On June 2, 2015 the new requirements set by European legislation on cookies came into force in Italy.
In June 2014, the Data Protection Authority had published the initial guidelines. However, they lacked operational guidance.
Immediately after, an inter-association panel promoted by Fedoweb, iab, Netcomm and UPA – associations of reference in the online world – was set up in order to fill this gap.
The result of the panel, which has interacted with the Authority itself, was the release of a kit containing guidelines to implement the Cookie Law also on the technical side.
Let’s look together at the consequences of the Cookie Law and how to adapt to the new provisions in accordance with the kit approved by the Authority.
While reading, always keep in mind that the following text may contain simplifications and it is always advisable to consult a legal advisor who can assist you directly.
The Cookie Law in brief:
In short, with the entry into force of the Cookie Law, from June 2 it will not be possible to install cookies before following this procedure:
– Having prepared and shown to the user an information banner;
– To have required the consent of users;
There are some exceptions which I will explain below, together with all the details.
The Cookie Law in details:
Before consent is given, no cookie – except technical cookies – can be installed.
Brief information note:
A brief information note will be provided through a short banner that should disclose the purpose of installation of cookies that the site uses.
The banner must be sufficiently discontinuous from the user experience of navigating the site in order to make sure it gets noticed by the user.
Among the examples provided by the Authority there are both a version in the middle of the page and a solution with a strip at the top of the site.
The consent is provided by the user through the continued operation, including clicking on links or scrolling the page.
Block cookies before consent:
In accordance with general principles of privacy legislation, which prevent the treatment before consent, the Cookie Law does not allow the installation of cookies before obtaining prior consent, except for the exempt categories that will be explained below.
In practice, this means that, for example, codes that link banners or simply codes that handle live chat can not run before obtaining prior consent (which, we repeat, is also obtainable by simply scrolling).
Adaptation to this law will unfortunately be challenging for many sites and requires changes to the code of the site.
The Authority has been very clear in this regard and you need to adapt if you want to respect the law.
Cookie exempt from consent:
Fortunately, some cookies are exempt from consensus and therefore are not subject to the preventive block.
- Technical cookies, which are those needed to provide the service, including cookies of preference, session, load balancing and so on.
- Statistics cookies managed directly by the owner, for example through softwares like Piwik;
- There has lately been an opening of the Authority – albeit unofficial – to consider as exempt from the consent also statistical cookies used by third party (eg. Google Analytics), but only if the data is anonymised before being saved by the third service.
How to fit in:
Iubenda – a company specializing in the development of software solutions for compliance with legal obligations related to online and mobile presence – thanks to his participation to the inter-associative panel with the Authority as a technical partner, has developed a kit ready to adapt websites in accordance with the provisions of the Cookie Law in no time and without expensive investments.
Iubenda is able to manage the problems of obtaining consent on cookies, saving preferences, displaying banners and generating the cookies policy – minimizing the negative impact of the Cookie Law on online businesses.
In particular, even before the law came into effect with Iubenda you could already prepare:
- The banner with the information brief;
- The system of consensus through continued operation.
From June 2 onwards you need to block codes when running cookie before acquiring the consent, in line with the requirements of the Authority. Therefore, Iubenda has released another set of functional tools to adapt easily to this aspect of the legislation.
If you wish to find out more information on how to ensure compatibility with the Cookie Law and on means that Iubenda provides, please consult the guide to the Cookie Law and the dedicated kit available on the website of Iubenda at www.iubenda.com/it/cookie-law-e-soluzioni-iubenda.
Iubenda is partner of LUISS ENLABS. Our startups can get Iubenda Cookie Kit with 25% off for one year!