UK companies not yet compliant with cookie law

95% of UK companies have yet to comply with a regulation requiring websites to obtain consent before tracking users' browsing habits

A regulation requiring websites to obtain consent before tracking users' browsing habits comes into force on 26 May, yet 95% of UK companies have yet to comply, consultancy KPMG has revealed.

The regulation on the use of cookies derives from an amendment to the EU's Privacy and Electronic Communications Directive.

Although the EU directive came into force on 26 May 2011, the UK's Information Commissioner's Office (ICO) gave local businesses 12 months to address the new regulations and "get their house in order".

Companies with websites that do not comply with the so-called "cookie law" risk fines up to £500,000.

Critics of the regulation said compliance could put some e-commerce firms out of business if they are unable to access commercially valuable information, according to the Financial Times.

The small packets of data sent between a website and a user’s computer, commonly called cookies, have become crucial tools for analysing web traffic and delivering targeted online advertising.

Internet retailers are worried about annoying customers with too many requests for permission and losing valuable data if people refuse to be tracked, the paper said.

In May 2011, the ICO published advice on how UK businesses and organisations can comply with the new EU law.

At the time, information commissioner Christopher Graham said the privacy policy advice should help businesses and organisations comply in a way that causes minimal disruption.

"The implementation of this new legislation is challenging and involves significant technological considerations. That is why we've already consulted a wide range of stakeholders," he said.

Read more on E-commerce technology