Considerations around the UK’s plan to scrap cookie consent

Matt Lacey
Matt Lacey
Director of Data, CRO & Insights
Length
9 min read
Date
27 July 2022

Digital privacy concerns have continued to grow since the introduction of GDPR in Europe. And with the demise of cookies being on the radar for quite some time now, businesses have been preparing to navigate the cookieless world. And in a recent survey, 69% of marketers believe it is important to collect first-party data for their strategies and campaigns.

But is all that set to change in the UK? The government recently shared plans to reform local data protection law, including the requirement for website cookie consent that could see us say farewell to the notorious cookie banner. 

Here we explore the current state of the landscape as well as the implications for businesses and consumers. And we answer the all important question: does it really matter? 

The cookie banner

Businesses collect cookie consent for a wide range of purposes from advertising to functional widgets, which is then shared with multiple vendors to help deliver more personalised marketing. Cookie banners are used to gain this consent from consumers, and ultimately their usage reduces the volume of data at companies disposal; which goes some way to explain why banner formats vary quite substantially from site to site, with businesses often erring on the side of vagueness to encourage users to consent.

The most transparent versions include a clear opt-out button. But the format has a big impact on performance, with those leading with a ‘disagree’ button achieving an average positive consent rate of 76%, versus 96% of those that don’t provide the option to disagree. So those that are less transparent are getting a higher acceptance rate, which could (arguably) be down to poor user experience, as users often want to remove the cookie banner as quickly as possible. But this option will soon be phased out as countries tighten up their privacy laws due to its lack of transparency. 

Do you, as a consumer, actually understand what you’re consenting to when faced with a cookie banner? Do you click the most prominent button to just get rid of the box? If so, you certainly won’t be the only one! 

Generally speaking, cookie banners provide a poor user experience for consumers. Not only are they an extra step in the consumer’s journey, they’re not always the best looking things and to top it off, we’re not really that sure what we’re giving consent to. 

The proposals

The UK government has stated their plans to reform local data law, which could mean scrapping cookie banners, moving to an opt-out model. 

The Department for Digital, Culture, Media and Sport (DCMS) said: “In the future, the government intends to move to an opt-out model of consent for cookies placed by websites. This would mean cookies could be set without seeking consent, but the website must give the web user clear information about how to opt out.”

But this potential change hasn’t been welcomed with open arms, there’s been uproar from privacy campaign groups. Privacy and free speech campaigners, Open Rights Group (ORG), said the government’s proposal would make spying on users’ activities the “default option”.

To date, the government has presented two concrete proposals as well as a more radical proposal for reform to make the consent rules less restrictive: 

01 – ‘Strictly necessary’ cookies
Organisations would be able to use analytics cookies and similar technologies without the user’s consent. The cookies would be treated as ‘strictly necessary’ cookies under the current legislation for which consent is not required. 

DCMS said: “However, further safeguards may need to be considered to ensure that such processing poses a low impact on users’ privacy and a low risk of harm. This option would not remove the requirement on organisations to provide the user with clear and comprehensive information about the measurement technologies that are active on their device and the purposes behind the use of the technology.”

02 – ‘Other limited purposes’ cookies
The government is also considering allowing the use of cookies without consent for ‘other limited purposes’, with DCMS stating: “This could include processing that is necessary for the legitimate interests of the data controllers where the impact on the privacy of the individual is likely to be minimal – such as when detecting technical faults or enabling use of video or other enhanced functionality on websites.”

03 – Complete removal of cookie consent
Radical proposals to remove cookie consent requirements completely were also outlined. For organisations, it would mean complying with Privacy and Electronic Communications Regulations (PECR) would be more straightforward, however they would still be required to comply with UK GDPR principles. The government has asked for views on how organisations could comply without the use of cookie banners.

It’s important to note that any UK business that still operates in the EU would still have to comply with GDPR in those territories. Rather than making consent management simpler, there may be some added levels of complexity to configure this correctly. 

If you only operate inside the UK and are considering investing time/effort in a new consent management platform, it may be sensible to hold fire for now until we have some clearer answers on what the final policy will be. 

Transparency is key

When it comes to collecting data, a big issue is transparency. 94% of consumers feel it’s important to have control over the information they share with companies and how it’s used, so businesses need to be open and honest about the data they are collecting in order to build trust with users. Plus, 77% of consumers report that transparency practices have an impact on their purchase decisions, adding more fuel to the fire. 

Not only does being transparent benefit consumers, but also brands. 87% of marketers feel that direct consent from consumers would improve the consumer’s perception of the brand and 85% believe that trust and transparency will have a correlation with ROI on ad spend. It’s a win-win. 

GDPR delivered a massive step forward in privacy rights for individuals at the expense of big business, but the implementation is often clunky and provides challenges to how businesses operate. 

In Europe, 86% of websites already have a consent management platform (CMP) versus only 33% in America, a move that was hugely driven by GDPR, so why go backwards now? 

We believe adopting a CMP is good practice. And although consent banners aren’t perfect, you are putting your web user first by giving them the power. But let’s make sure we’re being upfront and honest with consumers about why we’re collecting their data and what our intentions are with it. 

The government’s proposals seem to suggest that they want to redress the balance and remove some of the friction that cookie consent causes. It could also be a way of distancing itself from EU policy. The EU is considering loosening rules around cookie consent, but the UK is looking to do something more radical. 

A future without cookies

This potential change could benefit businesses by giving them more access to data; but whether this will be the level of insight required is yet to be determined, depending on the proposal that goes ahead. 

However, as we edge more to a future without cookies, the big question is whether businesses will even be able to apply the data they get? And, should they even be relying on cookies? 

There’s no doubt about it, third party cookies are being phased out. Apple and Mozilla have already blocked cookies on their browsers. And, despite yet another delay, Google will be following suit in 2024. A cookieless world is rapidly on its way, reinforcing the value and need for first-party data. 

Luckily, many businesses have already started taking great strides with their first-party data strategies, but it’s now time to accelerate. By harnessing first-party data, businesses can get an understanding of their customers in real time, allowing them to develop a full customer profile, and use that data to provide customers with a personalised experience; which has become an expectation amongst consumers.

Having the right technologies in place will help businesses prepare for a future without cookies. Many brands are seeing the benefits of implementing customer data platforms (CDPs) to gain a better understanding of their customers and their journeys. A CDP gives them the ability to aggregate and analyse customer data from a variety of sources such as the CRM, email marketing, social media, websites and more in real-time.

Regardless of which proposal the UK government goes ahead with, businesses need to be ready to navigate a cookieless world. Marketers became too complacent with the reliance on cookies to help inform their marketing activity, which can often be impersonal. 

Providing consumers with hyper-personalised experiences that they keep coming back for can’t be done with cookies alone. Building a strong first-party data strategy with a clear value exchange will only lead to improved customer experiences and in turn hopefully a better return on investment.

And let’s be honest, there will always be new trends, emerging tech and changes to laws to abide by that will disrupt the future of marketing. So planning for a world with less reliance on external factors will only be beneficial. 

Explore how you can navigate the cookieless world further in our free download

More Insights?

View all Insights

Questions?

Director of Data, CRO & Insights

Matt Lacey