Taming the Cookie Monster with Dutch Law - A Tale of Regulatory Failure

Forthcoming in CLSR, Vol. 31.2

Tilburg Law School Research Paper No. 10/2015

34 Pages Posted: 16 Mar 2015

See all articles by Ronald E. Leenes

Ronald E. Leenes

Tilburg Institute for Law, Technology, and Society; Tilburg Law School; Tilburg University

Eleni Kosta

Tilburg University - Tilburg Institute for Law, Technology, and Society (TILT); Tilburg Law School

Date Written: March 10, 2015

Abstract

Profiling the online behaviour of Internet users has become a defining feature of the Internet. Individual surfing behaviour is tracked by many enterprises for statistical purposes, but also for behavioural advertising and other personalisation services. Profiling implies the processing of personal data often facilitated by cookies and other markers placed on the terminal equipment of Internet users. The European rules for the regulation of cookies and similar technologies were modified in 2009 requiring prior consent of the user, in order to guarantee that the user has some control over the processing of their information. In 2013 the Netherlands introduced probably the strictest implementation of the European rules concerning the installation of cookies. However, in practice the new legal requirements resulted in neglect of the obligations regarding user information on the one hand and in the widespread deployment of annoying banners, popup screens and ‘cookie walls’ on the other. Not only the advertising industry, but also web publishers and even ordinary Internet users opposed the regulation. Furthermore, the regulation, certainly initially, did not lead to increased user control. These and other factors support the conclusion that the Dutch cookie regulation is a case of regulatory failure. This paper discusses the practices that were deployed in the Netherlands and assesses them based on a multi-site study that examined the practices of 100 Dutch websites with regard to the installation of cookies. It further reflects on the response of the Dutch regulator, who – under the pressure of industry and consumers outcry - amended the relevant provisions of the Dutch Telecommunications Act in 2014.

Keywords: cookies, cookies walls, profiling, targeted advertising, consent

Suggested Citation

Leenes, Ronald E. and Kosta, Eleni, Taming the Cookie Monster with Dutch Law - A Tale of Regulatory Failure (March 10, 2015). Forthcoming in CLSR, Vol. 31.2; Tilburg Law School Research Paper No. 10/2015. Available at SSRN: https://ssrn.com/abstract=2577233

Ronald E. Leenes (Contact Author)

Tilburg Institute for Law, Technology, and Society

NL-5000 LE Tilburg
Netherlands

Tilburg Law School ( email )

Tilburg, 5000 LE
Netherlands

Tilburg University ( email )

P.O. Box 90153
Tilburg, DC 5000 LE
Netherlands

Eleni Kosta

Tilburg University - Tilburg Institute for Law, Technology, and Society (TILT) ( email )

P.O.Box 90153
Prof. Cobbenhagenlaan 221
Tilburg, 5037
Netherlands

Tilburg Law School

Tilburg, 5000 LE
Netherlands

Register to save articles to
your library

Register

Paper statistics

Downloads
165
rank
176,444
Abstract Views
1,230
PlumX Metrics