Data Protection & Cybersecurity Archives | GamingTechLaw by Giulio Coraggio

01

A recent and far-reaching decision by the Italian Data Protection Authority (Garante) has significantly altered the rules governing marketing privacy consent in Italy, introducing a potential obligation to…

ByGiulio Coraggio 0Comments

23

Jun 2025

Data Protection & Cybersecurity

Ransomware and Crime – A Proposal to Tackle Cyber Extortion in Italy

The potential classification of activities associated with ransomware cyberattacks, including ransom payments by victims, as a crime has long been an unresolved issue, also in Italy. This concern has now led Italy to introduce a groundbreaking legislative proposal aimed at enhancing cybersecurity and mitigating threats posed by digital extortionists.

ByGiulio Coraggio 0Comments

12

Jun 2025

Data Protection & Cybersecurity

EDPB Guidelines for Controllers and Processors in the Event of Requests from Third Countries

On 4 June 2025, the European Data Protection Board (hereinafter, "EDPB") adopted the final version of Guidelines 02/2024 on Article 48 of the GDPR (hereinafter, the "EDPB Guidelines"). The purpose of the EDPB Guidelines is to clarify the scope of Article 48 of the GDPR – which governs the limits on the recognition and enforcement of judicial or administrative decisions from third countries requiring the transfer of personal data – in order to provide practical mechanisms for companies called upon to respond to requests for the transfer or disclosure of personal data from authorities of third countries.

ByFederico Toscani 0Comments

03

Jun 2025

Data Protection & Cybersecurity

The Garante Issues First GDPR Fine Over Employees Email Metadata Privacy Breach in Italy

The Italian Data Protection Authority (the Garante) issued its first GDPR fine on, among others, the unlawful retention of metadata from employees’ emails and web browsing activities applying in Italy for the first time its highly discussed guidelines of 2024 on the use of metadata in workplace email systems.

ByGiulio Coraggio 0Comments

27

May 2025

Data Protection & Cybersecurity

Google, Privacy & $1.3B Fine: Who’s Tougher — US or EU?

Google has agreed to pay a $ 1.375 billion fine to settle two major privacy lawsuits in Texas—its largest data-related payout ever. But is the U.S. finally outpacing the EU in regulating Big Tech?

ByGiulio Coraggio 0Comments

26

May 2025

Data Protection & Cybersecurity

NIS 2 – Personal Liability of Directors For Lack of Compliance

The NIS 2 Directive has issued a significant warning to companies within the European Union: the personal liability of directors for lack of compliance is now a critical issue that cannot be ignored and the responsible directors must be notified by the end of May 2025.

ByGiulio Coraggio 0Comments

22

May 2025

Data Protection & Cybersecurity

Proposed Major GDPR Reform by the EC to Ease Compliance for Growing Businesses

The European Commission has just unveiled a draft regulation that proposed important reform to the General Data Protection Regulation (GDPR), as part of a broader initiative to reduce administrative burdens and promote competitiveness across the EU.

ByGiulio Coraggio 0Comments

12

May 2025

Data Protection & Cybersecurity

EDPB and EDPS’ preliminary feedback on proposed GDPR record of data processing simplification

The European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) issued a joint letter responding to the European Commission’s draft proposal aimed at simplifying record of data processing obligations under Article 30 of the GDPR.

ByRoxana Smeria 0Comments

07

May 2025

Data Protection & Cybersecurity

How the exploitation of blockchain can be GDPR compliant for the EDPB

The European Data Protection Board ("EDPB") adopted Guidelines 02/2025 on processing of personal data through blockchain technologies (the "Guidelines"), addressing the delicate and complicated intersection of distributed ledger technology with the EU’s General Data Protection Regulation ("GDPR").

ByMarianna Riedo 0Comments

07

May 2025

Data Protection & Cybersecurity

NIS 2 in Italy – Deadlines and Obligations

This infographic summarizes, in legal design style, the main deadlines and obligations imposed by Legislative Decree No. 138/2004 (the NIS2 Decree), which transposed in Italy the provisions of Directive (EU) 2022/2555 on measures for a high common level of cybersecurity (the NIS2 Directive).

ByGiulia Zappaterra 0Comments