The UK is just starting to enforce EU’s cookie consent law. Visit the FT for the first time in a while and you’ll see:
The notion of a Personal API isn’t new. In fact, we’ve all defined some parts of our personal API on Facebook. Facebook application install dialogue boxes prompt us to evaluate the cost-benefit of data sharing. Although results vary widely across applications, these kinds of prompts curtail user adoption to the chagrin of developers. After Facebook increased the granularity of permissions on these boxes last year, some developers observed a 20% decline in user installs.
As a result of this fraying trust, web businesses must refine a new core competency: convincing users to share their user data before experiencing an application. Part of the challenge is marketing a product’s allure. But this is the simpler problem.
Update: the EU changed the bill immediately before it was signed into law to allow implied consent. By visiting the site, a user accepts data use.
Consumer education presents the more significant challenge. Most consumers don’t understand the mechanisms or implications of data sharing.
First there is technology complexity. There are several flavors of cookie: browser sessions, true cookies, HTML5 local storage and mobile application local data store. Cookie consent restrictions are applied unevenly across these storage alternatives. Consumers need to be educated on the technical details of these alternatives.
Second, consumers will have to decide which data and how much data to share at the point they arrive on the website. Like a Facebook application install dialog box, these cookie dialogs force a consumer to think about the cost/benefit: how much data am I trading for how much gain? It’s a significant cognitive load. Websites must articulate the additional value of user cookies on a user’s very first page view of every session.
Third, consumers may need tools to manage their data across the web, the kinds of tools that Facebook, Google and Twitter have already implemented. These tools keep a list of applications accessing user data and allow consumers to revoke access to a given application at any time.
The notion of a personal API is inevitable. Both consumer demand and in some geographies, government regulation, is driving the web towards such a structure. Startups and web businesses' marketing is about to change significantly.