Slashdot Mirror
UK "No Tracking Law" Now In Effect
Fluffeh writes "The British Gov might have more cameras up on street corners than just about anywhere else in the world, but it seems that the Gov doesn't want anyone else stepping on the privacy of their folks. In what the media have dubbed the 'Cookie Law' all operators of websites in Britain must notify users of the tracking that the website does. This doesn't only cover cookies, but all forms of tracking and analytics performed on visitors. While there are potential fines up up to 500,000 pounds (Over US$750,000) for websites not following these new rules, the BBC announced that very few websites are ready, even most of its own sites aren't up to speed — and amusingly even the governments own websites aren't ready."
While the British government might have implemented, the law comes from the EU.
It actually came in last year and websites were given a year grace to enable the features required.
Its that grace period which has expired, not that the law has now suddenly been introduced.
The British Gov might have more cameras up on street corners than just about anywhere else in the world
It doesn't, though. The whole "eleventy billion cameras in the UK" thing was made up by one of the screaming right-wing tabloids a few years ago, by counting all the CCTV cameras in about a half-mile stretch of the main street of a fairly scummy part of London, and multiplying by the total length of all the roads in the UK. So, the figure is probably accurate *if* you assume that every single road in the UK has lots of off-licenses, bookmakers, cheque cashing centres, "we buy scrap gold" shops the like - but, it isn't. For the figures to be correct, you'd have to have something like one camera every 60 metres or so on *every single road* right down to farm tracks.
Most cities in the UK have no more CCTV than cities in the US - and if you think US cities don't have CCTV then I wonder what you think CCTV cameras look like...
48 hours before the law came into force, the ICO issued new guidelines at http://www.ico.gov.uk/news/blog/2012/updated-ico-advice-guidance-e-privacy-directive-eu-cookie-law.aspx which basically reads as "If the user's browser accepts cookies, then they agree to the cookies being stored". Making the whole things pretty moot. Why they waited until the "11th hour" to state the obvious is annoying...
Simple:
If it happens in the UK it can't be a "European" thing, since the UK barely belong to the EU. (Norway doesn't belong to the EU either by the way).
If it happens anywhere else in the EU, be it Hungary, Greece, France, Germany, Belgium or whatever, then it's either an European accomplishment or European shame.
Just remember very few people consider the UK as a full EU member and you'll understand better.
The regulations are not actually as crazy as this story makes them out to be. Here are the latest guidance notes from ICO:
http://www.ico.gov.uk/news/blog/2011/~/media/documents/library/Privacy_and_electronic/Practical_application/guidance_on_the_new_cookies_regulations.ashx (PDF)
Page 10 has a summary table with some examples of banned (ie. explicit permission required) and OK cookies:
They are not banning anything. They are requiring notifying user about tracking. Not the same thing.
If this means that every site just shows something like "We use cookies to give you best experience and provide relevant advertising. We also use few analytics scripts", people will simply start ignoring it just like they're clicking through EULAs now. After that, websites could even easily get people to consent to "... and also we'll watch you while you touch yourself. Here, we warned you" - most won't even notice.
You might like to Google the relationship between the European Court of Human Rights and the EU.
In the meantime, I'll give you a hint - the ECoHR is not an EU body.
You are talking rubbish. The UK is in Europe and a full member of the European Union. It is not a member of the Eurozone, which is limited to those countries which use the Euro as their currency. Britain is by no means alone in this regard within the EU.
The UK does NOT break EU laws with the sort of abandon that you suggest. For example, the problem with not being able to extradite Abu Qatada initiaily was caused as a result of the European Court of Human Rights saying that it would contravene European law if it went ahead. The UK then had to negotiate with Jordan for specific assurances that evidence obtained through torture would not be used in any legal proceedings taken in Jordan which is why, today, we are still waiting for the extradition to take place. There are numerous other European laws that the UK has had to implement by being a full member of the EU.
All, or perhaps I should more correctly say most, EU countries breach one or more EU laws when those laws clash with local culture, traditions or standards. Each EU nation is then responsible for fighting its own corner to explain why its position should be seen as the exception. For example, open air markets selling goods not meeting EU quality standards or access to many places for the disabled in France.
Cookies to do with security, checkout baskets etc. are largely exempt. The law is to control analytics cookies from advertisers, sites that remember users and so forth.
A bigger issue is this law is going to be hideously hard to enforce, there are plenty of edge cases to consider (such that the guidelines are 30 pages long) and at the end of the day it's not really doing much for the user. I think it would have been better to oblige EU sites under law to honour a "do not track" cookie sent by the browser with various levels of privacy control.