Cookie pop-ups ‘fatigue’ a threat to privacy, warns UK data tsar

Jamie Harris, PA Science Technology Reporter

6 September 2021 at 7:01 pm·2-min read

A proposal to overhaul endless web cookie banners is to be put forward by the UK’s Information Commissioner to G7 counterparts on Tuesday.

Elizabeth Denham will suggest an idea that would allow people to set lasting privacy preferences within web browsers, software applications and device settings, rather than agreeing to pop-ups every time a website is visited.

Cookie pop-ups are used by organisations to secure consent – required under current EU laws – to store data when people use their websites, but the Commissioner says users are “tired” of the repetitive process and a smoother mechanism is needed.

Information Commissioner Elizabeth Denham said people ‘are tired of having to engage with so many cookie pop-ups’ (ICO/PA)

It comes after the Government recently proposed that post-Brexit data law reforms focus on “common sense, not box-ticking” to move away from EU rules, which Culture Secretary Oliver Dowden told the Daily Telegraph would end “pointless bureaucracy”.

Ms Denham said: “I often hear people say they are tired of having to engage with so many cookie pop-ups.

“That fatigue is leading to people giving more personal data than they would like.

“The cookie mechanism is also far from ideal for businesses and other organisations running websites, as it is costly and it can lead to poor user experience.

“While I expect businesses to comply with current laws, my office is encouraging international collaboration to bring practical solutions in this area.”

Ms Denham will raise the subject as she chairs a virtual meeting with leaders from the US, Canada, Japan, France, Germany and Italy, alongside the Organisation for Economic Cooperation and Development (OECD) and the World Economic Forum (WEF).

Each authority will suggest a specific technology or innovation issue on which they believe closer co-operation is needed.

The Information Commissioner’s Office said its idea is already technologically possible and is compliant with data protection law.

“There are nearly two billion websites out there taking account of the world’s privacy preferences,” Ms Denham said.

“No single country can tackle this issue alone. That is why I am calling on my G7 colleagues to use our convening power.

“Together we can engage with technology firms and standards organisations to develop a co-ordinated approach to this challenge.”