Proposals to scrap pop-up cookie consent boxes on websites will make it easier to spy on web users, a privacy campaign group has warned.
Cookie banners are a common feature for web users, who are asked to give their consent for websites as well as marketing and advertising businesses to gather information about their browsing activity. Ministers announced proposals on Friday to move to an “opt-out” model for cookie consent.
“In the future, the government intends to move to an opt-out model of consent for cookies placed by websites,” said the Department for Digital, Culture, Media and Sport (DCMS). “This would mean cookies could be set without seeking consent, but the website must give the web user clear information about how to opt out.”
Open Rights Group (ORG), which campaigns for privacy and free speech online, said the proposal would make spying on people’s activities the “default option”.
“Cookies are used to link activities across websites and build detailed and intrusive profiles of what you do, read and watch online,” said Mariano delli Santi, legal and policy officer at ORG. “The UK government propose to make online spying the default option … Cookie banners are annoying, but there are good reasons someone should ask your permission before building detailed dossiers about you.”
The cookie changes will be part of the digital reform bill announced in the Queen’s speech last month. The bill also proposes raising the potential fine for rogue cold callers from the current maximum of £500,000 to £17.5m, as well as changing the governance structure of the UK’s independent data watchdog.
The DCMS added in a government response to a consultation on the reform bill that in the short term it will allow cookies to be placed on a user’s device without explicit consent, for a “small number of other non-intrusive purposes”. However, the DCMS said it had noted respondents’ concerns about privacy and control over their personal data. It added that the opt-out approach would only be adopted once the right technological and browser-based solutions become widely available.
A cookie is a text file that a website drops into a person’s browser. So-called first party cookies record basic information about the visit, such as whether the user has logged on to a specific site before, which can allow websites to save usernames and passwords.
Third party cookies allow commercial entities, such as marketing and advertising businesses, to store information including browsing history and location. Third party cookies, through agreements with multiple publishers and websites, are able to create a profile of individual users and serve targeted adverts across multiple websites. However, they are being phased out. Apple and Mozilla have blocked third party cookies on their Safari and Firefox browsers and Google is doing the same on Chrome by 2023.