...and it's messy.
The Information Commissioners Office website has a declaration that users need to tick to confirm they allow cookies to be stored on their computers.
Even if they do not tick this box, the ASP.NET Session cookie is already written to their PCs because the ICO deem it essential.
...until you clear your cookies, use another computer, another browser or you've already set your browser to delete cookies automatically and you return to the site.
So, out of the original four ICO site cookies, they've created an additional one for people who have confirmed they allow cookies, so that they can check you want cookies, even though they've already written one of the other four cookies to your computer without consent.
Good luck with that, ICO.
Oh, and by the way. That's a damned ugly confirmation box!
- Cookie Law - from Outlaw.com
- Almost entire EU now violating Brussels cookie privacy law - from The Register