Some help with legal information about GDPR and other privacy laws

Privacy laws

Latest on Italian Cookie Guidelines

2022 brings changes to the cookie guidelines in Italy. Approved in July 2021, the new cookie guidelines have been introduced on January 9, 2022. Published by the Italian Supervisory Authority, the new set of rules will make a big impact on cookies in Italy, and website owners have to hurry to set up their websites within the new regulations.

The new guidelines are coming with a lot of changes to cookie policies in Italy and CookieScript will talk about the most significant ones in this article.

Cookie Categorization

The new cookie guidelines maintain the distinction between technical cookies (for which consent is not required) and profiling cookies for which consent, instead, is the only possible legal basis. The new Italian law explains that the category of profiling cookies is necessarily large and contains all the cookies that are not explicitly considered technical by law. 

It means that until there is a system to determine the nature of cookies, website owners must clarify the technical or non-technical nature that they attribute to each cookie in the privacy notice or elsewhere. It is important to note that when accessing the website, only technical cookies can be installed by default, and cookie walls are banned when they force to grant consent.

Consent by Scrolling

Another change in the Italian cookie law touches the action of scrolling a website. From now on, under certain circumstances, scrolling can be considered as consent. However, this can only happen if the website can demonstrate that this is a user’s choice that is a clear, behavioral pattern and also is documentable and informed. It means that the proof required from website owners is very difficult to get.

Renewal of Consent Request

From January 9, the Italian cookie law also notes that website owners must avoid asking users to renew their Cookie Consent too often, because that may unlawfully pressure users into accepting all cookies just to avoid the banner. 

The law clarifies that controllers can only resurface the Cookie Banner on these conditions:

  1. Where the processing conditions change significantly.
  2. If the website owner can’t know the users’ previous choices because.
  3. After six months since the previous request.

Review of Preferences

The new Italian cookie law states that users must be allowed to review their cookie preferences. There should be a dedicated area in the footer of the website with a recognizable design that allows users to easily withdraw or modify the consent already given.

Information Notice

By the new guidelines, the multi-layer information notices may be used, however, the extended privacy notice must be accessible in just one click from the banner. Moreover, a banner should comply with strict requirements in terms of positioning, size, font, and content and link to the extended privacy information notice, with also the obligation to make it usable also by disabled people.  

Users also need to be aware of the consequences of each action, including clicking on the 'X' button, the possibility for users to choose between consent or the option to change preferences concerning tracking, and the link to a section of the website where users can select cookies also by homogeneous categories.

The Italian law adds that the notice may also be multichannel (for example, by video, pop-up, vocal interactions, virtual assistants, call, or chatbots). The controller should decide the design that works best to ensure completeness, clarity, efficacy, and accessibility.

Cookie Banner Design

Finally, Italian law also has a section on cookie banners and their design. It states the following:

  1. The banner should appear at the first website visit, be quickly distinguishable from the rest of the website content, and bear commands that have all the same font, color, and size.
  2. The banner must have an ‘X’ at its top-right corner so that users can click to close the banner without giving their consent.
  3. The banner must contain sufficient information for users to be aware of the consequences of any of their actions. The banner should include a warning that by clicking the ‘X’ users will agree to the default settings, a brief explanation that profiling cookies are used exclusively with users’ consent and to show advertising or personalize the services, and a link to the extended privacy policy.
  4. A banner should have a command through which all cookies can be accepted at the same time.
  5. Finally, the Cookie Banner also needs to have a link to another area where users can select/deselect cookies one by one or per category.

Cookie Management with CookieScript

If you want a proven solution to help you comply with the Italian cookie law, choose CookieScript and let it do all the hard work for you.

CookieScript will automatically scan your website every month and update its cookie declaration, you can also modify its Cookie Banner based on the regulation and your personal needs! Register for an account today and choose one of the pricing plans that won’t hurt your pocket.

New to CookieScript?

CookieScript helps to make the website ePrivacy and GDPR compliant.

We have all the necessary tools to comply with the latest privacy policy regulations: third-party script management, consent recording, monthly website scans, automatic cookie categorization, cookie declaration automatic update, translations to 34 languages, and much more.