What was all that fuss about the EU Cookie law? Remember the outcry from businesses and retailers who claimed it’d cripple their essential online operations? Remember the apocalyptic claims that it’d completely incapacitate major websites – developed over many years – with the click of a single button?
And after all the fuss – what happened? Well, the answer is – not much from a user point of view. Most people will have noticed that when they visited the websites of some major companies, media outlets, or retailers, they found a small box waiting for them at the top of the interface. This box explained in a couple of sentences that the website needs tracking cookies enabled to function properly and that you had two options – continue to accept them or click to find out more about fiddling with your preferences to disable them.
Most people obviously chose the simpler option – continue accepting cookies – and continued their browsing after only the slightest of delay. Many probably didn’t even fully read the info (the kind of people who will click anywhere just to get an error message to go away – you know who you are…). Maybe a small number of users, who had followed the story and were expecting the changes, chose to be redirected to their preferences and amended them to block tracking cookies.
My personal experience basically involved encountering this choice only on two of the websites I regularly visit – the BBC homepage and Channel 4′s site, out of about 30 sites that I tried (including major retailers like Amazon). So, if you’re wondering what all the fuss was about when the consequences of the passing of the law seem so meek, there are basically two reasons why the ‘end of the world scenario’ failed to materialise. In order of importance they are:
1. The EU directive was actually significantly watered down at the last minute (48 hours before passing) by the UK Information commissioner to allow for the principle of ‘implied consent’ (which had previously been discussed and rejected). This is why you don’t have an ‘allow cookies’ and ‘block cookies’ choice – but instead one between ‘allow cookies’ and ‘find out more/see preferences’.
In other words you don’t get a choice in which both options are equally easy to pursue but one in which blocking the cookies requires more effort than continuing to allow them. This is basically half-way in between making the cookies an ‘opt out’ issue (i.e. what has been the case until now) and the equal choice that the EU directive proposed (and which retailers feared).
2. Secondly, and more importantly, according to KPMG estimates, around 95% of websites falling under the jurisdiction of the law have yet to comply with it, potentially risking financial ruin by courting fines that could be as high as 500,000 GBP for continued failure to comply.
So, the reason why the passing of the EU law seems to have been a bit of a damp squib is that hardly anyone is complying with it for the moment – and even those that do are doing so in a way that complies with a much watered down version of the directive (which is pretty inconsequential in its impact). As the Guardian tech piece on the issue points out – the potential shake-up, the prospect of which caused such a fuss initially, will only come if the UK’s watered down version of the directive is challenged and consequently amended to deny the ‘implied consent’ which allows sites to continue to retain a very high percentage of users with tracking cookie settings enabled.
If the choice presented to users were instead simply ‘allow’ or ‘deny’ – presumably many more would choose ‘deny’ (who voluntarily wants to be tracked?). Admittedly some of these people would then reverse their decision if they found subsequent experience of a site to be unsatisfactory – but the overall disruption to systems and practices of online retailing and web development would be significant, and it is not yet quite clear what a solution (that retained business at current levels) would look like afterwards.