Brussels Moves to Streamline Cookie Consent Rules
The European Commission is preparing a major overhaul of the controversial e-Privacy Directive that has filled websites with cookie consent banners since 2009. The move aims to reduce regulatory burdens while maintaining privacy protections for European citizens.
Cookies, the small text files that websites store on users' devices, serve essential functions like remembering login credentials and shopping cart items. However, the 2009 amendment requiring explicit consent for non-essential cookies has created what many consider an internet nuisance.
Industry and Privacy Advocates Clash
The Commission's proposal, expected in December 2025 as part of an "omnibus" deregulation package, would allow users to set cookie preferences once in their browser settings rather than encountering pop-ups on every website visit. Denmark, currently holding the EU presidency, has suggested eliminating consent requirements for "harmless" cookies used for basic functionality or simple statistics.
"Too much consent basically kills consent. People are used to giving consent for everything, so they might stop reading things in as much detail," said Peter Craddock, data lawyer with Keller and Heckman.
Industry groups advocate moving cookie regulation under the GDPR's more flexible "risk-based approach," while privacy advocates warn against weakening protections. "Focusing on cookies is like rearranging deckchairs on the Titanic, the ship being surveillance advertising," said Itxaso Domínguez de Olazábal, policy adviser at European Digital Rights.
Background and Future Legislation
The e-Privacy Directive was originally adopted in 2002 and amended in 2009 to address emerging digital privacy concerns. A 2017 proposal for an e-Privacy Regulation was withdrawn in February 2025 after years of debate. The upcoming Digital Fairness Act in 2026 will further address online advertising practices.
Sources: POLITICO Europe, Wikipedia