Thus, the European Union interjected with with its Privacy and Electronic Communications Directive, which came into force on 25th May 2011, and the rules on cookies began to change.
It's not universal to all cookies and there is an acceptance some are necessary just to get a website to work. But they do impact on how sites track and store data.
What the EU has insisted is before a cookie can store information about a user's web surfing activities, the user has to give explicit consent.
In the UK, communications minister Ed Vaizey has confirmed firms will be able to phase in changes, with a year for them to comply with the new legislation. But even this presents some challenges and problems.
Asking someone, either explicitly or subtlety, to accept a cookie tracking their activity is putting a decision in people's way they didn't have to make before.
One big concern from businesses is this will stop people visiting their websites. Asking someone, either explicitly or subtlety, to accept a cookie tracking their activity is putting a decision in people's way they didn't have to make before. That, in itself, may be enough to put people off visiting a site.
The more troublesome area, though, is whilst the directive sounds fine and dandy in principle, in practice, it's a lot tougher. How do you implement such a significant change? It's impractical, many argue, to put the cookie decision front and centre on a site.
Even the Government concedes that workable technical solutions are still not in place. The ICO too accepts "gaining consent will, in many cases, be a challenge."
