There was a 12 month transition period (ending May 26, 2012) for companies to meet the new requirements. During that period, companies had to take steps to comply with this new regulation - although complete compliance was not required before May 26, 2012. The new UK rules apply to all websites hosted in Europe and websites hosted elsewhere if they target UK residents. U.S. websites that market their sites to UK residents or that have a large number of UK users may be subject to the new rules and be required to comply.
To fit this category, the cookie must be
related to a service provided on the website that has been explicitly requested by the user. Aside from obvious cases such as shopping cart cookies and access to protected areas, the ICC suggests that remembering previously entered text so it's not lost if the page refreshes falls into this category. No user consent is required for category 1 cookies.
It's possible to argue that the onus is on the ad serving network to request consent but, to be on the safe side, the ICC advises website owners to get clear, explicit consent from users if their site employs such technology.