Businesses need to ensure they are ready for EU legislation requiring them to get consent if they want to track user behaviour.
So says the Information Commissioner's Office (ICO), which warned the roll out of the new law will be "a challenge."
The legislation will come into force on 25 May 2011 and will require UK firms to get consent if they want to place cookies onto users' computers.
"It will have positive benefits as it will give people more choice and control over what information businesses and other organisations can store on and access from consumers' own computers," said information commissioner Christopher Graham.
"Businesses and organisations running websites in the UK must wake up to the fact that this is happening."
Despite the warning, Graham said the ICO was clear the changes should not have a detrimental impact on consumers nor cause "an unnecessary burden on UK businesses."
He said one option could be to allow cookie consent to be given over browser settings.
Culture minister Ed Vaizey admitted the work would not be complete by the deadline.
"The Government is clear that it will take time for meaningful solutions to be developed, evaluated and rolled out," he said.
"We recognise this could cause uncertainty for businesses and consumers. Therefore we do not expect the ICO to take enforcement action in the short term against businesses and organisations as they work out how to address their use of cookies."
Over-regulation concerns
Although the Big Brother Watch said it looked forward to seeing how websites would adapt to the legislation, it has previously called for such moves to form part of voluntarily adopted industry standards, rather than be enforced by the EU.
"First and foremost we advocate industry standards and agreed upon best practices for technology companies using cookies," Dominique Lazanski, senior fellow for technology policy at the Big Brother Watch, told IT PRO.
"If the industry sets standards then the industry can innovate around those standards."
Lazanski also warned about the enforcement of any opt-out' law, largely because this would bring additional legislation that would only hamper tech industry innovation.
"Both Microsoft and Firefox are already developing opt-out buttons into their web browsers as part of their new product development," Lazanski added.
"By forcing an 'opt-out' in the EU, internet companies will have to spend more money on complying with EU regulation and less money on innovation in privacy."
Google has already announced a feature for its Chrome browser letting users opt-out of ad tracking cookies.
