The European Parliament is to vote Nov. 13 on whether to make cookies illegal. But if cookies – the small files used as a type of bookmark by Internet browsers to store information about users and a user’s Web browsing patterns – are banned in the European Union, businesses in the U.K. alone stand to lose as much 187 million pounds ($432.9 million), according to a study published Thursday by the Interactive Advertising Bureau U.K. (IAB).
The ban on cookies is part of a bigger draft legislation package based on a report on data protection drafted by Italian MEP (Member of Parliament) Marco Cappato, which also seeks to deal with unsolicited commercial e-mail, commonly known as spam
According to the report, the second version of which was approved by the influential EU Citizens’ Freedoms and Rights, Justice and Home Affairs Committee on Oct. 22, the use of cookies by companies is an infringement on personal privacy and therefore a human rights violation under the European Convention for the Protection of Human Rights and Fundamental Freedoms.
“So-called cookies, spyware, Web bugs, hidden identifiers and other similar devices that enter the users’ terminal equipment without their explicit knowledge or explicit consent in order to gain access to information, to store hidden information or to trace the activities of the user may seriously intrude the privacy of these users. The use of such devices should therefore be prohibited unless the explicit, well-informed and freely given consent of the user concerned has been obtained,” the draft legislation reads.
Thousands of e-commerce sites use cookies to authenticate users or store private information and the IAB contends that such a move will keep users from engaging in any type of e-commerce. Users will become so frustrated at having to re-register or re-enter preferences every time they revisit a Web site, they will lose interest in e-commerce altogether, the nonprofit organization said in a statement.
Cookies, far from being a violation of privacy, actually protect users by ensuring they are genuine visitors to a site (as opposed to a person from another computer with a stolen password) and are used to legitimately authenticate and speed up a user’s identification and e-commerce transactions, the IAB said.
The European Parliament counters, in its report, that because cookies can be used to build consumer profiles on users by tracking a user’s surfing history, a company should have prior permission from that user before cookies can be enabled in an Internet browser.
Last May, the Seattle-based privacy right organization, Peacefire.org, urged users of Microsoft Corp.’s Internet Explorer browsers to turn off JavaScript because it could expose their cookie files and allow them to be intercepted and read by a potentially hostile third-party Web site.
Microsoft also uses cookies in its Passport e-commerce system, but contends that those cookies are encrypted and then deleted when you sign out of a Passport session. The software giant said it observes all regulations and that it has signed the European Union-U.S. Safe Harbor agreement, which allows firms to export personal data about their customers to the U.S. from Europe. The Safe Harbor agreement works under the EU data protection directive outlawing the transfer of personal data to countries.
The European Parliament, in Brussels, is at http://www.europa.eu.int/.
The European Commission is at http://europa.eu.int/.
The IAB, in London, is at http://www.iabuk.net/.