Who Wants A Cookie

The build up to the EU cookie law was all a bit of a farce. Enterprise IT managers running around departments, compiling internal audit documents, agile web developers creating nifty jQuery plugins to drop into sites, and DNS providers offering services to crowdsource cookie information.

But in the end, everyone finally came to their senses and realized it was one of the most stupid ideas since netbooks.

What Was It?

Originally, the cookie law said that any website services EU visitors needed to eplicitly ask permission before any essential cookies could be set. “Essential” was the key part here, and probably the area where webmasters managed to wiggle around and eventually get the rules changed.

But originally, this law would have killed the user experience online. It was made by a bunch of idiots who had clearly never used a website in the last 10 years.

What Was The Reaction?

Naturally, the reaction was an uproar, intermixed with laughter.

Firstly, the law would have made websites unusable, and even scare away most users. The internet is built on usability conventions and expectations, and the majority of internet browsers panic when they see something new. Seeing this popup or info box blaring about something called “cookies”, a thing that most anti-virus programs have successfully ring fenced in the same category as Malware, Spyware, Not-Good-For-Your-PC-ware, would terrify the average user. Do people really know that cookies are required to login to a website? Do they know that cookies help to make sure the advertisements they see (which they are definitely going to see as long as the website owner needs to pay hosting bills) stay relevant? Does the average user know that cookies allow Youtube to personalize your browsing experience?

Of course they dont. They think cookies are for adult websites and websites that want to sell you fake anti-virus software.

Secondly, the law would have killed the social sphere as we know it. Facebook and Twitter is amazing not for the interactions that take place on facebook.com or twitter.com, but for the social use of these platforms offsite. Like buttons and tweet buttons would have been illegal with this new law. They would have killed the social internet – how can we be social if websites aren’t allow to see who is who?

Links to a few reactions:

Watered-down UK Cookie Law Comes Into Effect: Nobody Notices

Dear ICO: This is why web developers hate you

No Cookie Law Campaign

What Is It Now?

So of course, the government backed down. Almost completely. And no one cares anymore.

Now, all you really need to be aware of, is that you have a solid privacy policy, and that policy details the cookies that are set. This is because you can now assume that by visiting your website, they have “implied” consent. And damn right too. It’s your website, its private property. If someone visits your website, they’re on your land. As long as you’re doing nothing shady, and your behaving ethically and with common sense, then why should you have to ask permission to track which country that visitor is from, whether or not they’re more likely to buy shoes or laptops, or whether they’re on a Mac or a PC?

Tracking cookies help to personalize your internet experience. Session cookies allow your frequent websites to work efficiently around you. If you don’t like that, don’t use the internet, no one is forcing you to.

The ICO’s guidance is constantly changing and been rewritten, because they don’t have a clue what they’re doing. If you really want to please management though, you may want to print out this PDF of theirs and run it past legal.

Still Panicking or Getting Pressure From Management To Implement Compliance?

At Fruitbowl we’re offering a completely free Cookie Consultation over the next few weeks. If anyone is worried about their compliance, give us a call and we’re happy to advise next steps, and guide you through the resources available from the UK Government.