The answer to the world, the universe and everything is not 42, Europe says it is 27 - at the moment
With 27 countries in the European Union there are, unsurprisingly, 27 different interpretations of Europe's new e-privacy rules. The layer of complication is added as the e-privacy law has been issued as a directive, a form of legislation that lets every E.U. country fashion its own domestic law, as long as they honour the spirit of the directive. The result is that Europe's internet privacy regulations are a quagmire, aggravated by the E.U. taking a hard line with cookies by requiring opt-in consent for every website, making it difficult to put the new rules into practice. The E.U. directive on online privacy was supposed to become law in each country by May 2011, but in March 2012 that's only happened in 11 of the 27 countries. Some of the biggest, like Germany, Spain, and Italy, are still missing. (Luxembourg, however, is in!) The U.K. and France have taken a pragmatic approach, interpreting consent if consumers don't opt out, even if that isn't exactly what the E.U. directive says. In the Netherlands, however, a populist right-wing party is pushing very restrictive rules that are likely to pass on March 6, and Germany is likely to be similarly hard line in its approach.
A fundamental question being addressed differently by our various cultures is not whether the placement of a cookie requires consent but what is consent and who can grant it ? This question could also read for privacy and identity.
‘Consent’ has been interpreted, it’s OK for a company to create a pre-ticked box in a ream of small print, provide some explanation somewhere that it’s possible to untick, and ‘consent’ is deemed to have been given.