Since the warning from the Information Commissioner this week that websites in the UK need to ‘wake up’ to new EU legislation on accessing information on user’s computers, many questions have been raised, but when they will be answered remains unclear.
Under the new legislation, which will come into force in May this year in an amendment to the EU’s Privacy and Electronic Communications Directive, websites will be required to obtain consent from visitors in order to store on and retrieve usage information from their computers such as cookies, which enable sites to remember users’ preferences.
The Internet Advertising Bureau responded to Christopher Graham’s announcement with its concerns, saying the new rules are “potentially detrimental to consumers, business and the UK digital economy”. The big question is how the EU directive will be interpreted into UK law – the implementation of which is down to the Department of Culture, Media and Sport.
According to Outlaw.com, the news site for law firm Pinsent Masons, the DCMS is working on a browser-based solution “to find a way to enhance browser settings so that they can obtain the necessary consent to meet the Directive’s standards”. But Rosemary Jay, a partner at Pinsent Masons and head of information law practice, told Journalism.co.uk this would only work for new downloads of browsers.
One of the things about browser settings, being talked about by the government, is even if you amend browsers it will only do it for new browsers and lots of people that are running browsers that are 10 years old, browsers that are really small. If you do it by re-designing browsers so they can very easily and quickly offer you cookie choices it’s only going to apply when people buy or download a new browser. There are a lot of questions around that. Equally if you say you’ve got to have a pop-up on the front page, or an icon, there are so many cookies that people get all the time for all kinds of peripheral things. Just in a behavioural advertising scenario you could get four cookies dropped during the course of someone delivering just a little bit of video.
Meanwhile TechCrunch’s Mike Butcher raises his concerns about the impact of the rules on EU start-ups.
So, imagine a world where, after 25 May when the law kicks in, your startup has to explicitly make pop-up windows and dialogue boxes appear asking for a user’s permission to gather their data. If enforced his law will kill off the European startup industry stone dead, handing the entire sector to other markets and companies, and largely those in the US.
But while debate rages on about how this law will be implemented in the UK and ultimately therefore the likely implications for users and websites, the BBC’s Rory Cellan Jones calls for some calm while the details are ironed out.
It may, however, be time for everyone to calm down about cookies. EU governments still have not worked out just how the directive will be implemented in domestic law, and what form “consent” to cookies will have to take. In the UK, the internet advertising industry appears confident that reminding people that their browser settings allow them to block cookies will be enough, while the Information Commissioner’s Office seems to think that they will need to do more.
My suspicion is that consumers will actually notice very little after 25 May, and the definition of consent will be pretty vague. But at least the publicity now being given to this “cookie madness” may alert a few more people to the ways in which their web behaviour is tracked. Then we will find out just how many people really care about their online privacy.
Tags: Christopher Graham, cookies, Information Commissioner, privacy, TechCrunch
- ICO receives cookies complaints less than two weeks after new EU law introduced
- Ministers confirm UK adoption of cookie rules
- ‘Like’ and ‘tweet’ buttons – what news sites need to know about dropped cookies
- Malcolm Coles: Four sites already implementing cookie law
- paidContent:UK: Browser extension for beating the paywall