If my COMPANY is based in the US, then US laws apply. If my company is based in Canada and I live in the US, it does not. And yes, it's legal to do that. My father is in Asia, his company in the US. He doesn't have to have his website comply with the laws of where're he lives because it's all above board in the US. It's a hair splitting semantic, and took a couple lawyers to help us get right, but it does work.
You do notice I keep coming back to lawyers? You need one. Seriously.
My layman understanding of the law, and of how WP cookies work with regards to that law, is that WordPress's site only cookies only 'track' if you're logged in, and even then, not between other sites. Obviously you'll need a consent to cookie for for registration and for AdSense etc.
Probably the most elegant way would be to make a plugin that, when you visit any WP page on your site, checks for cookies. If it finds none, it redirects you to another page which says "Hi, you don't have cookies, and since the EU is a prat, you have to consent to let me put them on your computer. Cookies are used to store information like when you last visited, and if you log in, your user information, so no one else can pretend to be you. I promise to never use this information in illegal or unethical ways. If you do not accept to have cookies on your system, you can't visit this site. Sorry about that."
Google up some PHP checks for cookies. They Should be usable. You can check what your own site's cookies look like, the name format and all, to search for.