Internet users in Austria, Sweden, Denmark and Italy can complain to national authorities if websites fail to alert them about cookies automatically downloaded to their computers.
These four countries are the only members of the 15-nation European Union to begin following cookie provisions in an EU-wide directive on data protection agreed to in June last year.
The directive instructs websites to display prominently - either on a pop-up window or somewhere immediately visible on a home page - details about the cookies and what they do, but it does not forbid websites from initially setting the cookies to users' computers.
Websites must also provide easy instructions to help visitors remove the cookies and must allow visitors to refuse all future cookies.
E-mail users in Austria, Italy, Denmark and Belgium can also, theoretically, take legal action against spammers through their national authorities, while recipients of spam in other EU countries do not have even this theoretical access to justice, according to an official at the European Commission.
Antispam provisions in the directive outlaw unsolicited mass e-mail, but permit online marketers to contact existing clients with product or service offers via e-mail.
Union member states should have put the data protection directive into national law by last Friday (31 October), but as with many EU-wide laws, many countries are running behind schedule.
The expert expected 10 countries to have implemented the data protection law into national law by the end of this year. In the meantime, computer users in countries that have not signed up remain in legal limbo.
Even after member states have the directive in their national statute books, web surfers and e-mail users will have little legal protection from spam and unwanted cookies that originate from outside the EU, the expert said.
The US is the most common spam source worldwide.
Next February the Organisation for Economic Cooperation and Development, a Paris-based organisation, which includes most developed nations, will host a conference to discuss the issue of multilateral co-operation in the fight against spammers and cookie use on the web.
Paul Meller writes for IDG News Service