Data Protection & Cybersecurity Archives | GamingTechLaw by Giulio Coraggio

ByMarianna Riedo 0Comments

How the exploitation of blockchain can be GDPR compliant for the EDPB

The European Data Protection Board ("EDPB") adopted Guidelines 02/2025 on processing of personal data through blockchain technologies (the "Guidelines"), addressing the delicate and complicated intersection of distributed ledger technology with the EU’s General Data Protection Regulation ("GDPR").

May 2025

ByGiulia Zappaterra 0Comments

NIS 2 in Italy – Deadlines and Obligations

This infographic summarizes, in legal design style, the main deadlines and obligations imposed by Legislative Decree No. 138/2004 (the NIS2 Decree), which transposed in Italy the provisions of Directive (EU) 2022/2555 on measures for a high common level of cybersecurity (the NIS2 Directive).

The DPO CANNOT be the Legal Representative of the Company in Italy

In a significant decision, the Italian Data Protection Authority (the Garante) addressed a critical issue concerning the roles of Data Protection Officer (DPO) and legal representative within organizations operating in Italy.

NIS 2 – The Countdown to Compliance in Italy Has Officially Started

NIS compliance in Italy is no longer optional—with the formal notifications by the Italian cybersecurity authority (ACN) to the impacted entities, the race to meet regulatory cybersecurity obligations has officially begun.

ByEdoardo Bardelli 0Comments

EU Data Act Into Force: What Companies Must Do Now to Comply

With the EU Data Act now into force, companies must urgently prepare for sweeping new obligations on data access, sharing, and interoperability across connected products and services.

Securitization SPV Must Appoint a DPO, Says Italian Data Protection Authority

In a recent and thought-provoking decision, the Italian Data Protection Authority (Garante) sanctioned a securitization Special Purpose Vehicle (SPV) for failing to comply with several GDPR requirements — most notably, for not appointing a Data Protection Officer (DPO).

Mar 2025

Shall Businesses Redraft All Their Privacy Consents in Italy?

Businesses relying on broad and generalized consents for marketing activities face a significant risk following a recent ruling by the Data Protection Authority (the Garante) in Italy.

Mar 2025

ByRoxana Smeria 0Comments

Data Act: the level of enrichment of data for it to be considered inferred or derived

The European Commission has recently published an updated version of the FAQs on the Data Act, offering further clarification on the concepts of inferred or derived data.

Feb 2025

ByGiulia Zappaterra 0Comments

NIS 2 – Deadline for Registration in Italy is Fast Approaching

The NIS 2 Directive has been implemented in Italy through Legislative Decree No. 138/2024, which has expanded the scope of the regulation at the national level, and one of the first obligations imposed by the decree is the registration on the National Cybersecurity Agency (ACN) portal by the end of February 2025.

Feb 2025