UK to ask G7 for privacy overhaul targeting online tracking requests
Internet privacy updates
Sign up to myFT Daily Digest to be the first to know about Internet privacy news.
The UK will launch a fresh push to bolster online privacy this week by seeking to persuade G7 countries to crack down on internet tracking via “cookies”.
Elizabeth Denham, the UK’s data protection watchdog, said she would lobby other G7 regulators to put an end to cookie pop-ups that ask internet users to consent to be tracked for advertising purposes.
The cookies are required by UK and EU law, but Denham is recommending a less intrusive alternative system in which people set their privacy preferences a single time in their browser.
Cookies are pieces of code planted by websites in a user’s browser, such as Chrome or Safari, to track which other websites they visit and help advertisers target personalised advertising.
Denham said: “I often hear people say they are tired of having to engage with so many cookie pop-ups. That fatigue is leading to people giving more personal data than they would like.”
“There are nearly two billion websites out there taking account of the world’s privacy preferences. No single country can tackle this issue alone. That is why I am calling on my G7 colleagues to use our convening power.”
Although cookies are a mainstay of the online advertising industry, they are already being phased out by some large tech companies because of privacy concerns: Apple’s Safari browser and Mozilla’s Firefox already block them by default, and Google plans to phase out support for them over the next few years.
The UK regulator, known as the Information Commissioner’s Office, said that if people had to set their preferences in their browser, they might consider their options more carefully.
This approach is already “technologically possible and compliant with data protection law”, according to the ICO, but companies have been reluctant to adopt it. Creating an international coalition with the US, Germany, Japan and others would apply further pressure on technology firms and others to redesign the way the web works, the ICO said.
“The digital world brings international opportunities and challenges, but these are currently being addressed by a series of domestic solutions. We need to consider how the work of governments and regulators can be better knitted together, to keep people’s trust in data driven innovation,” Denham said.
Experts said the solution was sensible, but would be difficult to implement.
“The principle is a mind bogglingly obvious way to go. Just like we had Do Not Call in the UK, where you put your name on a register and reputable businesses had to consult it and stop calling you, this would be a Do Not Track,” said Lilian Edwards, law professor at Newcastle University and an expert in internet law. “But, industry has been very resistant to it. You would have to put an obligation on websites to check the Do Not Track list.”
The ICO said it had not yet contacted any tech firms about its plans to remove the need for cookie notices. Google, which also owns the Chrome browser, declined to comment.
The ICO’s recommendations came as the UK government announced proposed reforms to its future data laws, which it said would diverge from GDPR in the future. The UK’s culture secretary, Oliver Dowden, also took aim at cookie notices in particular, calling them “pointless”.