allow self-interested lawyers to worm their way into positions of political power, it’s unnecessary and pretty much nonsensical. But it’s here, and we’re just going to have to live with it.

So what will it mean to us all, as website operators? The legislation has come about because some people have worries that websites are recording data about what we do and passing this on to other sites. A reasonable concern, to some people at least. We should have the right to opt out of such data being held about us and being transferable. But the legal solution is absurd. Data about what we do on the web is stored as “cookies” and it’s now a requirement that you must ask visitors for permission to use cookies, and explain what they’re being used for.

Here’s what the result would be.

Now, there are browsers which have strict privacy features built in by default. If people – particularly corporations – were concerned about this sort of thing, we’d have long ago switched to these. We haven’t. This stupidity, if it were enforced (and there doesn’t seem to be any way it can be) will kill the European internet industry dead. The most paranoid country of all when it comes to online privacy, Germany, already has legislation in place which effectively outlaws websites based there from running Google Analytics, but I just looked at 20 German sites, and 18 of them had Google Analytics running. Just like German website owners, who are taking a wait-and-see attitude, it’s likely that the rest of Europe will just carry on as usual and assume the new directive will be ignored. Bad law usually goes away, but there may be casualties along the way as lawyers help themselves. I think the advice here in this excellent summary is a good place to start. If you want to take a proactive approach, it suggests “to have a clear flag/button on your homepage about the EU Directive (e.g. a tab on the top left that expands on user click), that lists the site’s cookie usage. If you clearly state that ‘We are working hard right now to comply with the EU directive etc’, then you are following Government guidelines.”

And I thought 25 May would be important to most people because it was my birthday.

Discussion

  1. Iain Thornton

    A press release from the ICO talks about the importance of this new legislation “not having a detrimental effect on UK businesses” but if we are forced to have a stupid pop-up asking for permission when websites from other regions do not then how can it not be detrimental?

    Does anyone out there plan to comply if specific permission is required for each site rather than a more general browser based approach is adopted.

  2. Fred Paul

    I will not comply for two reason: My business is Canada and USA and says as much on the home page, and secondly, I don’t use cookies. I still get junk mail even stating I had opted in via a third party. Really.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>