Going into effect May 25, the latest European e-Privacy Directive requires publishers in European Union member states to seek consent from users before using any kind of tracking technology. If you’re going to drop a cookie, even for internal analytics, the user has got to know about it. Certain cookies will be forbidden, such as those that log items browsers have added to online shopping baskets.
Previously, the e-Privacy Directive required users to offer opt-out options (“the right to refuse” tracking instruments) but this new “opt in” method has been adopted to present more transparency and user control. The worst case scenario Internet companies are fearing is having to serve a pop-up box explaining every little cookie.
It sounds pretty Draconian — Mike Butcher writes on Tech Crunch Europe that such a move would kill the European tech startup industry and give companies from countries outside the EU (specifically, the United States) a bigger advantage over European outfits than they already have.
Privacy International’s Alex Hanff calls that balderdash. “There are very few big players in this industry and it is nonsense that users will be having to click on multiple consent forms,” he told the BBC.
However, European governments may not have the ability to enforce such a drastic measure, especially not so soon. The BBC reports that not a single European government has a plan to enforce the directive. The U.K.’s Department for Culture, Media and Sport straight-up admits technical solutions will not be ready for action until May 25
In addition, the article suggests the U.K. government’s enforcement arm, the Information Commissioner’s Office, will not be applying a heavy hand to offenders.