Yesterday, amendments to the EU’s e-Privacy Directive came into force. The e-Privacy Directive was created in the early 2000s to address the issues of privacy and data protection. The amendments, made in 2009, reflect changes in technology. It is the change to the law around web cookies that is most contentious, but now in force as of yesterday morning.
Cookies are web-based pieces of text stored on a web browser that allow for the browser to remember you when you are shopping, reading or doing just about any other kind of surfing online. They help the browser to remember your details, what is in your online shopping basket, or that you are a return reader to ConservativeHome. They are a part of how web sites and web browsers work, to put it simply.
The amendments now in force require that users of any websites consent to tracking before they continue browsing on a particular website. In many ways it is any absurd thing to mandate through law because every time a user needs to read a website up may pop some kind of opt-in box requesting that you tick ‘yes’.
Many complain that this directive is yet another reason why we need to leave the EU. While I don’t disagree, we are in a place today where we need to deal with this and other EU regulations until that happens. The UK Government – including DCMS and the responsible minister, Ed Vaizey – has done a great job in promoting the fact that industry takes the lead on this issue. Companies like Eloqua have introduced new tools to enable opting in or out of cookies easily. However, all web browsers already let you opt-out of web sites setting cookies – it is a function long included in them.
The EU Directive amendment is very unclear in its wording and even less clear when looking at implementation. Opting-out must be enforced, but how is not explained and user information can only be collected when it is clearly stated, but again no guidance has been provided. In light of this, it was reported earlier in the week that the Information Commissioner’s Office, the body charged with enforcing this directive, will give website owners a year to comply and will turn a blind eye to it over the next year.
The UK has made the best out of a bad situation. As it stands right now, though, the UK looks like it will be the only EU member state to comply with this directive or at least give some feedback on it within a governmental context. The fact of the matter is that this directive, in being so prescriptive, is going to impact businesses from Amazon to small retailers. They will have to shift the way they build and manage their websites and this in itself takes time and money away from core business practices – in large companies or small. Maybe we in the UK should have been less compliant?
The UK has more important issues to worry about though. How are we going ensure that rural broadband – fixed, mobile or both – become a reality? Without this issue being solved first through an even more competitive business environment, we won’t have to worry about the EU Directive because residents in rural areas won’t be accessing websites to begin with.