The EU cookie directive still dangles perilously above the heads of the Euorpean online advertising industry. But you’ll be glad to know that sensible heads seem to be prevailing over at the ICO (Information Commissioner’s Office). The ICO has decided against forcing the UK digital industry down the blind alley of “opting-in for everything”. Instead the organisationm, charged with securing UK citizens’ privacy, has instructed publishers and advertisers to give users clear options to opt-out of any behavioural targeting or tracking. Simply put: if you drop a cookie on me, you must give me the option of opting-out of your process. I don’t think they should stop there though. All BT-powered advertising should be clearly marked with a universally recognised icon, and have a link to an opt-out page for users.
The ICO also stated that companies are not obligated to provide services to those who reject tracking in cases where cookies are “strictly necessary for the provision of goods and services”. There remains a lot of confusion still around the ePrivacy (or “cookie”) directive – especially in regards to how the mandatory opt-in should be implemented. The online ad sector continues to struggle with interpreting the new directive:
Certainly, this was the view of advertising trade body IAB Europe which pointed to the legislation’s preamble as saying that “the control settings in a web browser such as Firefox, Internet Explorer, Chrome, Opera or Safari are sufficient to comply with the consent requirement”.
Angela Mills Wade, executive director of the European Publishers Council, believes this to be “an overly strict interpretation of the ePrivacy directive”. The opinion is not legally binding but is likely to be relied on by European Union member states as they set about converting the requirements of the directive into national law before the May 2011 deadline.
Expect the waters to get mudier as we aproach directive deadline day in May of next year. It seems inevitable that there’ll be one intepretation in the UK and a completely different understanding of the directive in other European markets. How are the EU enforce this directive? The mind boggles at some of the disjointed regulation coming out of Brussels. Everyone is in favour of user privacy but not at the cost of the EU citizens in terms of diminished online services or user experience.