European Union keeps coming up with new legislations painted with broad brush strokes. Here’s another one: starting on the 25th of May 2011 all websites hosted in the EU will need to obtain permission before storing persistent cookies on the user’s computer.
The purpose of this new law is to ensure that the users are informed of who is tracking their information for advertisement purposes, but its implications are much greater than that. It almost looks like the EU Council is purposefully trying to drive away business from its shores.
Let’s see. Persistent cookies are used for a lot more than advertising. A majority of modern websites uses cookies to store user preferences. Google, for example, stores your search preferences in a cookie. Facebook stores your username and password in a cookie when you click the “Keep me logged in” check box. Now imagine that there is a company competing with Facebook but based in the EU. If you click “Keep me logged in” on the European company’s website, you’ll see a warning popup saying “This website will now store a cookie on your computer. Are you sure?”.
At this point most people will click Cancel and leave the page, since most people don’t know what a cookie is, and since they are warned about it, it must be something evil that will delete everything from their hard drive and poison their mouse.(If you’re afraid to feed your mouse unknown foods, read this to see that cookies don’t hurt mice.)
Now do you see the advantage that American companies will have over European ones? Like I said, a law painted with broad, broad brush strokes. I won’t be surprised if soon we’ll start seeing mass exodus of some types of services out of the EU in search of a promised land across the Atlantic Ocean.
I recently implemented this cookie warning functionality in web software that will be hosting hundreds, maybe thousands of email systems in Europe. I tried to be as nonchalant as possible when writing the warning message in order not to alarm the users, but the best I could come up with was:
“After you log in, this website will use cookies to provide a better user experience. If you prefer not to use cookies, you should not log in to this website. Click here for more information.”
There are no advertisements involved, so why does anyone need to see this?
Some argue that another problem with the new law is that what constitutes user “consent” is vague. To me this is not a problem but a salvation, since web masters will be free to mellow down the warnings and incorporate them into their sites more inconspicuously.
The bottom line is, in my opinion, this law is a mistake and in the long run will do more harm than good. If it were narrowed down and applied only to advertising, it would be a great initiative, but as it stands right now, it will just scare the users and drive away business from Europe.
But it will also give the EU law enforcement an opportunity to collect some juicy fines from thousands of unsuspecting companies and fill up the coffers of the EU legislators, which will in turn encourage them to come up with some other clever laws.
At least it’ll make somebody happy.
