On April 29, 2025, the Italian data protection authority (“Garante”) launched a public consultation to collect feedback from stakeholders about the so-called “Pay or Ok” model.
“Pay or Ok” refers to the concept of making access to a website’s content or service conditional on the website visitor performing one of two actions: (1) subscribing against payment to the website’s service (“paywall”), or, alternatively, (2) providing consent to the deployment of cookies and similar tracking technologies (“cookie wall”) for various purposes, including profiling. In late 2022, the Garante announced it was investigating certain practices, following the receipt of a number of complaints.
As part of the consultation, the Garante is interested in collecting stakeholders’ feedback on the following questions:
- Whether the “Pay or Ok” model can be considered as compatible with the GDPR rules on consent, in particular, as they relate to the “freely given” and “informed” requirements;
- Whether and what type of alternative models exist that could limit the impact on privacy rights; and
- What suitable solutions could be deployed to ensure individuals’ awareness and predictability of the consequences of providing consent, with the view of ensuring that consent be “freely given”, “specific” and “informed”.
The consultation will be open for a period of 60 days from the publication of the Garante’s notice in the Italian Official Journal (not published yet). Interested stakeholders can send their contributions to the Garante’s email addresses: protocollo@gpdp.it (regular email) or protocollo@pec.gpdp.it (certified email), indicating in the subject line: “Public consultation on the “Pay or Ok” model”, or by post.
***
Covington’s Data Privacy and Cybersecurity Team regularly advises clients on their most challenging regulatory and compliance issues in the EU and other major markets. If you have questions about this consultation, we are happy to assist with any queries.