Over-cooking cookies

A committee in the US Senate is conducting hearings on privacy and data security with a view to addressing privacy concerns among all stakeholders. The Senate says that "the hearing will examine how entities collect, maintain, secure, and use personal information in today’s economy and whether consumers are adequately protected under current law (and) will hear from representatives from relevant government agencies as well as business and consumer advocate stakeholders."

The three bills doing the rounds in the Senate are those of Senators Kerry and McCain called Commercial Privacy Bill of Rights; Senators Rockefeller and  Pryor's Data Security and Breach Notification Act  and that of Senator Rockefeller's Do Not Track Online Act. While one senate proponent claimed that "consumers (need) to know what is being done with their information" another, a skeptic, wondered "whether the proposed legislation was a solution in search of a problem.

An instructive exercise while the US Senate seeks to "protect consumers in the modern world" will be an inquiry into the early (lack of) success of the UK's Privacy and Electronic Communications Regulations of 2011 which "provide that certain information must be given to a site's visitors and the user must give his or her consent to the placing of the cookies." The regulations provide that a website operator must not store information or gain access to information stored in the computer or any web-enabled device of a user unless the user "is provided with clear and comprehensive information about the purposes of the storage of, or access to, that information" and "has given his or her consent". 

A recent report indicates a disastrous start to an early adopter of the regulations by the UK's Information Commissioner's office. A freedom of information request (since it is a government agency) reveals that the agency has seen a 90 per cent drop in recorded traffic on its web site after an opt-in cookie policy was implemented. The website has an ominous warning to visitors that says "one of the cookies we use is essential for parts of the site to operate and has already been set. You may delete and block all cookies from this site, but parts of the site will not work. It is entirely unsurprising that a precipitous drop in traffic ensued. It is also unsurprising that reaction amongst some in Europe has been visceral with some calling the cookie rules "stupid".

The EU directive's impact on retailers and service providers like airlines and hotels could be devastating. Most businesses have nearly a year to fully implement the rules but it is not entirely unlikely that a reversal of sorts is sought as businesses and others find it financially unworkable. While there must be an attempt to stanch unscrupulous use of consumers' private data , the US must not follow the EU and UK's kooky attempts at controlling cookies.

Published by

Vijay Dandapani

Co-founder and president of a New York based hotel company for 24 years. Grew the firm to five hotels in Manhattan and also developed a greenfield project at MacArthur airport, New York. Speaker at numerous prestigious forums including Economy Hotels World Asia, Lodging Conference, NYU, Columbia University Real Estate Roundtable, Baruch College's Zicklin School and ALIS. President and ceo of New York City Hotel Association since January 2017.