Something to look forward to: The annoying deluge of cookie consent banners may finally coming to an end. The European Commission has proposed a set of significant changes to its digital market rules, and "cookie fatigue" is reportedly one of the main issues lawmakers are keen to address sooner rather than later.
The European Commission outlined its plans to amend the ePrivacy Directive and make cookie consent less burdensome for the web industry a few months back. These plans are now officially part of the EC's "Digital Package" proposal, designed to simplify the rules governing Europe's digital market and foster innovation.
The Digital Package includes a "Digital Omnibus" section with updated data rules. Among other changes, the Commission aims to tackle the cookie banner fatigue that internet users have experienced for years, with countless pop-ups requesting consent every time someone visits a website.
The EC is acknowledging what the industry has long observed: cookie banners are often confusing, difficult to understand, and ubiquitous. Visitors frequently end up clicking whichever "consent" button is easiest just to access a page – hardly an informed choice about how their data will be used.
Under the proposed reforms, cookie consent would be simplified, allowing EU users to selectively choose which types of cookies are placed on their devices. Additionally, the Digital Omnibus rules would ease the burden on businesses and media companies by introducing a "whitelist" of permissible profiling activities, such as statistical analysis and aggregated audience tracking.
The Commission is also proposing that cookie rules, currently part of the ePrivacy Directive, be fully integrated into the GDPR and its stronger privacy protections. Users would ultimately be able to give or deny consent with a single click – "yes" or "no" – and websites would be required to honor that choice for at least six months. Noncompliance could result in fines of up to four percent of a company's global revenue under the GDPR.
Looking further ahead, the EU intends to go beyond this simplified consent model. Brussels envisions working with browser developers to centralize cookie consent management. Ideally, users would set their privacy preferences once in the browser, eliminating the need for each website to request permission separately.
The EC's Digital Package also includes amendments to the AI Act, the GDPR, and the Union's Business Wallet tools. These proposals represent significant changes to the regulation of Europe's digital market, though civil society representatives have warned of the risk of a potential rollback of digital rights previously granted to EU citizens.
The European Commission's proposal is now set to be reviewed by the European Parliament. If approved, the rules in the Digital Package will need to be ratified by each EU member state before taking effect.
Image credit: Colin Foo
Europe wants to kill the cookie pop-ups they created, for real this time
