1. Home
  2. REGULATIONS
  3. Italy’s new cookie guidance for cookies

Italy’s new cookie guidance for cookies

Italy’s new cookie guidance for cookies

Main contents:

1. Cookie Consent through scrolling

The EDPB has stated that the users scrolling through a web page does not constitute valid consent. However, Garante specifies that when the scroll down can be part of a series of actions that indicate a pattern, it is considered as the users’ unequivocal consent to use cookies. 

The DPA highlights the need for improved methods based on the ‘dynamic web’ to express consent rather than the traditional agree or reject buttons. It believes that such methods based on user behavioral patterns could give more clarity in indicating unambiguous and affirmative action.

2. The use of cookie walls

Garante also ruled that using cookie walls is not valid. Just like Spanish DPA, they allow the use of cookie walls where the website manager provides the users an equivalent alternative to the website content without the need to consent to the use of cookies. The alternative must be GDPR compliant.

3. Re-collection of consent

The guideline stresses the need for maintaining proof of consent. The DPA directs that there is no need of asking for consent for using cookies and other tracking technologies every time the same user visits the website. There must be a mechanism to keep a log of the consent and remember the user preference for every visit after the first time.
A website only has to re-collect consent if: 

  • There is a change in the condition for obtaining consent.   
  • The website manager cannot find out if the users have the cookies stored on their devices when they revisit the site. For example, when they delete cookies stored on their device.

4. Privacy by design for cookies:

The guidelines encourage the websites to follow the privacy by design approach for using cookies.The website must not store cookies, other than technical, by default. The guidelines also do not allow the use of any active or passive profiling techniques.It also highlights that the user can deny consent to use cookies by closing the cookie banner on the website without the need to access any web pages or settings.

5. Cookie consent banners and cookie policy

The Garante makes the following recommendations for the design of cookie banners:

  • Appear on the first visit and should be distinguishable from other content on the website. All the commands on the banner must be of the same format.
  • An “X” in the upper right corner to close the banner without consent (only loads technical cookies and blocks others until consent).
  • A brief policy to explain the consequences of opting out of cookies, the use of cookies, and the relevant purposes.
  • A link to the complete privacy policy containing all the information required under Articles 13 and 14 of the GDPR, and the classification of cookies used with their purposes.
  • An easy option for users to accept all cookies at once (Accept All button) 
  • A  link to a page or window where users can selectively give consent to cookies based on their properties (advertisements, functional, analytical, etc.) — where all the options (except technical cookies) must be de-selected by default.

The guidelines encourage website owners to implement a “multichannel” approach for their cookie policies. This includes multiple contact points, such as video channels, pop-ups, virtual assistants, phone calls, and chat boxes.

ePrivacy Directive ("EU cookie law”)
EU’s General Data Protection Regulation(GDPR)
ePrivacy Regulation (EPR)
I BUILT MY SITE FOR FREE USING