Crazy cookie directive legislation – Looking back

Remember the EU Cookie Directive? It caused a storm earlier this year but things have gone suspiciously quiet. So how did it pan out? 

A ‘Cookie Directive’ retrospective

A recent piece of research carried out by TRUSTe delivers a fascinating snapshot of how the online world responded to the EU’s implied consent legislation, widely slated as using a sledgehammer to crack a nut.

The study quizzed more than 4000 consumers across Britain, France, Germany and the Netherlands, also taking a look at the 50 top websites in each country. What did they discover? Just 12% of the UK’s top 50 websites complied compared to an impressively rebellious 0% in France and Germany.

What went wrong?

For a start, there was no need for nations and governments to force users to opt in or out of sites on a micro level like this. How come? Because browsers have provided comprehensive cookie blocking for those who want it since the 1990s.

Sledgehammers and nuts

Some bright spark recently raised a Freedom of Information Act Request to find out what has gone on behind the scenes so far. And the results are cringe-worthy.

  • Sites referred to the UK Information Commissioner’s Office for non-compliance – 209
  • Sites with multiple ICO referrals – 43
  • Site owners who’ve been contacted about alleged non-compliance – 71
  • Sites followed up for not responding ‘adequately’ – 6 out of the 71
  • Sites contacted for actual non-compliance – 0
  • Site owners upon whom compliance has been enforced – 0
  • Full-time people allocated by ICO to police the Directive – 0

That’s after a year’s ‘lead in’ period – May 2010 to 2011 – plus the time since the Directive became law.

Bah humbug to the gloom-and-doomsters

It looks like the doom mongers, who declared that anyone who didn’t comply would be summarily fined, if not electrocuted in the nether regions, beheaded and hurled off a cliff, were talking out of their backsides.
It’d be fascinating to know how many hundreds or thousands of person-hours it took the EU to research and implement the Directive. I can’t find the numbers online but I bet my last quid it runs to millions of Euros. All that time, money, effort and stress, media noise and paranoia… for what?  For a law ‘the people’ didn’t want and the internet didn’t need.
At the moment we have an EU Cookie law with thirty different interpretations, some of which insist on multiple opt-in processes for every single site you visit. Which seems ludicrous when the internet makes a nonsense of physical borders.
So far, so ridiculous.

Scary stuff for 2013 – The draft UK Communications Data Bill

There are darker clouds on the horizon for 2013 in the shape of the spectacularly draconian UK Communications Data Bill, currently at draft stage. If it’s made law it’ll force British ISPs to store records of every single thing you do online, from your Tweets to your Google searches and browsing history: the whole lot, for a full year, with no opt out. Yes, the data will be anonymised, but for how long? Talk about slippery slopes.

Luckily last week the  Joint Committee on the Communications Data Bill slammed the proposals as “too sweeping”, going “further than it need to or should”, good news when under its current guise the law would give the Home Secretary the power to extend its reach at any time without consulting Parliament. The Bill has also enraged privacy campaigners.

Equally scary stuff for 2013 – The EU Data Protection Directive

If you think things couldn’t get much worse, try the fledgling EU Data Protection Directive on for size, which aims to ‘protect’ your personal data by recording every click, Facebook update, email header… you name it. If that’s protection, I dread to think what aggression looks like.

Will we rebel or comply next time?

We might sleepwalk into all of this. It’s happened before. But will we comply if these nutty laws get set in stone? Let’s hope not.