Cookies are very simple text files which get downloaded to your computer when you visit a website. This will generally contain basic information such as site name and a unique user ID which the website can then use to determine if you have been on the site before and can use this knowledge to create an individual user experience. This can be anything from pre-filing in website forms, counting visitors, personalising content and recording user preferences.
The new EU Cookie Law is a modification to the EU Privacy and Electronic Directive which was put in place to protect the online privacy and to safeguard users against unwanted marketing. The changes to the law are to ensure the each user has given prior consent before accepting all non-essential site cookies.
Cookies using personal data need to comply to DPA 1998 and will be a focus for ICO enforcement. The greater the relation your website's cookies have to your users' personal data the more robust your approach to managing them should be. Every website owner needs to make sure their website complies.
Non-Essential cookies are usually in place collect information about the user for analytical reasons that do not actually affect the functionality of the website. These could be implemented by the website itself or by third party advertisers such as Google Analytics. These are the cookies which are being targeted by the new law.