The European Commission plans to call Britain and Denmark to account for dragging their feet on enforcing a controversial new law to protect people's privacy on-line, a spokesman said.

The move is a sign of how the war of words over so-called cookie reform is heating up a week after a deadline for European Union member states to adopt the rules into their national laws.

The EU e-privacy directive requires websites to obtain users' explicit consent before allowing the storage of cookies, small pieces of text that Web browsers use to store information like website preferences, as well as track users' movements from site to site.

The reform has been hotly contested by Internet companies, on-line advertisers and start-ups, who say it will handicap a tool that is central to how the Web operates.

The problem is that you need cookies for the Web to work; it is how the Web is built, said Jon von Tetzchner, co-founder of Web browser maker Opera Software ASA.

Global e-retail association IMRG said: There are serious concerns among the e-retail industry that the heavy use of pop-ups and consent-request windows will prove very intrusive to users ... and lead to issues of trust when accessing new sites.

For their part, privacy advocates and regulators are concerned that too much data on individuals is being collected on the web without their consent and that people should be allowed to opt out of such tracking.

The new law says Web companies can no longer bury their cookie practices in the fine print of their terms and conditions and must instead seek explicit consumer approval.


Faced with industry resistance, only four states out of 27 have moved to incorporate the EU reform into national law despite the fact that the deadline to do so was May 26, said Jonathan Todd, a spokesman for the European Commission.

And two of them -- Britain and Denmark -- adopted the law only to see their regulators say publicly that no enforcement would take place for about a year.

We recognize that some website users have real concerns around online privacy, but also recognize that cookies play a key role in the smooth running of the Internet, British Communications Minister Ed Vaizey wrote last week.

It will take time for workable technical solutions to be developed, evaluated and rolled out, so we have decided that a 'phased in' approach is right, he wrote in a open letter to the online industry before the directive came into force.

Todd said the commission would not let such foot-dragging pass by. We've seen these comments Denmark and the UK have made ... and we want to ask them for more information to make sure it is compatible with the EU law, he said.

European Commissioner Neelie Kroes, who runs Europe's digital agenda, told Reuters on the sidelines of a technology conference in Paris last week that the commission would be strict in policing whether states applied the new rules.

Asked about industry complaints that the rules would be crippling to internet companies, she said: I am absolutely certain that it won't hurt their businesses. These companies are innovative -- I am sure they can find ways to comply.

It remains to be seen how quickly other major European economies like France, Germany, Spain and Italy will comply.

Germany has not even begun transposing the telecoms package, of which the cookies reform is a part, into national law, while France's parliament is not expected to finish until next autumn.

Todd said Spain and Italy might pass the telecoms package before the summer, but many other states were not even close.

Privacy concerns around the use of cookies go back to the 1990s but have intensified as targeting technology becomes more efficient. An entire field known as behavioral targeting has grown up that relies on cookies and other tracking technologies to better aim ads at Internet users -- commanding higher prices as well as serving up more relevant ads for users.

High-profile cases like that of behavioral targeting software company Phorm Inc, which ran secret trials with British telecoms provider BT Group Plc, have increased opposition to online targeting.

The practice has attracted the ire of regulators not only in Europe, but also in the United States, where the Federal Trade Commission has come down hard on companies gathering too much personal information on specific users without their consent.

(Editing by David Holmes)