There are two types of cookies - permanent and temporary. Permanent cookies are saved on your hard drive until they expire; temporary cookies are held in memory until you quit your browser. Cookies are assigned a scope - perhaps an entire site, or just a single page. The scope is restricted to the domain associated with the particular Web page; thus, one company cannot retrieve a cookie generated by another company, and thus cannot track your activity across sites unless the two companies trade client information offline, as is done in other industries where a magazine may sell its subscriber list to other marketers. Note, however, that a multi-user site such as geocities.com or members.aol.com counts as one domain, thus in principle cookies with a whole-domain scope generated by one member may be seen by another member. Members at such sites, though, typically have no access to CGI scripts which severely limits their access to cookie data. Cookie data accessed with JavaScript cannot easily be passed back to the page owner.
One possible concern is that of an advertising company placing banner images with cookies on many different sites, and thus being able to track users across its client list. Netscape Navigator has a preference entry "only accept cookies from the same server as the page being viewed" which should block this behaviour.
In my opinion, much of the concern about cookies is unwarranted. Cookies cannot be used to retrieve private data from your computer and are unlikely to reveal your browsing habits to a third party.
If you follow a link from www.sex.com to www.joe.org, Joe will know you've just visited sex.com. If this is a concern, cut the URL and paste it manually instead of clicking.
If these privacy issues are of real concern, you may wish to check out anonymizer.com. Their upcoming pipeline service will allow a private encrypted link between your browser and their anonymizer proxy in California.
A.Daviel