The new law has been widely derided by anyone who knows anything about web technology. The EU were trying to protect privacy, particularly from cross domain tracking which allows an organisation to collect large quantities of data on people and use that data for commercial purposes. However the vast majority of cookies are used in very simple ways – for example a cookie (which is basically a text file) might just contain your username and password to help you log in to a website, or it might contain some preferences that you have set so that your favourite website is shown using the particular layout that you like.
A good example is our auto-login cookies log_u and log_p. Like many websites, we give people the option to “remember me” when logging in. When you do this, we set a cookie on your computer that contains your email address (log_u) and encrypted password (log_p). When you revisit our website we check for this cookie and use the data to log you in. Only our software can decode your password, so it is safe from preying eyes!
Over the coming weeks we will be thinking about how we can make the setting of cookies more explicit throughout our site, in a way that doesn’t inhibit the user experience. It’s quite a challenge.