Here you can read some articles on Italian and international privacy, cybersecurity and data protection issues drafted by either Giulio Coraggio or the other authors of GamingTechLaw.
The European Commission’s proposal to codify legitimate interest as a legal basis for AI training marks the most significant reform to the GDPR since its adoption. By explicitly recognizing legitimate interest as legal basis for AI training, the Commission aims to reconcile data protection with the realities of modern artificial intelligence.
The Data Act effective date is TODAY 12 September 2025 with most of the provisions of Regulation (EU) 2023/2854, better known as the Data Act, will finally come into force.
AI governance is no longer an abstract concept—it has become a core business necessity. In the latest episode of our podcast Legal Leaders Insights, I had the privilege of speaking with Emerald De Leeuw-Goggin, Global Head of AI Governance & Privacy at Logitech, about how companies can balance innovation with compliance in one of the fastest-evolving areas of law and technology.
The upcoming "Schrems III case" on 3 September 2025 could invalidate the EU–US Data Privacy Framework (DPF), once again disrupting data transfers between the European Union and the United States and forcing businesses to fall back on alternative solutions such as the Standard Contractual Clauses and Transfer Impact Assessments creating a potential panic moment for many businesses.
The recent ECJ judgment in Case C-65/23 (MK v K GmbH) delivers a clear and far-reaching message for employers across the EU: a works agreement cannot serve as a valid legal basis under the GDPR.
