Contradictory European proposals could outlaw the automatic delivery of cookies and disrupt the way websites work, says Struan Robertson.
Visit any website and there is a good chance it will send a cookie to your computer. But unless that cookie is essential, its delivery could become illegal under a strange new plan that has — very quietly — won EU support.
Cookies are small text files that websites send to visitors' computers. Without them, websites would struggle to recognise users or, for example, analyse traffic.
Under plans endorsed by the European Commission, the Council of Ministers and the European Parliament, we would have to ask visitors for permission to send that cookie when they visit.
We are all subject to this requirement for prior consent — or so it seems. The trouble is we do not know what the law really means. No one does because the proposed law is ambiguous.
Taking the biscuit
That simple approach to cookie compliance is under threat. The new law says cookies can be delivered to a user's computer only if that user "has given his or her consent, having been provided with clear and comprehensive information" unless it is "strictly necessary in order for the provider of an information society service explicitly requested by the subscriber or user to provide the service".
For example, if I'm shopping at Amazon.co.uk and I put a book in my shopping basket, Amazon can use a cookie to remember which book I want when I proceed to the checkout. That cookie is essential to the service I have explicitly requested. But if Amazon wants to use a cookie for another purpose, perhaps to monitor shopping basket abandonment, it needs my consent.
That proposal sounds bad, but a 'recital' to the new law could provide an escape clause. In any directive, recitals are listed before the formal 'articles'. They provide an introduction to...