Inspired by other European colleagues, and following the path opened by the European Data Protection Board with its recent guidelines on consent, the Italian Data Protection Authority updated its guidelines on cookies and on cookie consent, originally issued in 2014 and currently undergoing a 30-days period for public consultation.

The main news refers to the need to abandon previous practices of non-unequivocal consent, such as that of "scrolling down" on a web page as a way to signify acceptance to the website installing cookies on the user device. Indeed, following the stricter requirements on consent enacted by the GDPR, it was clear that such practice would no longer amount to valid consent, however, clarifications were needed by companies and interpreters on this crucial point.

In addition, and in line with its previous opinion, the Italian Data Protection Authority indicates that analytics cookies, in certain circumstances and abiding by certain prescriptions can be considered as technical cookies, thus not requiring the prior users' consent to be set on their devices.

Interestingly, the Italian Data Protection Authority does not limit the ways to collect consent on the implementation of the usual "accept/do not accept" buttons on the cookie banner but rather welcomes more advanced techniques for the collection of consent, such as those involving the possibility to record patterns of the users' action on the webpage, provided that they unequivocally show and record the users' wishes.

The objective of the pending public consultation is to receive contributions and feedback on the proposed text and re-open the discussions on a topic that too frequently gets overlooked. The ultimate goal is the protection of individuals in a market, the digital one, that keeps on (rapidly) changing.