Cookies really need explicit consent
The Spanish Data Protection Authority (DPA) recently fined the airline Vueling for the way it configured cookies on its website.
The following analysis is based on a translation of the decision (see link).
If your website relies on implicit consent for cookies, you need to change when cookies are placed on your computers. Explicit consent should be required before non-essential cookies are placed on a visitor's computer.