In 2009, the European Union sought to regulate HTTP cookies—small text files are sent from a website and stored in a user’s web browser while the user is browsing that website—as part of their “e-Privacy” Directive, forcing all European websites to not only post their cookie policies, but also to seek the consent of each visiting user for the use of those cookies. This report finds that the total annual cost of this law is $2.3 billion dollars per year. This figure includes both compliance costs for European website operators and productivity costs. Given these costs and the law’s limited demonstrated benefits, European policymakers should abolish this largely symbolic “feel good” law for the sake of the European digital economy.
Several European Union and member state policymakers have begun looking at the cost-benefit analysis of this law a few years after its original implementation. As the European Union and its member states begin to revisit the e-Privacy directive, they should recognize that continuing to implement this cookie law is costly both to economic productivity and individual European websites. Furthermore, if the ICO’s experience is any sign of this law’s public mandate, it is unwanted in Europe as well. The European Union should act expeditiously to rollback this burdensome directive for the good of its digital economy and the ease of web surfing of its citizens.