I wouldn't worry about the cookies thing.
Firstly, its going to be enforced by the ICO (information commissioners office). Or should I say its "not" going to be enforced by the ICO... as civil servants you can guarantee they'll do as little work as possible. We had a problem with illegal junk faxes (having registered our number as a "do not call") - reported the continuing fax problem to the ICO but they never did a thing. When I followed up asking how many people in the UK had been prosecuted in the last 5 years for illegal faxes they replied that none had, but they'd sent stiffly worded letters to some! Whoa!
The new cookie rules are a complete mess - typical of what people with no expertise in the field (ie politicians) would come up with. This article lays it out quite nicely...
http://www.pcpro.co.uk/features/367411/new-cookie-laws-why-website-owners-should-be-worriedIn essence you have to get consent for cookies, but its up to you how you do this (eg could just have a page that says, "this site uses cookies, if you don't like that, go elsewhere").
But cookies that are "necessary to the operation of the site" are exempt in any case. This would appear to apply to ones holding a basket, login info etc.
The original aim behind the legislation was to prevent tracking cookies used by banner networks, as they can track you from site to site. All that has been lost in the fog of a very badly drafted bit of legislation. Just ignore it - no one is ever going to get prosecuted.