Perhaps I should clarify, I don’t mean the wondrous Frisbee shaped sugar filled melt in your mouth treats, although I’m impartial to a good cookie at the best of times. No, I mean browser cookies and the fact that today (possibly yesterday by the time I finish writing this) marked the introduction of a new regulation within the Privacy and Electronic Communications Regulations 2003, aptly hyphenated to ‘PECR’.
Now let me (briefly) outline what a cookie is. The Information Commissioner’s Office, the body tasked with introducing and policing the revisions define a cookie as, “a small file of letters and numbers downloaded on to a
device when the user accesses certain websites. Cookies allow a
website to recognise a user’s device”. Fairly nondescript I’ll admit, but it kind of sums up what could otherwise be a long winded and boring topic. In essence, a web cookie stores information about you and talks to a web application in order to provide a more personalised user experience. Every time you add an item to your basket in an e-commerce shop, it is saved in a cookie. Every time you revisit a website and it says, “Hello Fred” (or your name more likely), it is because it has stored a cookie in your browser.
The new Regulation now demands that users be given clear instructions as to what a cookie will do, and requires them to ‘opt-in’, allowing one on your browser only after full understanding and acceptance. Now I’m all in when it comes to consumer rights and privacy, but this is taking things a little too far if you ask me.
Admittedly, I haven’t explained that there are also such things as ‘persistent cookies’ that can last for many years (even if you upgrade your browser) that track your movements across sites to display more relevant ads and can even analyse search patterns. Sound scary? I’m not entirely convinced it should, as even these are in theory design to help everyone. Yes of course, help the media companies and advertisers, but who likes seeing ads for tenner ladies when your a 27 year old bloke.
Some may argue that cookies can be misused both by site owners and malware, but most cookies these days are encrypted to protect your information, so if the agenda here is to protect user privacy, then that’s a good place to start.
My biggest problem is the user experience though, after all, that is what cookies are designed to improve. How does the ICO expect web designers to get ‘meaningful consent’? They suggest not to use a pop-up, but unless you shove in people’s faces, they won’t see it (and while they advise against pop-ups, they don’t give a decent alternative, which means they haven’t thought of one). And what do you write? I’m sure you’ve probably seen a pop-up before stating, “This site requires the use of cookies, please enable cookies in your browser.” or some such. But do they really expect to see, “This site uses cookies. Here are the 192 reasons we use cookies, each individually explained and referenced with links to relevant parts of the website….”. Cods wallop, much like T&Cs, we’ll just click accept and move on.
To summise, placing the need for ‘informed consent’ on every website is ill advised. Users won’t read them, but will get frustrated with them, web owners will need to pay for them, but not benefit from them, and web developers will spend a long time developing the best solution for something that browsers will undoubtedly replace in the future.
If you are worried about the impact these regulations may have on your website, please call our dedicated hotli… yea right – follow this link. A few good suggestions for preparation, although most small e-commerce owners will not enjoy the cost of this. Alternatively, just ignore it, and hope that Google or Firefox step in and pave the way for all browsers to solve the problem for you – except Internet Explorer of course, that would be asking too much.
