Is the Cookie Law outdated and frankly just annoying?

No primary category set

Cookies are a basic part of how the Internet works but there’s hardly anyone I know that is in favour of pop ups on just about every website due to the EU’s Cookie Law. They store little bits of information about you such as when you are logged into a site, what you add to your shopping basket and all the useful things that personalise websites to you. Cookies are also used to track what you do on the Internet and can be used to link your activities across sites, for instance if your browse a flight for your next trip abroad, you might then see adverts for flights to the same destination on social media sites.

The EU hates Cookies with a passion as they’re big on protecting your personal information and that’s why a Cookie Law came into effect. It spawned horrible pop-ups on websites across the web which you have to click to accept or decline to whenever you visit a new site. The law was relaxed a little for implied consent but GDPR strengthened it and it’s back with a vengeance.

One of the reasons I detest the Cookie Law is because an increasing number of US sites refuse to bow down to the EU. Rather than installing Cookie Policy pop ups to infuriate 350 million US consumers, they’ve taken the attitude that it’s easier just to geo-block EU consumers and block them from even seeing their websites. That’s annoying.

Now, the Court of Justice of the European Union has decreed that “Storing cookies requires internet users’ active consent. A pre-ticked checkbox is therefore insufficient”. In a judgement that comes from German Court asking for an EU ruling (a country where it’s considered normal behaviour for a retailer to sue another claiming an unfair advantage if they don’t comply with every banal regulation going), the Court decided that the “consent which a website user must give to the storage of and access to cookies on his or her equipment is not validly constituted by way of a pre-checked checkbox which that user must deselect to refuse his or her consent”.

The Court went on to say that you have to tell the user how long the cookies will last for and and whether or not third parties may also have access to the cookies your site places on their computer. This is clearly information overload and best advice is firstly to not use Cookies where they are not needed but more importantly surely it’s time for the Cookie Law to change to acknowledge that Cookies are pretty essential to the Internet and that by using the Internet acceptance of Cookies can be implied to be accepted?

“The court has clearly established that current EU rules are outdated. Bombarding internet users with cookies isn’t user-friendly, informative, or productive.
When retrieving the information from your device, the website knows what particularly caught your eye, and they can improve their website structure or marketing based on this data. However, cookies can also be useful to the user, in that it stores your password, and keeps you logged into your favourite social media platform or airline account.
A well-reflected reform would put all cookie use under implicit consent, with the knowledge that users can use often free and already existing software that allows them to opt-out of all cookie use that they deem unsuited for them. This allows consumers to take their data use into their own hands, without an unnecessary and ineffective pop-up on every website.”

– Bill Wirtz, Senior Policy Analyst , Consumer Choice Center

11 Responses

  1. “surely it’s time for the Cookie Law to change to acknowledge that Cookies are pretty essential to the Internet and that by using the Internet acceptance of Cookies can be implied to be accepted?”

    they’re simply not essential for the vast majority of websites.
    they can be handy, that’s not the same as essential.
    what they’re particularly handy for is if you want to track someone’s movements without their knowledge. which they were being abused extensively for, at least now there’s some transparency about that, and some options for those of us who don’t like targeted ads or being followed around all day.
    – more often than not, if the cookie consent pop up doesn’t give me the option to disable tracking (not essential) cookies, i back out of that site and won’t use it.

    “an increasing number of US sites refuse to bow down to the EU.”
    I haven’t seen one as yet, US sites do often geo-block non-US users for a variety of reasons, i haven’t heard of one doing it simply because they don’t want a cookie banner. if they wish to block a market the size of Europe for the sake of a cookie banner then that’s more stupidity and America exceptionalism than a problem with GDPR.

  2. Down with that sort of thing!

    Honestly: use my data, personalise my experience, retarget me…

    I just don’t care anymore.

  3. I’m not an expert on the need for cookies but I’m concerned by the power of big data companies so I’m glad to have the EU fighting for my privacy/security rights even if its inconvenient at times.

  4. I can see why…. but to be honest the constant barrage of pop ups asking me for consent every single damn site i seem to visit is a pain. It has got to the point where i often just click ok without even looking as i just want to get on with what i am doing. Not good i know…
    I’m sure im not alone… let’s face it, people post their whole lives over social media… are they really that concerned? Do people really look deeper to see what is being collected? How many go through the options if they are offered? Let’s face it who actually reads the terms and conditions of using a website or buying something online? Hell alot don’t even read the description! I would place money on the fact that it is very few.
    My web browser has a setting to tell websites i don’t want to be tracked. my internet security blocks alot of other stuff… And the amount of targetted junk mail i get is pretty much the same as before when i used to opt out of everything i could!
    I think it is quickly becoming a monster that will become as annouying as the one it is supposed to be combating.

  5. It’s a complete pain. Every single day, every single website asking me for consent. The time wasted multiplied by population must equate to millions of man hours completely wasted. Who ever is responsible -HELL IS TOO GOOD FOR YOU!

  6. i really wonder about the laziness of us first world people sometimes.
    and the way we complain about our own laziness in hindsight.

    oh woe is us! all the time it takes to press “ok” once without reading! just shoot me now!
    – how could cambridge analytica possibly manage to harvest all my information without me knowing? i’m outraged!

    I can’t really be bothered locking my door every time i leave the house, it takes a good bit longer than clicking “ok”. but i do it anyway because doing otherwise is just stupid. it’s two seconds well spent.

    it’s like, pick a side, if you’re in the “can’t be bothered with locks” camp don’t complain when your house gets robbed.

  7. I think setting it on a web browser level would be the best way and then if a website we visit has a cookie which we have not previously accepted then we can be notified and either add to cookie trust list or block.

  8. It was always a ridiculous solution to the problem under the auspices of protecting us. Anyone who thinks not accepting cookies is in any way protective is a fool. Our data is being collected by far more powerful organisations than a few small trading websites. It must cost collectively millions of hours per year across Europe to have us all clicking OK.
    James, with respect, you must have much more time on your hands than the rest of us, and nothing to do with locking doors – that was a weak metaphor – the equivalent would be – every time you came home and turned the key in your door to be asked to confirm, ‘do you want to open the door?’ – a royal pain.
    For those of us whom have to visit literally hundreds of sites weekly and repeatedly, life can drag somewhat.
    Please get rid of it, and lets all be realistic and assume that we are being tracked anyway.
    Silly rule, and to quote Donald Tusk, ‘there must be a special place in hell’ for the fools who came up with this solution.

  9. The pop ups are essential but perhaps not 100% of the time. Maybe one in every 4 visits would provide sufficient reminders about what the service providers are up to, randomised of course.
    As for the US operators who do not want to access the World’s largest market, their loss?


Selling to the EU with IOSS on Shopify made simple

Selling to the EU with IOSS on Shopify made simple

Temu MASA Certification for User Security and Privacy

Temu MASA Certification for User Security and Privacy

General Product Safety Regulation GPSR compliance on Amazon

Start GPSR compliance prep for Amazon now!

General Product Safety Regulation GPSR compliance on Amazon

General Product Safety Regulation GPSR on Amazon

Google Chrome Cookie Tracking Protection

Google Chrome Cookie Tracking Protection

ChannelX Guide...

Featured in this article from the ChannelX Guide – companies that can help you grow and manage your business.


Take a look through a selection of the latest articles on ChannelX

Register for Newsletter

Receive 5 newsletters per week

Gain access to all research

Be notified of upcoming events and webinars