The original EU directive was a disaster because it was technology oriented, and didn't distinguish between fairly-legitimate website-wants-to-know-my-preferences and website-is-going-to-tart-me-round-everywhere. I can't remember how many times I've had to agree to the same cookie notice for the same site on multiple machines and VMs and sandboxes -- a useless waste of time. As a website developer/owner it's a ridiculous waste of time. I'd be much happier with a technology independent rule which explicitly only allowed per-site preferences to be stored and which banned every-time notices.