18 December 2018

The End of Cookie Bars

GDPR

There are mixed opinions regarding the cookie bars that have appeared on most sites utilizing cookies. GDPR indeed requires that cookies are communicated on sites that utilize such. But this was not originally the intended outcome of this latest EU law on personal data processing. There was and still is an extension to GDPR or you could call it a specification that was supposed to dig into the details of marketing and personal data processing. This extension is called ePrivacy Regulation and it among other things allows the use of cookies for marketing purposes without forcing a cookie bar with it.

after 6 months of gdpr, eprivacy regulation is Still just a proposal

ePrivacy Regulation was supposed to be enforced with the rest of GDPR, but it got delayed. People in charge of this now talk about 'sometime in 2019' and there is again topics for local legislation to decide, which may be delayed further. The rumor has it that there are lots of lobbying ongoing for each interest group as marketing is big business. ePrivacy Regulation thereby remained only a proposal when this was typed and posted, and the rest of GDPR had been enforced for more than half a year already.

All areas of ePrivacy Regulation

EU lists the following content in ePrivacy Regulation, as it is not only about cookie bars:

  • Internet communication applications like Skype, Whatsapp and such will get equal requirements for privacy as telecom, like calling on the phone and SMS.

  • Metadata regarding internet communication, like time and place of communication, get confidential and may not be processed without consent or other pressing reason like billing.

  • On the other hand, once consent has been given, the info can be utilized in a wider context like for infrastructure planning.

  • Marketing calls get further restrictions, like a phone number prefix or similar, making it easier for the receiver to identify marketing calls before answering the call.

  • And last but not least - the cookie topic.

More about cookies and bars

There is naturally a whole lot to each point on that list, but as this post is about the cookies, I will only elaborate on that. When typing this, cookies on a website is the responsibility of the publisher or website owner. Therefore visitors to that site need to be informed of the cookies and some cookie bars even offer the option to disable cookies for the requesting user. ePrivacy Regulation will change this by moving the responsibility partly to the visitors. The visitors need to disable cookies from their own browsers’ settings in order to avoid cookie tracking. This, in turn, leads to the outcome that visitors who have cookies enabled on a certain site are assumed to give consent to tracking by cookies. And this, in turn, removes the need for cookie bars or marks 'the end of cookie bars' just like the topic of this post stated.

For most website publishers this is a relief, but also for many website users that are fed up with hitting the approval button on every site to get rid of the banners. But this is just the legislation and reduced requirements therein. How each website publisher wishes to serve its visitors is something for each one to decide. We at Wunder are collaborating with about 100 publishers of significant websites and are solving topics like this in cooperation with them. If you are looking for a reliable partner in such matters regarding your web service, do not hesitate to contact us.

Contact us