Ever get the feeling you're being followed? I did when I got an email from "Matthew Gale", co-curator of the Joan Miró exhibition at Tate Modern last week, less than 24 hours after seeing the show. "I'm so pleased you visited," he said. "From what I've read on Tate's blog, people appear to be relating to Miró's work in a deeply personal way." I'll tell you what I am relating to in a deeply personal way, "Matthew Gale": being stalked electronically.

"Matthew Gale" is not the only piece of software stalking me. I'm also in communication with "Ken Livingstone" and "Ed Miliband". "Ed" sends me rousing emails insisting that I do something about the government. I confess I have been a bit remiss about that. After March's budget he wrote to me: "We're left with a chancellor claiming to deliver a budget for growth – while downgrading the growth forecast. You and I know it's not the wrong type of snow that's to blame, it's the wrong type of chancellor. Get involved."

"Ken" has thanked me for all I am doing (think nothing of it, Ken), but he'd like me to do more: "I've launched a new campaign #getagripboris calling on the mayor to sort out the transport crisis in London. Click here to sign the petition," he urged in a "personal" email to me a couple of weeks ago.

Meanwhile Facebook is watching my every move, telling me today – seconds after I made a brief visit to the site for the purpose of research – "Welcome back to Facebook!" (I am NEVER coming back, Facebook) and a few days earlier: "You haven't been back to Facebook recently." Have I brought this unwelcome electronic attention on myself? Well, yes: in the sense that, when I signed up for membership of these things, I accepted the privacy policies that went along with them.

"Cookies" and similar devices are used to make online interaction more efficient – and to direct marketing and advertising at individual users. Without them, the ability of the internet to function smoothly would be impeded. Cookies are files put on to our computers by websites so that they can remember things about us, such as our browsing habits and payment details when we transact online. They are not illegal. However, the Data Protection Act provides that websites should not process "excessive" personal data, and guidance from the information commissioner's office (ICO) says that organisations collecting data should consider the extent to which that data can be processed anonymously.

Later this month a new law amending the EU's privacy and electronic communications directive will come into force, which will require organisations to obtain consent from visitors to their websites before using cookies. However, the directive doesn't require that user consent is obtained if the cookie is "strictly necessary" in order for the website to provide the service requested. The government has confirmed, in its response to consultations on the implementation of the directive, that it regards, for example, the use of cookies in online shopping baskets as "strictly necessary".

The government is talking to the industry about enhanced browser settings to harvest consent in other cases and about the use of cookies in behavioural advertising, but that work will not be completed before the 25 May deadline for implementing the directive. In the meantime, the ICO is not expected to take enforcement action where websites are "working to address their use of cookies or are engaged in development work on browsers and/or other solutions".

The directive does not apply to Facebook, a US company, and it is not clear whether it would apply to the sort of communication I received from the Tate. I can, in theory, unsubscribe to emails (the Tate was unable to process my request today). That would solve the "Ed" and "Ken" problem, but it wouldn't stop Tate and Facebook snooping on me, because the Faustian contractual pact to which I signed up lets them do it.