The EU “Cookie Law”

Nearly every commercialised website you visit on the web is selling information about your visit to data marketing companies. Anyone with enough cash can buy this information: seeing the websites you visit, building a profile of your habits, lifestyle and politics. Both the EU and US are making moves to legislate around this issue and its impact on their citizen’s privacy, but it’s laughably disconnected.

EU Cookie Law

In May 2011, the EU passed their cookie law (e-Privacy Directive). This mandates that anyone running a website should warn users if they are using cookies for ‘non-essential’ purposes, or potentially face a fine up to £500k. This has led to most large sites now displaying “We’re using cookies, do you consent (Y/N)?” warnings all over their carefully crafted interfaces.

If you’re in any doubt as to how many businesses are tracking your journey around the web, I recommend installing the Collusion add-on for either Chrome (from the Chrome Web Store) or Firefox (from Mozilla).

Collusion in action.

Collusion graph after just 3 websites.

Collusion shows you which organisations are tracking your visit to a website and recording which pages you visit there. You’ll be amazed at the network of agencies that are monitoring your activity after just a few minutes browsing.

What’s ridiculous about this is that cookies are a fundamental engineering mechanism for websites. They are used to confirm that a user’s logged in, what their display preferences are, which page they were last on and much more. They are generally a good and useful thing, a bit like the wheel, or the lever.

The problem with the Cookie Law is that it addresses the mechanism of cookies, not their application. Also, there are many instances in our daily lives where data about us is stored, tracked and mined but which do not come with an equivalent warning – card payments, number plate recognition cameras and every phone call you make.

Maybe other media should have their Cookie Law equivalents?

Maybe other media should have their Cookie Law equivalents?

As well as being an essential mechanism for websites, cookies are used by data marketing outfits to profile you as you browse the web. The EU thinks these people are evil, invade your privacy and that you need to be protected from them. However, cookies are just one of many techniques these agencies use. Research proves that all the other data you inadvertently supply when you use the web provides far more data than cookies do.

Today’s reality

The EU’s definition of ‘non-essential’ cookies hasn’t been tested in court yet and you can bet that once that process starts, the ‘evil masterminds’ in the data marketing business will find alternative ways of supplementing their record of your online habits. Here in the UK, the Information Commissioner’s Office (ICO) are sounding a pragmatic tone and have yet to take any action against non-compliant websites. The impact of this law in massive, it affects the overwhelming majority of websites in the EU and does very little to improve anyone’s privacy. Here at Everthere towers, we’re waiting until the fog clears and the Whitehouse’s “Do Not Track” initiative gets going before we start pro-actively advising clients on the right approach – it’s just too early. What’s “Do Not Track”…? Well, that’s another story…

Leave a Reply




Similar Articles

GDPR legislation – The Right to be Forgotten

In March 2014 the European Parliament passed the General Data Protection Regulation (GDPR). This places an obligations on companies anywhere in the world that store and process data held on EU citizens.

When ecommerce product recommendations go horribly, horribly wrong

A cautionary tale for etailers and customers alike...