Today’s deadline day. Member states of the European Union are all supposed to have plans in place to change their laws so that most kinds of online data collection–including the simple placement of an electronic ‘cookie’–become ‘opt-in’ for consumers. But only two countries–Denmark and Estonia–have solid plans to create such laws. The U.K.’s Information Minister, under pressure from advertisers, has offered businesses in that country a one-year amnesty from the law “to get their house in order.”
Cookies are small text files that are often used to track users’ browsing across websites, and thus target advertising. They’re also used for more mundane purposes such as remembering when a user is logged in to a particular site.
The EU directive that would require users to “opt-in” to accept cookies has proven controversial, with advertisers raising the spectre of consumers faced with an endless stream of opt-ins buttons upon simply loading a website. A single website can have dozens of cookies placed by third-parties including analytics and advertising companies. Under the EU rule, websites would be able to send cookies without an opt-in only when they’re for the direct purpose of a service requested by the user–the best example being a cookie remembering that someone is logged in, or is using a particular “shopping cart.”
In the UK, the government is in discussion with the major browser vendors about how to follow the new directive. UK Information Commissioner Chris Graham made clear in a talk to advertisers today that websites won’t be compelled to confront users with a barrage of windows asking for “opt-in” permission to share cookies. “It would obviously ruin some users’ browsing experience if they needed to negotiate endless pop ups – and I am not saying that businesses have to go down that road,” the Daily Telegraph reported Graham as saying. The better solution would be one based on browser settings, he said. But “necessary changes to the technology aren’t there yet.”
The new cookie rules are an EU directive, which means that each EU member state is supposed to design its own national laws that will comply with the basic outline of the directive. But deadlines for EU directives are routinely missed and some countries take many months or even years to become compliant with these directives.
So far, these cookie guidelines appear to be getting a very chilly reception in Europe. Only two nations have stated their intention to fully comply, while three others–France, Slovenia, and Luxembourg–have told the EU they will do a partial implementation of the rules, according to The Register, a UK tech publication.