The Italian Data Protection Authority (DPA) after a long consultation has finally published its decision on the measures to be taken in case of data breaches by telecom and Internet operators implementing the Directive 2009/136/CE.Telephone and internet service providers shall notify the DPA of any breach of personal data stored in electronic databases or manual archives within 24 hours from the discovery of the event providing details on the breach such as types of data involved, processing systems affected, place...
Apps for smart phones and tablets collect a large number of information about users. This is why the European Article 29 Working Party issued an opinion on the obligations to be met in the processing of such information applicable to both European and worldwide entities.
The Italian Data Protection Authority (DPA) has run an inspection on 11 telephony and Internet service providers as to the term and modalities of retention of traffic data. As a general principle, personal data cannot be retained for longer than the term necessary for the purpose for which they have been collected. Also, in relation to traffic data, Italian data protection law provides that telephone traffic data have to be retained for 24 months, while Internet traffic data have to be...
