Today, OneTrust launched an Italian Cookie Consent toolkit to help companies implement your cookie banner, or consent management platform (CMP) based on the Garante’s updated guidelines – ahead of January 2022.
On July 10, 2021, the Italian data protection authority (‘Il Garante’) announced its final guidelines on cookies and other tracking technologies. The finalized guidelines were released seven months after the Garante released its draft version for public consultation. The Italian DPA has provided a six-month compliance period and will begin to enforce its latest cookie guidelines after that.
The Garante’s Cookie Guidelines
This updated guidance comes after a string of updated guidelines from other major DPDPAs across the EU, including France’s CNIL, Ireland’s DPC, Spain’s AEPD, Denmark’s Datatilsynet. Although there are some common features amongst these guidelines. That being said there are some unique differences marketers and privacy professionals should note. The finalized Guidelines introduced, among others, the following key changes:
- Legitimate interest cannot be considered as a lawful ground to set cookies and other similar tracking technologies;
- Possibility to re-present cookie banner to users after six months from the initial presentation;
- Duty to assess the adequacy and appropriateness of the size of the banner in relation to the various devices used by the user;
- Duty to position an ‘X’ button within the banner by which users can continue navigating without consenting to the use of non-technical cookies;
- ‘Authenticated’ users must be allowed to consent to the possibility of being tracked by cross-analysis of their behavior through the use of different devices;
- In case of changes to the third parties list within the ‘preference center,’ the website owner is responsible for the selection of the same third parties and for ensuring that the consequent processing remain in line with the category groups;
- New specifications for the accessibility of cookie information in relation to a person with disabilities;
- Duty to include, in the footer of the website, a link in for the user to re-assess his/her cookie preferences;
Are the Garante’s Guidelines relevant to your website?
Any organization operating in Italy or targeting Italian data subjects must ensure their cookie banner complies with the Italian DPA’s cookie guidelines before the deadline. After the compliance period the Italian DPA can enforce this new cookie guidance with warnings or by levying fines of up to €20 million or 4% of annual global revenue.
While this layer of compliance may be intimidating OneTrust is here to support with our Italian Cookie Consent Toolkit (hyperlink). Sign up today to accelerate your compliance journey with a complete set of tools and resources to get your privacy program up and running. The toolkit includes tips, a checklist, preconfigured template, and your first domain free.
Italian Cookie Consent Toolkit
OneTrust is here to help you implement your cookie banner based on the Garante’s updated guidelines – ahead of the enforcement deadline. No matter where you are in your compliance journey, our toolkit offers resources to understand Garante’s guidelines and support to implement cookie banners in line with the Garante’s latest recommendations.
- Review the Whitepaper: Italian GaranteCookie Guidelines: What You Need to Know
- Complete the Checklist: Cookies & Il Garante: Guidelines and Setup Checklist
- Access Step-by-step implementation guides and ongoing implementation support
OneTrust will support your organization to ensure your CMP is compliant with the Garante’s guidelines before the end of the compliance period.
Don’t forget to register for our webinar, Consenso del Garante per i Cookie: Come essere conformi prima del 2022, to learn more.