The EU are trying to prop up their truly abysmal Cookie Policy which they strengthened under GDPR. Frankly the abysmal Cookie Policy is, at least for many, worse than not having a Cookie Policy at all and it’s interpretation hasn’t helped.
What are Cookies?
Firstly, what are Cookies? They are little bits of code that track you when you use a website. Some are absolutely essential, for instance remembering you are logged into a website and are adding products to your shopping basket, so that as you browse from page to page it remembers who you are. Without Cookies, you couldn’t remain logged into a website. Others, such as tracking Cookies for advertising, are less desirable and work cross site remembering what you looked at on one site and then serving tailored adverts on another site.
What does the Cookie Policy require?
The Cookie policy essentially required you to ask visitors to your website to accept the use of Cookies before you set any. This of course is impossible as the only realistic way to register a user declining the use of Cookies is to set a Cookie. It’s almost impossible to allow someone to view a page on your website when they land from a search engine, type in your URL or clicked a link without setting Cookies.
However it should be possible (and is relatively easy) to enable users to only accept the most critical Cookies and decline tracking Cookies either for your use or for third party advertising and affiliate schemes.
What makes it an abysmal Cookie Policy?
The problems come with the implementation.
Many sites (especially news organisations) outside the EU have simply blocked EU citizens from viewing their website. It’s easier to block access then it is to inflict a sub-standard abysmal Cookie Policy on their domestic readers.
When the policy came out, there were immediately a load of Cookie Policy website plugins and their default options were to accept all Cookies and carry on to the website or decline them and be booted off the website to perhaps Google’s home page. Other Cookie implementations give no choice – either accept Cookies or you can’t do anything or view the website until you do.
Then there are the sites which interpret anything from scrolling or swiping to indicate acceptance of their Cookie Policy. This leaves no way of opting back out as they don’t accept a second swipe or scroll as indicating that you are withdrawing your acceptance.
What’s next to fix the abysmal Cookie Policy?
Now the EU are attempting to patch up the Cookie policy and the big change is to ban Cookie walls which simply stop you from viewing a site if you don’t accept Cookies.
“In order for consent to be freely given, access to services and functionalities must not be made conditional on the consent of a user to the storing of information,or gaining of access to information already stored,in the terminal equipment of a user (so called cookie walls).”
– European Data Protection Board Guidelines05/2020 on consent under Regulation 2016/679
The other big change is to ban implied acceptance through scrolling.
“actions such as scrolling or swiping through a web page or similar user activity will not under any circumstances satisfy the requirement of a clear and affirmative action: such actions may be difficult to distinguish from other activity or interaction by a user and therefore determining that an unambiguous consent has been obtained will also not be possible. Furthermore,in such a case, it will be difficult to provide a way for the user to withdraw consent in a manner that is as easy as granting it.”
– European Data Protection Board Guidelines05/2020 on consent under Regulation 2016/679
The reality is that whatever the EU do to try and fix their abysmal Cookie Policy will probably only make things worse. Internet users are constantly annoyed by Cookie popups and can’t click them fast enough – not to express their acceptance or to decline but simply because they are annoying and they don’t care. The only Cookie Policy that ever has a chance of working is at browser level where you can bulk opt in to say that you really don’t care… and that in reality has been built into browser settings for decades.
One Response
Bureaucracy at it’s finest, fixing a problem with a bigger problem.