Hissingsid - 3:06 pm on Apr 19, 2012 (gmt 0)
I'm just getting into the practicalities of all of this.
There's a few problems in this. If the user has previously visited the site then the old cookies remain in their browser until manually deleted. The law says that they cannot be read without consent so how does anyone prove whether they have been read or not. You can prove that they have not been freshly updated but not that they have not been read.
Also even if the user gives consent setting the GA cookies on that (probably landing) page is a bit flaky. Which massively devalues GA data even if it is allowed.
Perhaps the easiest and best thing to do is just abandon GA and other analytics/tracking cookies and just leave in absolutely essential ones. Where that leaves ad services and the like I really don't know.