They introduced an ad service called phorm (without asking anyones permission) it tracked all your online activity and then removed the regular ads from pages its ISP served and replaced them with ads that would be interesting to you based on your browsing history.
It got into trouble when it removed ads for charities and placed porn ads in childrens sites.
Because it worked at the ISP level, clearing your history or cookies had no effect. They then introduced a cookie to allow you to opt out and claimed that by deleting this cookie you had volunteered to opt in!
The Eu investigation ruled that it broke wiretap laws but the UK refused to prosecute (BT is privatized but is almost a monopoly and has strong links to government)
Indeed, and part of the job of an exceptionally good developer is to avoid having the masses have to know about things they shouldn't need to know about. Don't laugh at people's ignorance when the whole point of User Interface/Experience Design is to ensure that people don't have to know how things work.
EDIT: coverdude in his/her reply to my comment makes an important point that I missed - it's not the masses being laughed at, it's the "journalist." Yes, point taken, the author really, really ought to know better.
I laugh at this author's ignorance because cookies have been small innocuous pieces of text for the last decade and a half. No one could have clued this guy in? He writes for the Wall Street Journal for Pete's sake.
The article is wrong. The actual new law states :-
Where it is technically possible and effective, in accordance with the relevant provisions of Directive 95/46/EC, the user's consent to processing may be expressed by using the appropriate settings of a browser or other application.
Browsers already approve all cookies based on the user's wishes. A website can only send you a cookie and hope you send it back--it's completely up to the user if they want to return the cookie. Not to mention you'll have to set a cookie when someone says they don't want any cookies. What a mess.
"Where it is technically possible and effective, in accordance with the relevant provisions of Directive 95/46/EC, the user's consent to processing may be expressed by using the appropriate settings of a browser or other application."
Looks like there won't be much of a change for HTTP cookies, as browsers already do this.
While it would be great if Adobe would work with browser makers to have Flash honor HTTP cookie settings, you can certainly tell Flash to ask you if you'd like to store data.
Apparently the trend of legislators voting for things that sounded good but that they didn't understand in the least has remained in changed for at least the past 112 years.
Wow, people here seem really upset about this. I personally think it's great. Disabling cookies in my browser is like throwing the baby out with the bathwater. In addition to not being tracked by ads, I can't manage my bank account online or log into Hacker News. Not fair. This law makes it a requirement for me to be able to opt out of ad tracking, but still be able to log into websites ("essential purposes").
This should not impact ad revenue either; the content site simply says "by proceeding past this page, you consent to being tracked across the entire Internet by our advertisers and anyone they feel like selling your browsing habits to". Then the user can choose between privacy and your content. Most will choose the content, judging from grocery store "preferred customer" programs, and so on.
It's important that regular users be able to easily opt out of cross-site tracking like Google Analytics; as many people would be outraged by the data it collects, if only they knew such a thing was possible. Now they know, because you have to tell them what you're doing. I think that's a good thing.
So they want web developers to create an opt-out option on each web site? That's completely redundant. The people who don't care are going to ignore the option (or click ok on the popups if it comes to that), and the people who do care probably already have their browsers asking them whether or not to store cookies from a given site.
I hate to say it but doesn't this make print advertising all of a sudden far more relevant again? Is there any possibility that this was helped along by gentle lobbying from the newspaper industry?
Well, it at least puts on-line advertising on the same footing as print advertising, analytics wise. No more highly targeted advertising, no more avoiding showing the same ad to the same user multiple times, no more being able to tell who looked at your ad or why or where they came from, no more being able to determine how qualified ad traffic is. So really, it's a significant step backward.
Don't mistake the journalist's writeup with the actual law, and perhaps think about restraining your knee-jerk 'EU is awful' and 'bureaucrats are clueless'. Privacy laws in the EU are much stricter than in the US, and a good thing too. I've been reading the same kind of comments about the Microsoft anti-trust decision, and when I looked into it I got a good appreciation for the thinking behind it. But it took some more effort than just jumping to conclusions about stupid officials in their ivory towers.
They introduced an ad service called phorm (without asking anyones permission) it tracked all your online activity and then removed the regular ads from pages its ISP served and replaced them with ads that would be interesting to you based on your browsing history. It got into trouble when it removed ads for charities and placed porn ads in childrens sites.
Because it worked at the ISP level, clearing your history or cookies had no effect. They then introduced a cookie to allow you to opt out and claimed that by deleting this cookie you had volunteered to opt in!
The Eu investigation ruled that it broke wiretap laws but the UK refused to prosecute (BT is privatized but is almost a monopoly and has strong links to government)