Government Proves Cookie Law Is Cuckoo

The cookie law is looming. No doubt, if you’re a business owner or a web developer with a website not currently in compliance, you are quaking in your boots about the deadline on 26 May. That £500,000 maximum penalty is haunting your every thought as you curl up in bed, pillow over your head.

In the middle of the night, in a delirious state, half-asleep, still dreaming, you scream, “I’m sorry, Christopher Graham, I’m sorry, OK? I’m sorry! Please don’t hurt me Christopher Graham, I didn’t mean it, I’ll ask people if they’re OK with my cookies! Oh no, not the light slap on the wrist, Christopher Graham, not again, anything but that!” But the ghostly figure of Christopher Graham just goes ahead and slaps, or perhaps just taps or even strokes you on the wrist, before telling you you’ve been a naughty boy. “You might get fined next time,” he whispers eerily, before vampirically dissolving into the darkness of your bedroom.

Dream on…

This scenario is a very unlikely one for many reasons. Firstly, it’s unlikely your nightmares feature a spectral information commissioner coming at you like a wet flannel. You were probably wondering who or what Christopher Graham was (that’s him over there on the left, sort of). But the main reason you are not perspiring at the thought of the cookie law deadline is because no one gives a monkey’s about it. Not even the government.

Both public and private organisations aren’t going to be ready. That’s what the Cabinet Office has said. “As in the private sector, where it is estimated that very few websites will be compliant by the 26th May, so it is true of the government estate,” a Cabinet Office spokesman told the BBC. “The majority of department websites will not be compliant with the legislation by that date.” KPMG figures recently showed 95 percent of companies were not in line with the law. To put it lightly, business and government are ambivalent about the new rules.

The only reality from the dream fiction recounted above is the ICO’s light-touch approach. If you’re not compliant and someone complains, all you have to do is prove that you’re making an effort to offer consent. Given the vagueness of the rules, that could be as simple as saying, “I’m sorry Christopher Graham. I’ll do better. Please stop stroking my wrist.”

C is for Cookie, S is for Stupid

As for the general public – the demographic these rules supposedly benefit – they’re about as clued up as you would expect.  Three quarters of online consumers have not heard of the new EU cookie directive, according to an eDigitalResearch and IMRG. Of those who had heard of the laws, only 16 percent were aware of what the changes actually amounted to. And why should they care? Why would they want more pop-ups to disrupt their web experience, just when web surfing was all starting to be such fun?

When rules were officially brought into UK law last year, demanding consent from users for cookies, it seemed like a positive moment for privacy. Over the last 12 months, my initial welcome has transmogrified into an ugly anger. Just as with the overly prescriptive EU proposals on data protection – asking for companies to confess to data breaches in just 24 hours, amongst other crazy demands – the cookie laws will benefit a select group of people: the bureaucrats. That includes the lawyers who will get to earn a buck or two when some curmudgeonly web user decides to complain, as well as the regulator, which will jump at any chance to seem relevant.

That’s not to say cookies can’t be nasty things. If people are being tracked and they don’t like it, that’s bad. But all they have to do is change their browser settings. Better education from browser makers, not webmasters, can sort this problem out. Designers should be spending their time making the experience on their websites a delight. They should not be burdened by needless rubbish like consent for cookies.

The cookie laws are nothing short of moronic. If we can’t repeal them any time soon, let’s just pretend they don’t exist. It seems almost everyone is doing so already. Did I mention the EU directive is moronic?

Are you a web browser expert? Try our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago