Slashdot Mirror
UK "No Tracking Law" Now In Effect
Fluffeh writes "The British Gov might have more cameras up on street corners than just about anywhere else in the world, but it seems that the Gov doesn't want anyone else stepping on the privacy of their folks. In what the media have dubbed the 'Cookie Law' all operators of websites in Britain must notify users of the tracking that the website does. This doesn't only cover cookies, but all forms of tracking and analytics performed on visitors. While there are potential fines up up to 500,000 pounds (Over US$750,000) for websites not following these new rules, the BBC announced that very few websites are ready, even most of its own sites aren't up to speed — and amusingly even the governments own websites aren't ready."
While the British government might have implemented, the law comes from the EU.
It actually came in last year and websites were given a year grace to enable the features required.
Its that grace period which has expired, not that the law has now suddenly been introduced.
The British Gov might have more cameras up on street corners than just about anywhere else in the world
It doesn't, though. The whole "eleventy billion cameras in the UK" thing was made up by one of the screaming right-wing tabloids a few years ago, by counting all the CCTV cameras in about a half-mile stretch of the main street of a fairly scummy part of London, and multiplying by the total length of all the roads in the UK. So, the figure is probably accurate *if* you assume that every single road in the UK has lots of off-licenses, bookmakers, cheque cashing centres, "we buy scrap gold" shops the like - but, it isn't. For the figures to be correct, you'd have to have something like one camera every 60 metres or so on *every single road* right down to farm tracks.
Most cities in the UK have no more CCTV than cities in the US - and if you think US cities don't have CCTV then I wonder what you think CCTV cameras look like...
48 hours before the law came into force, the ICO issued new guidelines at http://www.ico.gov.uk/news/blog/2012/updated-ico-advice-guidance-e-privacy-directive-eu-cookie-law.aspx which basically reads as "If the user's browser accepts cookies, then they agree to the cookies being stored". Making the whole things pretty moot. Why they waited until the "11th hour" to state the obvious is annoying...
The regulations are not actually as crazy as this story makes them out to be. Here are the latest guidance notes from ICO:
http://www.ico.gov.uk/news/blog/2011/~/media/documents/library/Privacy_and_electronic/Practical_application/guidance_on_the_new_cookies_regulations.ashx (PDF)
Page 10 has a summary table with some examples of banned (ie. explicit permission required) and OK cookies:
They are not banning anything. They are requiring notifying user about tracking. Not the same thing.
If this means that every site just shows something like "We use cookies to give you best experience and provide relevant advertising. We also use few analytics scripts", people will simply start ignoring it just like they're clicking through EULAs now. After that, websites could even easily get people to consent to "... and also we'll watch you while you touch yourself. Here, we warned you" - most won't even notice.