About a year ago the EU directive on the use of cookies online came into effect. The idea was to give consumers a better understanding of what information was being collected about them and how it was being used. Which seems like a noble motivation. Many experts said that the law was unworkable and ineffective – even as they scrambled to implement it on their sites. Others pointed out that it was unenforceable outside the Netherlands.

The Dutch requirements are, it seems the toughest, and implementing them means we now collect more information than we used to, and store it longer. Because the law requires a strict opt-in Dutch sites tend to use splash pages or white boxes before letting you see their content – such as this example from RTL Netherlands. RTL is a pan European company, their other sites do not force this on their visitors – but the cookie law implementation varies across the EU.

The cookies we set on our site serve three functions;

  1. remembers which language you want to use to read the site
  2. remembers your response to a disclaimer (we include some information that is not supposed to be for the US market)
  3. collect (anonymous) data on your visit so we can improve the site

We didn’t want to force people to opt-in so it’s optional. Not surprisingly most people don’t which means that on return visits they may need to re select their language, and they may need answer the disclaimer multiple times – and this applies to visitors outside the EU. We now do not get enough data to analyse the site.

There’s no good solution to this; either we annoy visitors with the forced opt-in, or we don’t collect enough data to analyse our site, or we don’t comply with the law. It’s a frustrating situation to be in. Particularly as we know from other research that 90% of visitors will leave the cookie acceptance on the default setting – even if that is the highest setting.

The ICO, the organisation responsible for the enforcement of the cookie law in the UK, announced a change to their use of cookies earlier this year, effectively moving to an opt-out model. For UK sites the cookie law is a vestigial form; you need to disclose how you use cookies but specific opt in is not required. Here’s a helpful timeline of the developments in the UK.

For Dutch companies the requirement remains unchanged, full opt-in is required and companies must collect proof that visitors have opted-in (that’s the extra data we’re now collecting about you). There’s no indication from OPTA (the Independent Post and Telecommunications Authority – the organisation charged with enforcing the law – part of the Authority for Consumers and Markets), that any change is planned. However Dutch site “Marketingfacts” reported that a bill amending the cookie law was presented to parliament on 20 May (Article only in Dutch). The proposed changes would allow analytical cookies and those needed for the operation of the site to be set based on implied consent provided the data collected did not have an impact on privacy.

The bill has been through a consultancy phase and it will now be up to the minister to decide whether to submit the bill to the lower house. Like many of those working in digital industries I am hoping this bill goes through.

Published by Louise McGregor

I've worked in digital at the intersection of communications, technology and business for more than a decade. And I'm still crazy about digital.

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.