So who is going to comply with this legislation?
Well, given that at least 99% of websites do not completely comply with the European E-commerce Directive, the Companies Act, the Disability Discrimination Act and the Data Protection Act, it is pretty safe to say that almost nobody will make any effort whatsoever to comply with this new legislation. Especially when you consider that it is trivially easy to comply with the previous legislation and this new cookie legislation is just an incomprehensible shambles.
However, the ICO have said that "Those who choose to do nothing will have their lack of action taken into account" and the the maximum penalty for failing to comply is £500,000.
However, the ICO has a 29 year history of not enforcing any laws it was set up to enforce.
The ICO has updated their vague guidance document
and it is still just as vague as the previous guidance. They are still simply saying that the existing browser technology (which prevents cookies from being stored without visitors' consent) is not enough.
It is becoming blatantly obvious that they just want to pass the responsibility of resolving this onto the courts system once somebody actually gets prosecuted for it.