Changes to the EU Privacy and Electronic Communications Directive, which come into force tomorrow, require websites to gain consent from web users to store or access information on their computers, under changes to European law.
Firms will have to alert web users as to what information is being stored, and explain the concept of behavioural advertising or adverts tailored to web users based on their browsing activities. As a result, web users are expected to see more pop-ups containing this information when surfing websites.
Cookies that allow web users to store goods in an online shopping basket are exempt from the changes in the directive but those that allow users to store log-in details for site such as social networks or webmail are affected.
However, the Information Commissioner Christopher Graham, who is responsible for enforcing the legislation, has agreed to give UK businesses more time to implement the necessary changes.
"We're giving businesses and organisations up to one year to get their house in order," said Graham
Graham's announcement follows an open letter from Culture Minister Ed Vaizey that sought to reassure UK firms.
"We recognise that some website users have real concerns around online privacy but also recognise that cookies play a key role in the smooth running of the internet," Vaizey said.
"But it will take some time for workable technical solutions to be developed, evaluated and rolled out so we have decided that a phased in approach is right."
However, the Information Commissioner revealed from today the ICO's own website will have cookies turned off but offer users the option to allow them. However, he said the approach is not suitable for all businesses.
"It would obviously ruin some users' browsing experience if they needed to negotiate endless pop ups," Graham said.
"I am not saying that other websites should necessarily do the same. Every website is different and prescriptive and universal 'to do' lists would only hinder rather than help businesses to find a solution that works best for them and their customers."
The government is currently in discussions with browser developers including Google, Microsoft and Mozilla, to see if a browser-based solution can be created.
However, Andreas Edler, managing director of hosting firm Hostway UK, believes the guidelines produced by the ICO seem to pose more questions than answers.
"It still is unclear how the law applies to the average small business or what changes users need to make in order to comply with the legislation. The legislation has good intentions in aiming to help protect peoples’ online privacy but it has opened up a minefield of compliance issues," he said.
"The Government really should have taken a more proactive approach towards its implementation. After all, this has been in discussion amongst EU members, including the UK since September last year, so why only now is the ICO starting to treat it as a matter of priority?"
Edler said the government is failing to address the fact that consumers also need to be educated on what cookies are, what information they store and what they are used for.
"After all, if people choose to opt out of cookies, the personalisation that they’re used to could crumble, meaning that website may no longer be able to save passwords, login details etc," he said.
"Some customers may even be prevented from buying products online if they opt out, as a lot of ecommerce sites rely on cookies. What is clear is a solution is needed quickly or the Government risks stifling web innovation, which is no good for either businesses or consumers."