If you've not heard of the EU cookie law before, then its not surprising. Back in 2012 when the EU Directive came into force, few websites were prepared for it and many companies were in a panic about being prosecuted. Back then, my advice was 'do nothing' - here's the original article I wrote on the EU directive: http://www.mykeblack.com/blog/internet-law/eu-cookie-directive .
Since April 2012, the Information Commisioners Office (ICO) has received a total of 1066 complaints and written to a measly 275 companies. In the last quarter of 2014, only 43 complaints were made:
In the same period, there were 43,423 complaints about unwanted marketing communications.
The ICO do not really take many of these complaints seriously. Many of these complaints dont relate to cookies at all. The ICO states that
"many of the concerns we received about cookies did not relate to individual sites or provide any information about specific instances of non-compliance",
Their response seems to be to just make a tokenistic measure to write a letter to a tiny number of sites which they believe may not be compliant. Their stance on it is summed up as follows:
Our approach is to focus on sites that are doing nothing to raise awareness of cookies, or get their users’ consent, particularly those visited most in the UK. However, we have maintained a consumer threat level of ‘low’ in this area due to the very low levels of concerns reported by members of the public.
So if you are thinking of putting an annoying and intrusive banner (or even worse - a popover), on your website then think again. People get annoyed with intrusive banners, and in some cases cookie notifications can harm a website's accessibility.
I would argue that the cookie directive is ineffective and a complete waste of time. Therefore I think we should end enforcement of the rule, and free up the ICO to tackle more important issues like nuisance marketing phone calls or stolen personal data. Take the stupid cookie banners like the one shown below off our websites...