The aim of this article is to present a proposal on how the forthcoming Regulation of the European Parliament and of the Council on respect for privacy and the protection of personal data in electronic communications (ePrivacy Regulation) should regulate the use of cookies and similar technologies. The current Directive 2002/58/EC addresses the risks associated with the use of cookies and similar technologies primarily by requiring the informed consent of the user. However, this solution places undue emphasis on user control, which is not effectively within the user's ability to exercise in the normal course of internet use. The result is a reduced level of protection of the user's privacy from tracking and, at the same time, complications for sites offering free content financed by targeted advertising. The article therefore describes how cookies and similar technologies work, what blocking third-party cookies in the most widely used browsers will bring, the history of the legal regulation of privacy in electronic communications, what the current legal regulation of the use of cookies and similar technologies is, and how this regulation has evolved in the different versions of the draft ePrivacy Directive. It then presents a de lege ferenda proposal for how the use of cookies and similar technologies should be regulated in the ePrivacy Regulation.