Under the terms of the legislation, EU member states will be obliged to ensure the security and confidentiality of communications over European electronic networks.

The directive, which is technology neutral according to the EU, ensures that cookies and other tracking devices used to collect information on internet browsing habits, can only be employed if internet users have given their informed consent.

The new rules also specify that location data generated by mobile phones can only be passed on with the explicit consent of the phone's user, with the exception of situations in which the emergerncy services need access to the data, and for the purposes of national security and/or criminal investigations.

With regard to spam, the EU announced that:

"With a limited exception - covering existing customer relationships - e-mail marketing is only allowed with prior consent. Disguised identities and invalid return addresses, often used by 'spammers' are also outlawed. This 'opt in' regime equally covers SMS messages and other electronic messages sent to any mobile and fixed terminal."

It continued: "Member states can also ban unsolicited commercial e-mails to businesses. The Commission intends to issue a specific communication on this subject by the end of the year."

Although the tough new rules have been welcomed, some observers have suggested that the deluge of spam e-mails received by internet users in the European Union may not necessarily be slowed by them, as the majority of unsolicited commercial mail comes from the United States, which is currently leaning towards a less stringent 'opt out' solution.