I think it was not so much that the community was ignored, but that the law was passed under unusual circumstances: usually the lobbyists inform the legislators, who defer to industry on the specifics. Here the lobbyists mostly hated the legislation, but legislators were more responsive to privacy activists because of widespread public concern. So the law is a triumph of democracy over technocracy.
And I think that's reflected in the legislation. The principles are OK, but the detail does not match up with practice. Hence the law is some way from being something workable.
Ah, judging by that report, the law really seems quite reasonable.
Basically, if the user explicitly requests some functionality, like creating an account or saving a preference, and you need a cookie to do that, you don't have to ask permission to set it.
If you want to do anything else with the cookie, you have to get informed consent and the practical way to do that is by making it part of the request e.g. adding an explanation and checkbox to the signup or preferences page. Naturally, the more you want to do with the cookie, the more you have to explain to the user.
So effectively, you get to track users in exchange for their engagement with your site, and you have to (gasp) tell them exactly how you are tracking them.
And I think that's reflected in the legislation. The principles are OK, but the detail does not match up with practice. Hence the law is some way from being something workable.
It is well worth reading the ICO report: http://www.ico.gov.uk/for_organisations/privacy_and_electron...