The Council of the European Union has approved a law ending the current use of tracking cookies in the EU within 18 months. The EU directive will now be turned into national laws. In detail, the new regulation will require that a cookie can be stored on or accessed from a user’s computer only if that user “has given his or her consent, having been provided with clear and comprehensive information.â€
There is only one exception to the rule: Permission to store or read cookies is not mandatory when their use is “strictly necessary†for the provision of an “explicitely requested†service. That means, if a user is clicking through an online shop and puts items in the virtual shopping basked, the site may use cookies. However, the site may not read or write cookies for the purpose of third-party advertising as users don’t explicitely ask for the display of advertising. In theory that means that any site serving ads will need to ask for users’ consent.
If the laws will actually be enforced it will mean the end for a lot of business. Many sites out there derive their revenues from consent-less advertising only. This also includes Facebook, YouTube and so on. As most ad servers out there are completely based on cookies, these companies would have to ask their users for permission to show them “well-chosen offers of partnersâ€. This would also give users the option to choose an ad-free YouTube or Facebook. Who is going to be paying for the service then? Will casual communities introduce subscription fees just like LinkedIn?
The consent requirement for the use of browser cookies also applies to analytics. All sites using Google Analytics, Omniture etc. will need to ask for explicit permission to store and read cookies too. This however isn’t all that bad. No matter which website I visit, I always see Google Analytics requests in the status bar of the browser. They can track a user across the whole internet which is quite scary actually. At this time nobody is asking for my permission.
I’m not sure if the directive will really become effective national laws. There is too much money in online advertising and I think a lot of companies will begin some heavy lobbying soon. The new regulation would kill some of the greatest innovators out there. The other question is how the authorities will actually be enforcing the laws. Anyhow, cookie-less tracking techniques will become more and more important.