The EU vs US?
The problem here is that you have an EU entity trying to enforce its laws on a US company. The quote "Given that US law doesn't really address consent for cookies and the FTC is kind of wishy washy on it, the MoU would be about as much use as a chocolate teapot in this case." pretty much sums it up in this case. A case could be made for reputation, but they have to pay the bills somehow. Besides, EU law does not apply inside the US just because the EU says so, especially if laws conflict. This was more or less resolved in previous cases (Yahoo!, France). The same thing applies the opposite way as well (Well, it should). Although nobody could blame you for thinking otherwise with recent developments like the CLOUD act here in the US where US Law Enforcement can force a company to turn over data which is stored on foreign soil (Microsoft, Ireland), which in my opinion, is a violation of the foreign nation's sovereignty. Time for me to grab my jacket and hit the door.
One other thing... From a technical perspective, you *MUST* have cookies if you log into the site. As a developer, HTTP/HTTPS is a stateless protocol. So you have to have cookies to maintain user state on the server. So basically, if you don't agree to having cookies set on your browser, then you are not going to be logging into a website. That's the short and long of it from a technical aspect. PHP doesn't really give you any other option, unless you handle the session state yourself, but you will still need to have cookies to keep track of it.