Dear ICO. On behalf of web developers everywhere, what the frolicking duck?
As the body responsible for policing the infamous Cookie Law in the UK, you don’t exactly have a popular job, to be fair.
A year ago you graciously granted us an extra year to comply with the law, announcing your decision just 24 hours before the law came into effect. Last week, 24 hours before the really-we-mean-it-this-time law took hold, you changed it completely.
Any web developer who actually tried to comply with the law in either case has been royally and totally screwed, for no reason other than your blithering incompetence. Thanks for that.
Curiously – and don’t think we haven’t noticed – a lot of big sites, like the BBC, Guardian, BT, Channel 4 etc. all revealed solutions which comply with your revised guidelines just prior to you announcing it. We assume you’ve enjoyed long and comfortable consultation periods with all of them, which you decided to share with us one sunny Friday morning a day before it becomes law. You know – the same lazy day everyone is making their solutions live.
Now you might say you’ve already spoken out publicly about what a light touch you’ve been aiming for, which is true. However anyone who’s been following the law for the past year can agree on one thing – no one had a bloody clue what they were meant to do. Not the Wall St Journal, or The Guardian, or WebTrends, or Adobe, or half-a-bazillion web devs. We’ve been floundering in a wind of ignorance while the one body with the responsibly to clarify anything sat on their collective asses and changed their mind last minute.
Look at your own implementation of the law (pictured) for instance. You rightly state others might improve upon this, but surely it occurred to you to hire a web developer who didn’t just drop out of kindergarten to design a solution that would be seen as the template for an industry? Surely you realise your own solution reflects the hard-edged ‘explicit opt in’ nightmare most web devs fear, not the light-touch ‘implied opt in’ you ultimately allowed everyone else to use?
Like many small businesses we’ve spent weeks researching and engineering a solution to the law (we even made ours open source). We know web agencies that spoke to hundreds of their clients, explained the painful but necessary changes, implemented and charged them who feel like setting fire to a flag with your logo on it right now.
Your job is to communicate and enforce this law. I don’t envy your task, but the subtle derision I suspect we share for it is no excuse for not doing your job properly.
P.S. Sort your website out. Spelling errors are rife, links are broken, images are missing. The laughable 10 page survey you point to uses an expired SSL certificate. The whole frickin’ UK web industry is looking at your site, and you’re making us cry.
P.P.S. If you want to protest the law, there’s a website for that.