UK Watchdogs Target Cookie Pop-ups, Amid Website Design Clampdown

Sick of cookie pop-ups? UK watchdogs warns firms to avoid harmful website design practices and singles out cookie consent pop-ups

Two UK watchdogs have issued a warning to leading websites and businesses to stop using harmful website designs that can trick consumers into giving up more of their personal data than they would like.

Last week the Information Commissioner’s Office (ICO) and Competition and Markets Authority (CMA) announced they will clampdown on harmful website designs.

The regulator singled out cookie consent banners as an example of where it will take action if it believes that consumers are being affected by harmful design.

laptop anger lost data crash © auremar Shutterstock

Painful cookie pop-ups

It comes as web browsing in the UK and Europe has become blighted by constant cookie pop-ups – some of which make it overly complicated to stop the websites from collecting personal data.

Cookie consent banners are in response to the EU’s General Data Protection Regulation (GDPR) data protection requirements, and are designed to give users a choice regarding the usage of cookies on a website.

But often rejecting data collection is too complex or lengthy.

Regulators have been warning websites about these for a while now.

In August 2021 the British government stated its intention to overhaul the UK’s privacy and data protection rules.

The UK digital secretary Oliver Dowden at the time warned he was seeking to end red tape and the bane for many web surfers at the moment, namely the highly annoying and frequent cookie pop-ups when a person is browsing multiple websites.

Then in September the ICO urged all its fellow data protection and privacy authorities in G7 countries to overhaul cookie consent pop-ups.

Bad design

Now the ICO and CMA said harmful website practices include “overly complicated privacy controls, default settings that give less control over personal information and bundling privacy choices together in ways that push consumers to share more data than they would otherwise wish to do.”

The regulators warned that where consumers lack effective control over how their data is collected and used, this can harm consumers and also weaken competition.

The regulators said these techniques encourage consumers to make decisions over their personal data as soon as they visit a website – from providing contact information in exchange for discounts, right through to giving up control over what advertising is targeted at them through accepting cookies.

Lack of consumer control over cookies is a common example of harmful design, the regulators stated.

The ICO said it will be assessing cookie banners of the most frequently used websites in the UK, and taking action where harmful design is affecting consumers.

“Some of these design practices are so subtle and have gone on for so long, you wouldn’t even realise you’re handing over your personal information until it’s too late – and it’s possible these techniques are embedded into thousands of websites across the UK,” noted Stephen Almond, executive director of regulatory risk at the ICO.

“These website design tricks can have real and negative impacts on consumers’ lives,” said Almond. “For example, if someone is recovering from a gambling problem, being steered to ‘accept all’ cookies can mean being continually bombarded with betting adverts, which could be incredibly harmful.”

“We want to make consumers aware of these potentially harmful techniques to help them protect their data online – and, if necessary, make informed choices about which websites they choose to frequent,” said Almond.

“Businesses should take note that if they deliberately and persistently choose to design their websites in an unfair and dishonest way, the ICO will not hesitate to take necessary enforcement action,” said Almond.

The ICO advice about website design and cookies can be found here.