Is the cookie law dead?

by News

Is the cookie law dead? At least one company is willing to call it already.

A month after the law came into effect in the UK, software company Silktide conducted research into how websites were coping.

They found 95% of UK websites have made no attempt whatsoever to comply. Possibly worse, 76% of the websites that tried to comply were simply adding a cookie policy and linking to that on every page. Those websites still set cookies, still track users, and don’t give any more control over their privacy except for explaining how to disable cookies in a browser.

In their video “The Cookie Law – 28 Days Later”, Silktide announced their findings, mocked the ICO’s complaints process and declared the law effectively dead:

We spoke to the creator of this video Oliver Emberton, who elaborated: “Most people have been waiting to see how the law panned out. We now know most sites – including big players like Amazon and DirectGov – are just adding a basic cookie policy. That does diddly-squat for their user’s privacy, but based on the ICO’s nonchalant response so far it looks like it’s enough to claim you’re working towards compliance.”

“Although the ICO announced it has received ‘hundreds’ of complaints, given the volume of UK websites that number is exceedingly small. Given the majority of normal people don’t even know about the law or how to raise a complaint, we’d say the chances of a small/medium business website being picked on for inspection are practically zero.”

“Unless the ICO decides to make a serious example of a big website soon, we expect this law will soon be ignored, and eventually forgotten. And frankly: good bloody riddance”.

What do you think of the controversial cookie law? Are you still implementing solutions or have you given up trying to comply? Let us know your thoughts below.

You may also like:
The EU Cookie Law →
No to the Cookie Law →
The ICO Amends the EU Cookie Law to Allow ‘Implied Consent’ →
  • http://twitter.com/idea15webdesign Heather Burns

    I’ve called it as well, but for different reasons:

    a) the eventual redefinition of the law itself in a few years
    b) its incompatibility with the surrealist absurdity of the Communications Data Bill
    c) the fact that the law is failing in that it is not making people reflect upon their individual privacy choices – not, at least on a legacy technology from the 1990s in the era of social media oversharing.

    I discussed it here

    http://idea15.wordpress.com/2012/07/14/the-eu-cookie-law-and-wordpress-where-we-are-and-where-were-going/

  • http://www.derby-webdesign.co.uk/ Kevin

    I hope so, it’s such a ridiculous, not very well thought through EU law. I hope Silktide make a difference.

  • Oliver

    There are alternative analytics systems other than GA that can give cookie-free and anonymous analytics data. http://www.evisitanalyst.com/eva8

    The ‘Cookies’ law could be a good thing considering that analytics companies are now looking to create systems that respect privacy rather than invade it. Surely that can only be a positive?

  • primalmedia21

    Having spent quite some time getting many of the available scripts to work I have to admit I am pulling my hair out. I suspect that those who have attempted to do this are in fact either waiting for more clarification, waiting to see what happens or merely adding the cookie policies as an intention of compliance. In my case I am in the 75%. I have just advised a main client to take a controlled risk until a new website is developed with full compliance. It was not a case of redesign for compliance but good timing as the clients message has changed.

    I suspect that, even on sites that do comply fully at the moment, many users just click the button just to get to the content. Many of my clients don’t use cookies to gather information they are just integral to the user experience and gather anonymous information. i still have a duty of care to point the law out and eyes just roll up with astonishment with no idea of what you are implying.

    I must admit that I have thought of using other statistical analytics software, as Oliver has noted in a post above, which may well be detrimental to Google at some point in the future. A wry smile has just come over my face, as Google may well wade in at that point.

    To my mind, this does not just affect EU websites but all websites if viewed in the EU or was that not thought about? How does the ICO deal with what EU users contend with cookie wise from outside the EU?

    Here’s a question on session cookies. Session cookies are not only used on shopping carts but elsewhere so that users movements in a given website are remembered for them. Why are these not exempt or regarded as necessary?

    In conclusion this law is in such a mess that it requires a rethink or laid to rest once and for all.

     

  • http://twitter.com/idea15webdesign Heather Burns

    Well, as regards the question of sites across the EU, the thing to remember is that there is not one cookie law applicable across all of Europe. There are twenty seven different “flavours” of the cookie law, one for each member country. Processes which meet compliance laws in country A would be breaking the law in country B.

    Last year’s guidance from ICO, who enforce the UK’s implementation, dealt with this question with the rather arrogant statement that they expected companies outside the EU to comply with the law. But again, it’s not one law. So by their words, ICO (not the EU) seemingly expect every web site in the world to come up with 27 different forms of delivery in order to comply with each country’s individual laws.

    When I delivered my presentation last week (http://idea15.wordpress.com/2012/07/14/the-eu-cookie-law-and-wordpress-where-we-are-and-where-were-going/

    ) I used my husband’s computer setup to demonstrate why that process would never work. He works here in Scotland for a well known German company. All of his company’s IT is routed through Germany; he has a German IP address; his geolocation is Bavaria; and all the banner ads he sees are in German. So, in a hypothetical world where there were 27 different flavours of site delivery, if you were a site administrator judging by IP address, you’d serve him the German cookie law compliance process. Which would actually not be the UK’s cookie law compliance process, and by extension, illegal.

    This is what happens when laws are cooked up by people working on a purely theoretical basis who don’t ever touch a computer.

  • Cookie

    There’s a cookie law? Hold on, while I consult the government … oh, nothing here other than a link:
    http://www.direct.gov.uk/en/index.htm – in that case. Moving on!

    ;)

  • Gadfly

    An EU directive is not law, it is a request for member states to comply with the directive by legislation.  So, what UK law is it that website-owners are supposed to be complying with?  The Information Commission cannot enforce a law unless Parliament has legislated for it.

  • http://ncdave4life.myopenid.com/ Dave Burton

    This is the first I’ve heard of any “cookie law.”