The cookie law, that requires consent to store information on websites users, will be enforced from this weekend, when the deadline for compliance with the law, introduced a year ago, expires.
In April, information commissioner Christopher Graham said: "We gave industry a year's grace, but when that runs out we will certainly be responding to complaints about organisations that are not following the rules."
However, in recent days the Information Commissioner's Office has taken a far more proactive approach, sending letters to 50 high-traffic websites, demanding they demonstrate what action they are taking to comply with the law within 28 days.
But Room believes there is no need to panic. "Yes, my personal view is that it’s an unnecessary change, but, no, it’s not going to be the end of the internet and it's not going to ruin the web experience," he wrote in a blog post.
Room points out that companies have been dealing with the need for legal consent for years without too many difficulties, and that consent mechanisms can be designed in a user-friendly way.
"With a bit of thought you can deliver a compliance solution that disturbs no-one and ruins nothing," he said.
According to Room, the best way to mitigate the effects of the cookie law is to engage with it and move on. "There are much more serious issues to deal with in the world of privacy and data protection," he said.
This is further complicated by the fact that EU law has to be technology-neutral in an attempt to avoid laws from becoming outdated quickly or favouring any particular supplier, he told Computer Weekly.
According to Room, it would be far more efficient to limit the scope of laws to make them easier to keep up to date and target only specific concerns.
Otherwise, he said, ridiculous situations arise such as the 2003 Bodil Linqvist case in which a woman in Sweden, who set up a website for local church parishioners in Aseda, was convicted and fined for breaching data protection laws.
Linqvist appealed, but in a landmark decision, the European Court of Justice ruled that, by including information about fellow church volunteers on her website, she was in breach of the EU Data Protection Directive.
"The danger is that the cookie law could be taking us in this direction, with a UK blogger becoming the next Bodil Linqvist if the ICO succumbs to the temptation of going after smaller, weaker targets," he said.
Room believes most data protection regulations should be scrapped, as they are a drag on the economy, but achieve nothing and offer very little real protection to the individual citizen.
"We need to get rid of the data protection law baggage so that the real issues can be targeted properly," he said. "It would be possible to adjust the public purse to achieve the desired effect, but the EC wants to regulate everything."
For answers to the most common questions about the cookie law and what organisations can do to avoid potential enforcement action, Phil Lee, another lawyer at Field Fisher Waterhouse, has written the following article: Cookie consent: Preparing for the compliance crunch