Cookies were invented to make our lives easier. To help websites remember you and your preferences. Remember your login, your language preferences, your online shopping cart. However they also have conveniently been developed in ways that could track you. They record what you click, how long your scroll, and what you buy. This is where things take a turn regarding the European Union.
In 2002 the EU created the ePrivacy Directive, later reinforced by the GDPR (General Data Protection Regulation) in 2018. With the ePrivacy directives were created some standards of the cookie consent banners and it is also often referred to as the cookie law. However it’s a directive which means that any country in the EU can implement it in their own way.
The GDPR has a more global target : personnel data protection in general is given a set of rules regarding the processing, storing and transferring of personal data. Giving users rights to the correction and deletion of their data. It is a regulation not a directive so all EU countries have to comply with it.
The goal was noble: no more silent tracking and secret profiling, websites had to ask for consent.
In theory this was a revolution in the way the web would interact with each and every one. The EU wanted to show the world that privacy is a fundamental right, not a luxury. In practice, it created an entirely new user experience: Cookie fatigue
What I find very ironic is that the law that was meant to empower users has trained us to click faster without thinking. Cookie banners have become like pop-ups to most people. A real background noise that because it has stopped us in our train of thoughts has to be dismissed as soon as possible, in a second.
I have even noticed that in France especially on news outlets websites you can only choose to either buy a subscription to the newspaper or accept all cookies which means you will literally pay with your data?
That shows that real privacy control remains complicated.
What is next for the cookie scene though ?
The EU is preparing a new ePrivacy Regulation ( replace the old directive). It is meant to simplify consent rules and harmonize enforcement
It will also depend on the browser your are using for example Safari and Firefox block third- party cookies which can follow across several partner websites and keep collecting your data. Google is apparently thinking about doing the same.
What is striking is that we are trying to make cookies less threatening and data-vore by implementing rules but future of data profiling might be found in the backsliding of fingerprints use or Ai-driven profiling which would be as much if not more intrusive and dangerous for oneâs privacy if their information were to be stolen as it ofter happens theses days.
Your post reminded me of a video that I watched a couple years ago where in the street interview format people were asked if they allowed cookies while entering websites. It turned out that many of them thought that if they didnât âaccept allâ they wouldnât be able to access the website, showing that it is not only lack of awareness of what the cookies actually do but also as you mention a sort of pop-up window that everyone just rushes to close. Since the âaccept allâ option is usually purposely made the most visible, many people end up using that option and selling their data which again points to the fact that while being in the digital space, we have to be mindful of our decisions to remain in the control of our privacy.
I have to admit that up to only a few years ago, I accepted all cookies. I did not know what they were, and I did not notice any clear difference in how I could or could not use a website, so I figured that by accepting, the website might work better than by declining. Over the years, more and more people talked about how they delete cookies if they accidentally accept them, and they try to never accept them at all. This made me look into it more. Do you happen to know why they are called cookies? I think that the name also makes it easier to accept for people who don’t really know what it means, because who doesn’t like a cookie??
Iâve rejected cookies even though I hardly knew what the cookies were or what they did. I subconsciously reject them because I’m afraid my personal information might be leaked. After reading your blog, I realize that it can also be dangerous to reject them without reasons. The important thing is that we try to understand what cookies do and which aspects are helpful and risky for us.