Cookies – changes in EU legislation

On the 26th May 2011, new rules governing the use of cookies by websites to store information on a visitors computer or mobile device comes into force in Europe.

Instead of the “Opt out” option currently  adopted for most website visitors, under the new regulations  websites will need to specifically gain the consent of their visitor and they must “Opt In” to be able to store cookies on their computer (or other devices) in future.

There seems to be a lot of concern that gaining consent of all website visitors to allow their data to be saved in cookies  will, in many cases, be a big challenge. It could mean that in future you will be inundated with prompts requesting your permission, even on sites that you have visited many times before in the past.

For those of you who are wondering what this is all about,  “Cookies” are basically  unique small files that can be created by the web server, when you log on to a particular website,  that remember your information and store it in a cookie on your computer.

When you return to that website again, the server looks for the cookie and retrieves the information so that you don’t have to type it in again.

Used as they were intended, cookies are a very useful aid to enhance use of the Internet. They can however also be used for malicious purposes, by some less ethical web developers. Since they store information about a user’s browsing preferences and history, cookies can be used to act as a form of spyware.

Most browsers will allow you to turn off all cookies but unfortunately, disabling them will prevent you from accessing many popular applications like YouTube, Gmail, Yahoo mail, and many others. Some search settings also require cookies for language settings as well so you can see that this is generally not a useful option to adopt.

Personally, I wonder if this is yet another case of bureaucracy gone mad in the EU. These days, many anti-spyware products are well aware of this problem and they routinely flag cookies as candidates for deletion after standard virus and/or spyware scans. As long as you have a good anti malware software installed and you keep it and your anti virus software and operating system updated, it almost certainly is not going to be a problem for most people so is it worth all the extra hassle ?

I guess we will just have to wait and see how much of a pain it is once the new legislation is introduced.

Further information on this topic

• Cookie law deferred for one year