Data Protection & Cybersecurity Archives | GamingTechLaw by Giulio Coraggio

The Garante Issues First GDPR Fine Over Employees Email Metadata Privacy Breach in Italy

The Italian Data Protection Authority (the Garante) issued its first GDPR fine on, among others, the unlawful retention of metadata from employees’ emails and web browsing activities applying in Italy for the first time its highly discussed guidelines of 2024 on the use of metadata in workplace email systems.

27

Google, Privacy & $1.3B Fine: Who’s Tougher — US or EU?

Google has agreed to pay a $ 1.375 billion fine to settle two major privacy lawsuits in Texas—its largest data-related payout ever. But is the U.S. finally outpacing the EU in regulating Big Tech?

26

NIS 2 – Personal Liability of Directors For Lack of Compliance

The NIS 2 Directive has issued a significant warning to companies within the European Union: the personal liability of directors for lack of compliance is now a critical issue that cannot be ignored and the responsible directors must be notified by the end of May 2025.

22

Proposed Major GDPR Reform by the EC to Ease Compliance for Growing Businesses

The European Commission has just unveiled a draft regulation that proposed important reform to the General Data Protection Regulation (GDPR), as part of a broader initiative to reduce administrative burdens and promote competitiveness across the EU.

12

ByRoxana Smeria 0Comments

EDPB and EDPS’ preliminary feedback on proposed GDPR record of data processing simplification

The European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) issued a joint letter responding to the European Commission’s draft proposal aimed at simplifying record of data processing obligations under Article 30 of the GDPR.

07

ByMarianna Riedo 0Comments

How the exploitation of blockchain can be GDPR compliant for the EDPB

The European Data Protection Board ("EDPB") adopted Guidelines 02/2025 on processing of personal data through blockchain technologies (the "Guidelines"), addressing the delicate and complicated intersection of distributed ledger technology with the EU’s General Data Protection Regulation ("GDPR").

07

ByGiulia Zappaterra 0Comments

NIS 2 in Italy – Deadlines and Obligations

This infographic summarizes, in legal design style, the main deadlines and obligations imposed by Legislative Decree No. 138/2004 (the NIS2 Decree), which transposed in Italy the provisions of Directive (EU) 2022/2555 on measures for a high common level of cybersecurity (the NIS2 Directive).

23

Apr 2025

The DPO CANNOT be the Legal Representative of the Company in Italy

In a significant decision, the Italian Data Protection Authority (the Garante) addressed a critical issue concerning the roles of Data Protection Officer (DPO) and legal representative within organizations operating in Italy.

17

Apr 2025

NIS 2 – The Countdown to Compliance in Italy Has Officially Started

NIS compliance in Italy is no longer optional—with the formal notifications by the Italian cybersecurity authority (ACN) to the impacted entities, the race to meet regulatory cybersecurity obligations has officially begun.