IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

The Cookie Law is finally crumbling – good riddance

The stalest of all laws is getting an overhaul after years of menacing the web, and its end can’t come soon enough

A mouse cursor hovering over an 'Allow all' option on a cookie banner

Head to a new website, or merely one you haven't visited in a while. You likely won't be able to see it, especially if you're using a smartphone. That's because the page you've attempted to load is probably obscured by the bane of the internet: a cookie banner

In my early days, I spent a lot of time writing about the then-incoming cookie consent law, also known as the ePrivacy and Electronic Communications Directive. It stipulated that web users should know if a website is tracking them and only allow it with consent. Once it came into UK law in 2012, the UK's Information Commissioner's Office (ICO) had to devise a way for website owners to practically issue a warning and ask permission.

On that front, the ICO failed – at the time and in the long run. The law came into force in May, with the data regulator issuing advice a few weeks before suggesting that displaying a banner on websites as visitors arrived would suffice as compliance. Those pop-ups are increasingly massive and – if I'm any judge – quickly swiped away. I will tap "accept" or "reject" at random; I no longer care, just show me the thing I wanted to see. 

That said, if the UK's implementation of this directive failed to protect online privacy, it was successful with the second goal: education. Before, web tracking was a niche subject. The advent of annoying banners ensured everyone understood the basic fact that websites didn't just show information, but collected it too.

Ten years on, the lesson continues, despite the fact the UK chose to leave the EU. The death of the cookie law could have been the single light in the darkness that is Brexit, but the UK didn't bother to actually change its regulations once given the freedom. So here we sit, with a silly EU law still on our books. 

It's a law that we haven't heavily enforced either. The ICO has hundreds of complaints a year about cookies – exactly about what is impossible to discern, as it doesn't break down the nature of the complaints. Nevertheless, the ICO hasn't, as far as I can tell, ever issued a fine or enforcement notice over the issue. A spokesperson tells me they don't believe they've taken any formal action either. 

The EU has been more forceful. European regulators deemed Google's own cookie pop-ups for Search and YouTube to be insufficient, forcing it to roll out more robust banners last year. The new version – which you'll only see if you're logged out – so hit up Incognito mode if you're curious – is more than 200 words, and that's before you tap for more options. 

Hopefully, the cookies debacle won't run much longer. The UK is working on fiddling with the regulations to reduce the number of banners, while German regulators have been working on a law that would see consent replicated across some websites, reducing pop-ups but not wholly removing them. Even that welcome tweak may soon become largely pointless. 

While tech-savvy users have long used extensions to dodge tracking, and Firefox and Safari already block trackers by default, Google is set to follow that lead with Chrome. The firm will finally embed cookie consent decisions fully into the browser next year so we can be asked the question once – and just once. That ought to kill off tracking cookies entirely, as it's bewildering to think that anyone would allow it.

Related Resource

The Total Economic Impact™ of IBM Spectrum Virtualize

Cost savings and business benefits enabled by storage built with IBMSpectrum Virtualize

Blue shapes on white background - The Total Economic Impact™ of IBM Spectrum Virtualize - whitepaper from IBMFree download

Of course, this solution was discussed back in the early days of the cookie consent law debate, but presumably asking once, and never again, was seen as lacking the educational component. But so long after the fact, other tracking techniques have superseded the humble cookie, such as social media widgets and tracking pixels and now Google's new Topics API, designed to let the company keep selling targeted ads. There’s also the highly anticipated ePrivacy Regulation, an evolution of the Cooke Law, which was supposed to coincide with GDPR, but is still in the works. 

If Google manages to make its system work, Chrome will track our interests and make a list of topics we like, sharing access to three of those at random to advertising networks each time you visit a page. No other demographic data will be shared, Google says, and the information will fade after three weeks. What this means is advertisers – Google included – will no longer be able to track you all across the web to know you're eyeing up a new pair of trainers, but they'll still be able to show you ads for trainers constantly, including three weeks after you've purchased a pair. 

Don't expect this to fix the web. None of this will end the most egregious AdTech practices nor the use of tracking to fuel them. But at least you'll no longer be slapped in the face with cookie pop-ups while having your privacy invaded.

Featured Resources

2023 Strategic roadmap for data security platform convergence

Capitalise on your data and share it securely using consolidated platforms

Free Download

The 3D trends report

Presenting one of the most exciting frontiers in visual culture

Free Download

The Total Economic Impact™ of IBM Cloud Pak® for Watson AIOps with Instana

Cost savings and business benefits

Free Download

Leverage automated APM to accelerate CI/CD and boost application performance

Constant change to meet fast-evolving application functionality

Free Download

Most Popular

Warning issued over ransomware attacks targeting VMware ESXi servers globally
cyber attacks

Warning issued over ransomware attacks targeting VMware ESXi servers globally

6 Feb 2023
ION Trading reportedly pays LockBit ransom demands

ION Trading reportedly pays LockBit ransom demands

6 Feb 2023
Tips for Boosting your Organisation’s Security Posture with Encryption

Tips for Boosting your Organisation’s Security Posture with Encryption

6 Feb 2023