More correctly, this is called the ‘EU e-Privacy Directive’. Popular media refers to it as the ‘EU Cookie Law’.
Under EU privacy regulations, websites must make it clear to visitors what information about them is being stored. This specifically includes cookies. Even if cookies do not store information identifying an individual, you must still provide your visitor with information on what is being stored, by whom, what for, and so on.
Certain cookies are exempt from this- those deemed to be “strictly necessary” (e.g. WordPress stores session cookies for authentication, without these it wouldn’t work) however cookies stored by analytics software like Google Analytics do not fall into this category.