UK websites contain an average of 14 cookies per page, the majority of which belong to third parties, according to a new report.
Cookies are small sections of code that websites put on a user's computer so that they can remember something. They are used to enable websites to remember users' preferences, but can also be used to track consumers' browsing behaviour for targeted advertising purposes.
A typical user will encounter anywhere between 112 and 140 cookies during their average session on a British website, according to privacy solutions provider TRUSTe, and over two-thirds will be used by third parties (ie. not the website owner) to deliver targeted advertising.
The news comes just over a month before the EU e-Privacy Directive is enforced in the UK, requiring anyone running a website to get explicit opt-in consent from their visitors before deploying cookies on their machines. The law is designed to give people greater choice about whether or not they want their online behaviour to be tracked.
However, research by KPMG earlier this month revealed that 95 percent of businesses were not in compliance with the cookie-related requirements of the e-Privacy Directive, and are therefore risking fines of up to £500,000.
"Clearly more work needs to be done to deliver shorter, more accessible privacy notices that can be easily understood by consumers so that they can make informed choices around their personal information," said Chris Babel, chief executive of TRUSTe.
Earlier research conducted on behalf of TRUSTe found that 90 percent of British adults worry about their online privacy. Over a third do not trust most companies with their personal information online, and 88 percent avoid companies that they believe do not protect their privacy.
"Every UK user should remember that you are being tracked and surveilled without your explicit consent by a myriad of companies, through deals with major websites to gain access to your web browsing habits. This is unacceptable - and may now be a breach of e-privacy laws," said Jim Killock, executive director of the Open Rights Group.
"The lack of explicit consent for online data collection can't continue."
The EU e-Privacy Directive comes into force on 26 May 2012.