Why are cookies a nuisance in our lives?

Jan Čermák

​​Have you noticed that lately cookie consent bars have been popping up on almost every website you visit? Very annoying, isn’t it?

Does this mean that companies might finally be starting to take our privacy seriously? It’s certainly nice of them to always ask when they want to use cookies. But the reality is that website operators do not do this voluntarily, but because they have to.

New legislation

This is to say that new legislation came into force on 1 January 2022 which changes Act No. 127/2005 Coll., on electronic communications. This concerns a very extensive amendment with more than 400 changes. This amendment also led to changes to a number of other acts, such as the Roads Act, the Radio and Television Broadcasting Act, and others. All of the changes introduced by the amendment were adopted due to the implementation of the European Directive 2018/1972 into the Czech legal system, in the area of electronic communications.

Cookies then and now

This new act has a major impact on the use of cookies on websites. Even in the past, the website operator had to have the user’s consent to store cookies (according to the GDPR). However, it was assumed that the user primarily agrees to use of cookies unless they explicitly choose otherwise (the so-called opt-out principle). The option of refusing to allow use of cookies always had to be possible on the website.

But from 2022, the opposite applies to the use of cookies (the opt-in principle). The website operator must assume from the outset that the user does not primarily agree to cookies. And it therefore cannot use them to store data. Cookies can only be used on the website from the moment when the user has explicitly and actively expressed their consent. The only exception to this is constituted by basic technical cookies which are necessary for the functioning of the website and for provision of the service. The user’s prior consent is not required for this type of cookie. However, the condition still applies here that this concerns processing of personal data and the requirements of the GDPR must be met. And the website must inform the user about cookies.

What should the new cookie bar look like?

The cookie bar has been used for provision of consent for a long time, but it must now comply with new legislation. It is no longer enough to inform the user which cookies the website uses. It is no longer possible to have pre-ticked checkboxes to give consent. Consent cannot be re-expressed by using the site for which cookies are set.

The bar must have the prescribed properties and must not be aggressive or block web content. It must meet the following requirements:

• The user must actively opt-in to the use of cookies. Until then, use of cookies on the website is prohibited.

• The website must clearly and transparently inform the user which types of cookies it uses and what they are used for.

• The website only allows the user to check the consent box for certain types of cookies.

• The website must function without consent to use of cookies, it must not force consent.

• The user must be able to return to the cookie settings repeatedly and withdraw any consent which has been given.

What in fact are cookies?

All of you have probably experienced the situation when you are looking for accommodation or car rental for a holiday on the web. You surf websites, researching alternatives, availability and price. After a while you return to the best offer and heavens above ... You are surprised to see that the price of the service has suddenly increased!!

How is that possible? Yes, the cookies are to blame! Marketers assume that if you come back to an offer, you are genuinely interested in it, so they raise the price. This is an example of use of so-called marketing cookies, which we regularly come across on the web. And we don’t even know about it.

A cookie is a simple technology which is part of a website and web browser. Precisely put, it is a file on your computer’s hard drive. The website stores various information about your settings and your behaviour on the site. If you reconnect to the site after some time, the site will retrieve this information and can work with it to adjust the site to your previously set preferences.

This behaviour is where this technology gets its name. Cookies are offered by hosts in the Anglo-Saxon world to make their visitors feel at home.

Photos via Unsplash​.

Some cookies are useful to users because they make browsing the web more enjoyable. For example, the website will remember that you prefer “dark mode” and will always be displayed in dark colours for you. Other types of cookies allow us to track user behaviour and use this in advertising and marketing. This is the only real risk to the user if they turn cookies on - the imposition of content and targeted advertising. But it certainly won’t happen that the website won’t load, will be slow, or even infect you with a virus.

Three quarters of the population don’t know what cookies are used for

In April 2022, Avast commissioned performance of a public survey regarding cookies, which came up with some rather interesting findings. How did we do? Not very well in fact ...

Half of Czechs accept all cookies without thinking.

Most Czechs don’t know exactly what cookies are. Only a quarter of users (26%) know what this web technology is used for. When visiting a website , half of the Czech population automatically opts in tocollection and possible disclosure of all accessible information to third parties. This means that people “accept all” so to speak. Most often because they want to get to the website as quickly as possible (31%), the trust the website (20%) or they visit it repeatedly (18%). Some people (31% of respondents) even think that rejecting cookies will make it impossible to view the website at all. But as we already know, this should not happen thanks to the new act.

Another option is to reject cookies altogether, but only 9% of people do this, and these are mostly people who know something about cookies. Almost half (41%) of those who don’t know cookies don’t even know how to reject them. The internet population is clearly quite uneducated in this regard. For example, according to the survey, 29% of respondents believe that cookies slow down the website and 7% believe that they can even infect a website with a virus.

Based on the results of the survey, Avast decided to develop a public education campaign called The Man Who Allowed All. The face of the campaign is actor Martin Kraus and its aim is to explain to the Czech people how cookies work and how they are beneficial. But also how to protect your privacy online.

Cookie bar remover

So now we have learned that companies and website operators cannot work with cookies by default unless the user explicitly allows them to. So if you close the cookie bar using the “x” button, the website must behave as if you had rejected use of cookies. It must logically have the same result. Yet closing the bar is so annoying. If we reject cookies on a particular website, the website has no way to easily save this option (cookies are after all disabled) and the next time the website is loaded, the bar pops up again. How do we stop this happening?

There is a simple solution. You can install the I-DONT-CARE-ABOUT-COOKIES.EU​ plugin which can be installed in most web browsers (Chrome, Firefox, Opera and Edge). This will ensure that the browser does not display the cookie bar at all. And it works surprisingly well!