There are only two weeks to go to the deadline for the new EU Cookie Law. Not long to work out what needs to be done let alone to do the work. The 26th May 2012 was set as the deadline but most businesses are not going to be ready in time. There are stories of the cost of billions to UK business and the fear of developers and website owners alike that solutions will turn away customers. Are customers really going to start to click accept cookies on every site they visit. If they have to the question is why should they? Users know that sites store cookies. We all know that sites store cookies.
Legislation for stupid people
So is this merely a law for stupid people? That is a good argument. Browsers already contain the option to turn off cookies. And most sign up forms and terms already contain the acceptance of cookies. So what exactly do we gain by this new law? The sites that we are really bothered by are the ones that will not adhere to this law. Will people stop visiting them? Highly unlikely if the content is such a draw that they cannot resist visiting. So it seems it is a great way to police the people that are already doing the right thing and attack the low hanging fruits and easy targets.
Penalty and Fines
There is a theory of penalty and fines. There is scare mongering and shouting and fear spreading and nay saying. The question is will anyone actually dare to fine or enforce the law? With huge compliance breaches in the realm of PCI DSS that looks at card details it is very, very, very unlikely that any fine will be levied. We can say that in about 12 months time there may be some token fine for a repeat offender but the argument that the legislation has no teeth has a prominence.
That is not to say people are or should do nothing. The do nothing option is never a good idea. The what to do is the key. The suggestion is that what you do is understand the risk. Do a cookie audit. Add it to risk management process. Deal with it. But rushing out to implement pop up blockers and the like may be a little hasty. I do not want to visit your site if I have to click boxes. I don’t lie kicking boxes.
There is a bit of an overview of the law here
There is an overview of the audit process here