The EU E-Privacy directive was originally introduced in 2009 with a deadline for transition into law by the member states in May 2011. As things currently stand eight member states including; Belgium, Cyprus, Germany, Italy, Malta, Poland, Romania and Slovenia have not even transposed the directive into laws however 19 others have and here in the UK the law has already started to be enforced as of May 26th 2012.
There is significant variations on the law and still a lot of confusion about what it actually means for website owners based in these countries however this is not being accepted as an excuse for non compliance. To get an idea of the bigger picture and the various ways the laws are structured check out this table covering the multiple interpretations of the cookie law.
One of the biggest differences between the laws if whether consent for cookies can be considered opt-in or opt-out. When the UK first delayed the introduction of enforcement to this year they stated that it would have to be opt-in however with less than 48 hours until UK Cookie Law enforcement recommendations were changed to opt-out.
With all of this going on it's easy to see how your average SME business owner could get confused. It seems an almost full time job keeping up to date with all the changes for this site and the donation funded CookiePolicyGenerator.com. Whatever may happen the facts are that the law is here right now and it looks set to stay in one form or another. The best thing you can do right now is make sure your site is compliant with the current Cookie Law guidelines in your country or you risk facing enforcement letters and potential fines of up to £500,000.