Officially, 26th May 2012 is the day that the UK regulators will be enforcing their 2011 update to the PECR, which requires companies to take opt-in consent for tracking information (including cookies) on websites. The regulations were actually updated one year ago, but the regulators gave businesses 12 months to get their house in order before they started enforcing it.
Clearly, there are long-term issues; business are finding it hard to implement the regulations. When it comes down to it, those that make some effort with cookies are unlikely to fall fowl of the regulators. Those that completely flout it, may not fare so well – the ICO is already contacting some companies about their cookies.
I have written a white paper on the subject of mobile and cookies of the DMA which you can find here: http://www.dma.org.uk/sites/default/files/PDF/Cookies/Mobile_and_Cookies_Legislation.pdf
There’s some good general guidance here: http://www.dma.org.uk/toolkit/countdown-cookie-compliance
And a some further useful advice from econsultancy here: http://econsultancy.com/uk/reports/the-eu-cookie-law-a-guide-to-compliance