Hissingsid - 9:59 am on Apr 8, 2012 (gmt 0)
Unless you store information yourself, in a log or database, only the user of the browser controls evidence that consent was given or not. Your only defence, from a proof point of view, is that you included code in your pages that that had the function of obtaining consent. You can't prove that it actually did. It seems to me that this has more serious privacy implications than setting cookies. You could easily interpret the requirements that you need to store this information for as long as there might be some legal action taken against you.
Also as the law is drafted you might have to prove that a person gave consent not that the consent from some person was given but rather which person gave the consent. So really you need them to give you 3 pieces of identification information so that you can ID them. Name, date of birth and address should do. So now in order to fully comply with the law we need to know the identity of the person and keep that information in a secure form for 6 years.