Over three million UKbusinesses could be affected by European legislation on web privacy which is due to come into effect from May 25th 2012.

The Directive on Privacy and Electronic Communications, also known as the “Cookie law”, will require all websites which use Cookies to seek consent from visitors accessing the site.

Under the new cookie compliance legislation businesses must tell users about the cookies on their website, what the cookie is doing, and gain consent to use that cookie; although websites which are “strictly necessary for a service” requested by the user, so for example shopping sites like Amazon or Expedia, are exempt from the law.

Currently Websites are allowed to set cookies on a person’s browser each time they visit a page, recording the user’s web page preferences and browsing history, as well as personal details. The introduction of this new legislation means that from May 2012, this will be against the law, and the ICO have been given powers to fine website owners up to £500,000 for serious breaches in the law and could approach any business running a website and ask them to demonstrate how they comply.

The Cookie Law came into force on May 26th 2011, although it was deferred by theUK government for an extra year to allow more time for various departments, including the Information Commissioner’s Office (ICO) to prepare businesses for the change.