1 August 2019

Post-Brexit opportunity: making the internet less annoying

By

They’re cookies, and they’re not the delicious kind: internet cookies pop up on every new website we click on. The pop-up often says something like this: “We use cookies to help our site work, to understand how it is used, and to tailor the adverts presented on our site. By clicking “Accept” below, you agree to us doing so. You can read more in our cookie notice. Or, if you do not agree, you can click “Manage” below to access other choices.” What cookies do essentially is store information on your device on how and where you navigate on their website.

When retrieving the information from your device, the website knows what particularly caught your eye, and they can improve their website structure or marketing based on this data. However, cookies can also be useful to the user, in that it stores your password, and keeps you logged into your favourite social media platform or airline account. The way rules are today, you need to opt-in to allowing cookies to be stored.

It wasn’t always that way. Prior to the “Citizen’s Rights Directive“, users were assumed to having opted-in to the sites cookie policy, automatically and then explicitly opted-out if they wished. In 2009, this directive changed the approach from an opt-out to an opt-in, as it was with the privacy directive since 2002. This has created a wave of annoying pop-ups, that can sometimes block half the screen, and deteriorate user experience.

Part of the directive sets the rules regarding cookie consent, and only implies two instances for implicit consent (meaning you are assumed consenting to the use of cookies), both relating to providing a service that the user specifically requested. For instance, an online shop remembering what you put into your shopping cart, does not need explicit consent.

The reformed privacy regulation of the European Union – ePrivacy Regulation – is set to come into effect this year, but no reform of cookie consent riles is planned. This would continue the cycle of annoying cookies. However, implementations can vary. Germany has an opt-out approach, so long as data collected by cookies immediately undergo pseudonymisation and are kept in a pseudonymised state. Your cookie disclaimer in Germany will also always state that continued use of the website implies consent.

But there is an easier option already on the market. A well-reflected reform would put all cookie use under implicit consent, with the knowledge that users can use often free and already existing software that allows them to opt-out of all cookie use that they deem unsuited for them. This allows consumers to take their data use into their own hands, without an unnecessary and ineffective pop-up on every website. This could also be an integrated feature in browsers, that would allow consumers to easily navigate their privacy rules in one centralised place.

This represents yet another way in which regulatory independence would allow the UK to diverge from bad EU policies.

CapX depends on the generosity of its readers. If you value what we do, please consider making a donation.

Bill Wirtz is a Senior Policy Analyst for the Consumer Choice Centre.