Removal of cookie consent boxes

1 min read

The privacy campaigning group Open Rights Group (ORG) has warned that the UK government’s proposal to move to an ‘opt out’ model with regards to pop-up cookie consent boxes on websites will make it far easier to spy on web users.

At present users give their consent for websites to gather information about their browsing activities, but now the government wants to move to an ‘opt out’ model.

According to the Department for Digital, Culture, Media and Sport (DCMS) this would mean cookies can now be set without seeking consent, although websites will be required to ensure that clear information about how to opt out is made available to users.

However, the effect of this proposal could be that it simply makes spying on people’s activities the ‘default option’, according to the ORG and will enable organisations to build detailed and intrusive profiles without the need to require a user’s permission.

Part of the digital reform bill, the DCMS has said that the opt-out approach would only be adopted once the right technological and browser-based solutions become widely available.

The Data Reform Bill is the UK Government’s attempt to move away from Europe's General Data Protection Regulation (GDPR) legislation - most of which has been adopted into British law.

The GDPR is heavily focused on protecting individual privacy and data, but cookie consent is not covered.

The Data Reform Bill proposes a number of reforms, such as removing the requirement for SMEs to employ data-protection officers and conduct thorough impact assessments of data-gathering activities, but none of this will, according to the UK government, undermine the UK’s data-protection "gold standard".

TechUK, which worked with the government on the bill, has generally welcomed the reforms and suggests that they provide a clearer and more flexible systems that will help, “researchers, innovators, and smaller companies.”

However, at a time when personal data is being used in all sorts of ways should we be undermining data protection at all? I’m not sure that this bill is fit for purpose and as with so many pieces of legislation it’s not so much the bill itself that is of concern but rather the many likely unintended consequences that could arise.