The new EU e-Privacy Directive that comes into effect in the UK on May 25 has caused a major stir in the local internet community, but its real impact will depend on enforcement and ‘cost’ to end users.
Could common sense prevail? Perhaps, but in the end practicality will...
The e-Privacy Directive
“...on condition that users are provided with clear and precise information...about the purposes of cookies...”. It goes on to state that “Users should have the opportunity to refuse to have a cookie or similar device stored on their terminal equipment.”
This legislation is threatening a variety of online practices from display advertising to web analytics and behavioural targeting. However, it is now up to the Department for Culture, Media and Sport (DCMS) to draft the practical regulations of this directive for the UK. Somewhat ironically, these won’t be ready on time for May 25th (perhaps the department’s lawyers are occupied by the upcoming Olympic games).
Given that work is in progress, we can only hope that the DCMS is looking for the right balance between privacy and business needs.
The continuous privacy issues and media hype over Facebook’s data sharing are major (though not the only) instigators for people’s online privacy concerns. Add the ‘creepiness’ factor of targeted behavioural ads on websites and emails and you get an explosive mixture of paranoia.
I am deliberately keeping Spam, online identity theft and Phishing separately. These are major privacy concerns but are conducted by criminals not legitimate business. They will continue to operate irrespective of any legislation.
The more sophisticated ones are using cookies to improve user experience, increase revenue and reduce cost by optimising their marketing and commercial resources. These are legitimate activities that are in the interest of both website users and owners. Efficient companies can offer customers better priced products.
Obviously, there are always the odd cases of abuse. There will always be some bankers trading on inside information, construction companies that do not adhere to the strictest health and safety regulations and pharmacies selling fake drugs. But thankfully those do not represent the majority of businesses on or offline.
Unfortunately, most members of public are unaware of the benevolent aspects of cookies and how they make the internet work. They soon will find out if regulation adheres to the strictest protocol.
Threats to user experience
If the DCMS interprets ‘[user] opportunity to refuse’ as needing to obtain prior and explicit consent for using cookies then the quality of user experience is about to nose dive.
Every website in the UK would have to use a prompt or pop-up (what if the latter is blocked by the browser settings?) to obtain consent using cookies. Users will have to pain through this process many times a day, which will make the web more cumbersome and frustrating.
Those who reject cookies would suffer most. As there will be no mechanism to track them, they would be prompted to opt in/out each time they return to a site. This on its own is likely to lead most customers to (eventually) opt in for the sake of their sanity.
Most people, when asked, would prefer their favourite online newspaper to be ad free. But given the choice between an ad free version for a minimal monthly subscription and a free version with ads, the majority would pick the latter.
Similarly, most would find the ‘cost’ of such privacy control too high to bear. It would completely overshadow the actual privacy concerns.
Whilst I agree with my colleague Alec Cochrane regarding the need for educating the public about cookies, I doubt the media is going to find the educational aspect of the topic sufficiently engaging. Katie Price’s domestic trouble seems far more important to the general public (perhaps we should get her to endorse our cause).
Will the Directive harm the industry?
I disagree with statements that UK users will turn to foreign websites and the imminent death of online start-ups. I live in the UK, consume predominantly domestic news and transact with local websites. I’m not going to develop an instant preference for the NFL over the English Premier League.
The DCMS would be risking the wrath of both public and industry if it opted for too strict regulation. It would also need to consider how this regulation would be enforced and governed – not a trivial issue.
Given that ‘prior consent’ was not a term used in the EU Directive, I’m expecting the DCMS to take a more moderate approach.
But even if the DCMS comes up with strict rules requiring prior user consent and users do not grow tired of having to opt in on every visit then the industry will quickly adjust with practical solutions.
Would display banners, behavioural ad targeting networks and web analytics vendors disappear? No, they will simply evolve by using other mechanisms. They are ultimately too important tools for both industry and users to simply disappear.
As an industry we should first and foremost self regulate by using cookies responsibly and respectfully. We should make our voice heard so policy makers have a balanced view and appreciation of users and industry needs.
We should hope that the DCMS listens and applies common sense, but we should also trust practicality and user experience to prevail if regulation goes a little too far.