I set this company up last year, it's doing well too.  But I walked away - why?  Because the great tech we built solves a problem that companies and the regulators have swept the #cookielaw under the carpet, so the #privacy marketplace is as stolid and static as it ever was.  I got into that world because it was a good opportunity to make products that made corporate clients pay for the public right to know. It turns out your right to know is a bit uppity, and why should you care anyway right?  After all, no-one has complained before...

#Cookie  #Compliance , and the privacy issues it related to was an intriguing prospect, potentially a major shift in how we own our web data and how advertisers use it.  That kind of market disruption is always appealing to a tech entrepreneur... which is why I created the JV between my old agency and a tech company they knew.  And it's making money.  So why walk away?

Here's why: The cookie issue got fudged by the ICO and so now, cookie compliance tools (which make life a lot easier if you're managing the 1000s of cookies most websites deploy that track your data) are at best, a bit of back-office plug in kit which offer low returns if you can even be bothered to do it... and given the chances of an enforcement fine coming from the regulators is practically zero, the value of the compliance market isn't going to rise any time soon.

Unless you're a lawyer.  I spoke to one from a well known firm, who will remain nameless, that said he was keen to advise his clients on cookie policy, but couldn't see it ever being a big legal issue like accessing people's mobile phone contacts via an app or spamming people with unsolicited special offers from partners, the main fodder of internet privacy complaints.

So in reality, today, there's no cookie compliance.  There's a simple notion of 'implied consent' which means if you disclose the cookies you use, and why you use them in the small print (alongside the seldom read privacy policy pages or T&Cs) you're covered.  That was great news for website owners and advertisers who, on enforcement day May 26th 20112, with minimal disruption to their pages, put up small print disclaimers or temporary banner ads saying "we use cookies, and they help your web experience work better" and that's about it.

Meanwhile, the consumer still has no real transparency of what cookies are doing.  Some of them have lifespans that are longer than your hardware (60 years or more).  Many track your browsing habits and search data to ad agencies who use that to spam your web pages with ads for things you've already bought.  Ever wondered how every time you buy a hoodie off a website the next month every site is full of ads for hoodies? Cookies.

So what's the problem?  It's just ads, after all?  Well maybe, but here's the thing.  You're data helps those companies make money.  It helps the products they advertise make money.  It helps the advertisers make money.       It means that when you sign-in to a website, someone is tracking your behaviour and using it to create revenues without asking, and not the company who owns the website, someone you have never heard of.  There is no implied consent there, no opportunity to consent at all.  This is not like mining data out of social media posts, which you choose to make public, this is you surfing the web in private.  That's why it's a privacy issue.

Isn't that something we should be more transparent about in the tech business?  How can consumers have a fair chance to challenge or identify business practices they feel may be unethical unless they have the means to discover it?  Consumers have always been the vehicle that has challenged unfair and unethical business practices.  In the world of digital tech, they need help to do it because the tech is much more complex than demanding company records or making freedom of information requests.

It's not a soap box rant.  I'm sure food producers think it's silly to list every ingredient in a packet of jam too.  That analogy goes further.  Who cares if your coffee is fair trade?  Or a child lost their fingers for tuppence a week making your #Primark  hoodie.  Do you really worry that a chunk of virgin rainforest got axed last week to put more beef into your Big Mac? So what if a UK company is making weapons and selling them to oppressive regimes...  the unarguable fact is that every industry is regulated to disclose matters to the consumer, and this culture of disclosure is growing because it has public interest.  Disclosing how your data is being used is also in the public interest.  Ten years from now, Cookie compliance might just become the Fairtrade coffee equivalent of the digital economy.  That has value.

And let's face it, it's not all innocent. If you think you're surfing porn using that secret gmail account know one knows about... you're wrong.  Check out these guys connect the dots, they know precisely which account is related to you and what you're using it for.  Not a porn user?  OK, so consider that gmail account you use for family stuff (and Facebook etc.) and your work email. They can connect that too.  That's a link between your private and public life which you didn't want to be made, otherwise why have more than one email account?  How do they do it?  Cookies.

The commercial use of cookies may be perfectly innocent, simple business or more concerning.  I'm not judging that. But if you believe privacy legislation should have the teeth to empower you to decide who can access your data, the Cookie Law has failed.  And that's why I'm out of the cookie business, because ultimately, it's solving a problem that no-one really cares about... and they really should.
Shared publicly