The stupid EU cookie law in 2½ minutes [VIDEO]

Avatar image Oliver Emberton
Posted on May 31, 2011
20 responses

We’ve just put together a video which explains the laughable new EU cookie law in two and a half minutes.


More on the cookie law

Video transcript

Ok so most European websites just became illegal due to a new law on cookies. If you’re in Europe, your website is probably breaking the law right now.

A cookie is a really common technology for remembering who you are between webpages. They allow things like login, preferences, tracking visitors and ads that remember who you are and target stuff at you. Almost every website uses cookies and has done for years.

The new law requires all websites to ask their visitors for permission to use cookies, say with a popup like this.

Because nearly all websites use cookies, this could mean a lot of popups.

The law does allow an exception for some “strictly necessary” cookies. It doesn’t allow cookies for measuring visitors to your website or advertising.  If you haven’t noticed, most stuff on the Internet is free and most of that is paid for by targeted ads.

The law is meant to help protect people’s privacy, but it comes over pretty heavy handed. It’s like banning all music to prevent another Justin Bieber album.

So – what happened?

Back in 2009 the EU issued a Directive banning the use of cookies without prior consent.

A Directive isn’t a law but forces the member states to create their own laws; these were due by May 2011. Only 3 of the 27 countries met the deadline: Denmark, Estonia, and the UK which only sort-of-half met it.

The UK realised no-one was ready and on the day the law came out said they wouldn’t prosecute anyone for another year, which did a lot for the blood pressure of panicked website owners everywhere. But it is still law and anyone in the EU will eventually have to meet it.

There are only three things websites can do:

  1. Ignore the law
  2. Stop using cookies
  3. Ask for permission

If you ignore the law, chances are you won’t get sued first. That’s not sound legal advice, but it’s true. We expect most people will try to ignore the law as long as possible.

You could stop using cookies. This isn’t as easy as it sounds, because most web technology uses cookies everywhere. So even if you want to, you probably can’t turn them off yet, at least until new software comes out.

Or you could start asking for permission. If you want to keep on using cookies, you’re going to have to. And that means getting in people’s way.

One option is a popup, which were once so popular that every major browser blocks them automatically.

Slightly better: an accordion, which slides down from the top of the screen like this.

For a real example take a look at the ICO – they’re the body responsible for the new law in the UK. This – thing – appears at the top of every page, and won’t go away until you accept their cookies. Worst of all, the long question they ask assumes that visitors know what a cookie is – when surely the law is designed to protect those who don’t – and is doesn’t actually say what their own cookies do, which is track their own visitors.

So essentially the body responsible for telling us what to do has given us a fine example of what not to do on their own website.

In conclusion:

  • The law is here
  • It probably won’t kill you (yet)
  • Solutions are painful but necessary

Or you could just move to another country.

I’m Oliver from Silktide, I hope you found this useful, please subscribe for more videos like this one.

Watch quick video tour of Sitebeam

Test your website with

or see prices & plans

  • Pingback: Cookie law makes most UK websites illegal: what you need to know

  • Pingback: The stupid EU cookie law in 2.48 min.

  • ripzay

    Brilliant Video – here from your tweet.

    our free plugin is being downloaded but i’ve yet to see anyone using it, maybe everyone is taking your option one and ignoring the law… for now :P

  • http://www.facebook.com/milosisforlovers Andreas Belivanakis

    We *must* all ignore this law to either make it go away, or force the politicians to repel it. Compliance is capitulation to increased government intervention. The future of the internet is at stake here.

  • Simon

    Great video – nicely explained!

    Is it wrong to use the Ostrich tactic with this law and hope it just goes away???

    • http://www.facebook.com/drball David Ball

      I don’t think we can ignore it, but it’s worth waiting to see if a sensible solution presents itself. There’s some possible solutions listed here: http://www.silktide.com/cookielaw/solutions

  • Twenty Six point Two

    Thinking forward, won’t HTML5 “web storage” solve the issue? http://davidwalsh.name/html5-storage Obviously this does nothing for sites which are live now, but could be the answer to cookie-less websites in the future.

    • http://www.facebook.com/oliver.emberton Oliver Emberton

      Sadly no – the law specifically states that all similar technologies are covered too (see http://blog.silktide.com/2011/05/cookie-law-makes-most-uk-websites-illegal-what-you-need-to-know/ and scroll down to “What about similar technologies to cookies?”)

  • http://twitter.com/nebrekab nebrekab

    Like the video. Nice summary.

    I read on the BBC (http://www.bbc.co.uk/news/technology-13345545) that it only effect local cookies:

    “Behavioural advertising is a burgeoning industry for advertisers and, potentially, a very lucrative one.

    But it relies heavily on being able to track online behaviour via cookies – small text files placed on a user’s computer.”

    Is this correct or does this also effect storing user data in server-side cookies? I think that he move to local db storage is the way to go and that this law is nuts to ask the user each time for permission.

    If totally necessary, could they not just make it a browser preference that you set on first run of the browser?

    • James

      Unfortunately, the law is worded such that you can’t get out of it by using Local DB storage – it states something like ‘Cookies or equivalent technologies’ – so you can’t just trick it by using alternate technologies.

  • Tomparkes1993

    if i use a US based server farm but im in the uk, do i still have to comply with the new cookie laws?

    • http://www.facebook.com/drball David Ball

      Yes, if your audience or customers are within the UK apparently you still have to comply with the law – even if you’re not based in the UK. I’ve got no idea how they’re going to enforce that law though!

      • http://www.facebook.com/people/Steve-Masters/588377337 Steve Masters

        I feel sorry for website owners whose websites are actually run using services like Ebay and Amazon Webstore. Good luck to them in getting those companies to plug things in.

  • http://twitter.com/silktide Silktide

    We’ve just collected all the information about this law you need to know and put ot together into this definitive guide and eBook, have a look here: http://www.silktide.com/cookielaw

  • Pingback: Oh, the EU and their crazy cookie laws… | Pirate the Internet

  • Pingback: The EU cookie directive: How to be a smart cookie – Stream20 News

  • Pingback: Your website, now illegal: how to comply with the EU Cookie Law | Interhacktives

  • http://www.facebook.com/people/Steve-Masters/588377337 Steve Masters

    Excellent work on this video. I have shared it on Facebook and Google Plus. You might also be interested to note that the European Commission website is still not compliant with its own rules. http://www.dotponto.com/why-does-the-eu-not-comply-with-its-own-cookie-law/

  • Pingback: Dear ICO: This Is Why Web Developers Hate You – A response | Hoinick

  • Pingback: Cookie law makes most UK websites illegal: what you need to know | Silktide blog