fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " Italy "

Italian DPA Issues Judgment Concerning ‘Right to be Forgotten’

On July 22, 2019, the Italian supervisory authority for data protection (Garante) issued a judgment involving the so-called “right to be forgotten”.

The Garante held that, in accordance with Article 21 of the GDPR, the data subject has the right to object to the processing of personal data on the grounds of his or her particular situation.

On that basis, Google is required to stop the processing of the personal data unless it can demonstrate compelling legitimate grounds.

Furthermore, the Garante made clear that the principles of data protection apply to any information concerning an identified or identifiable natural person. Thus “right to be forgotten” applies to any searches, not exclusively to searches by individual’s name.

Source: Italian Supervisory Authority Issues Judgment Concerning ‘Right to be Forgotten’

Facebook fined by Italian DPA €1M over Cambridge Analytica scandal 

Italy’s privacy regulator fined Facebook €1 million Friday for violations connected to the Cambridge Analytica scandal — the largest fine against the social networking giant connected to that case.

The €1 million fine follows a previous £500,000 sanction by the British privacy watchdog, which similarly found that the tech giant had not sufficiently protected people’s online data

Source: Facebook fined €1M over Cambridge Analytica scandal – POLITICO

Users must receive specific and helpful information in case of a data breach

No generic information may be provided to users in case of a data breach, whilst specific guidance must be made available on how to prevent unlawful use of one’s personal data – in particular identity thefts.

This is the decision issued by the Italian Supervisory Authority (Garante per la protezione dei dati personali) against one of Italy’s leading email service providers following the proceeding initiated after the company had notified the Garante of a data breach.

Source: Italian SA: Users must receive specific, helpful information in case of a data breach

Italy’s DPA Fines Data Processor for Information Security Failures

Italian Data Protection Authority, Garante, has issued a 50,000 EUR fine against a data processor platform for its failures to implement several information security measures.

Measures addressed by Garante includes: conducting periodic vulnerability assessments, ensuring timely implementation of patches, requiring strong passwords and ensuring password security.

Source: Italy’s DPA Fines Data Processor for Information Security Failures | Privacy Compliance & Data Security

Italian DPA calls for end of Whatsapp/Facebook “data sharing practices” as investigation finalises

Earlier this year, the Italian DPA closed its investigation into WhatsApp sharing data with Facebook. The investigation started in August 2016, after changes to the “terms of service and privacy notice” by WhatsApp.

Those changes were related to the sharing of some information about WhatsApp accounts — such as users’ phone numbers, device information, and “last seen” access — with Facebook for the following purposes: business analysis analytics, system security, and targeted advertising.

Full article: Italian DPA calls for end of Whatsapp/Facebook “data sharing practices” as investigation finalises

GDPR Italian Implementing Decree Has Been Published

On 4 September, the Legislative Decree no. 101 of 10 August 2018 (the “Decree”) for the national implementation of General Data Protection Regulation (EU) 2016/679 (the “GDPR”) has been published in the Official Journal . The approach of the legislator was to maintain the structure of former Legislative Decree 196/2003 (the “Privacy Code”) which, however, has been extensively amended and integrated, and now contains only some residual provisions in addition to those of the GDPR which are directly applicable.

Source: GDPR Italian Implementing Decree Has Been Published

Italy’s Data Protection law integrating the GDPR finally in place

Italian privacy law integrating the GDPR is finally in place, but a number of provisions remain unclear, but need immediate action. After having spent the well-deserved summer break, Italians are back to work and the legislative decree integrating the GDPR has been finally published on the Official Gazette and will be binding with effect from the 19th of September 2018.

Source: ITALY: Data Protection law integrating the GDPR in place

Italy adopts GDPR implementation law

The board of the Ministries approved the final text of Italian privacy law integrating the GDPR raising major concerns on the scope of the law. On the 8th of August 2018, the Italian Board of Ministries announced to have approved the Italian privacy law integrating the GDPR.

Source: ITALY – Privacy law integrating the GDPR adopted!

Italy adopted GDPR law. What to do?

The Italian privacy law integrating the GDPR has been finalized by the Board of Ministers, unveiling unexpected surprises a few days before the 25th of May 2018. The Italian Board of Ministers issued the final text of the legislative decree integrating the EU General Data Protection Regulation.

Source: Italy: Privacy law integrating the GDPR adopted, what to do?

ITALY: Privacy Code to be repealed, what to expect with the GDPR?

The current draft of Italian privacy law repeals the Privacy Code, integrating the GDPR reveals with some interesting news, but also some concerns.

It is at least surprizing that after (almost) 2 years from the approval of the European privacy regulation and with the deadline of the 25th of May 2018 so close, a number of EU Member States still need to adopt their local law integrating the EU General Data Protection Regulation (GDPR).

Source: ITALY: Privacy Code to be repealed, what to expect with the GDPR?

>