Recent Posts

Copyright Giulio Coraggio 2018

privacy

The Italian Data Protection Authority has ordered to 3 telecom providers to delete telecom and Internet traffic data that they were storing for a period longer than that prescribed by the Italian Privacy Code as well as other data (e.g. the subject of emails and the IP address of destination) that the provider was not authorized to process as such data were not necessary to comply with legal obligations and to perform the required service. Also, the Data Protection Authority...

The European Commission has adopted a new set of standard contractual clauses for transfers of personal data from data controllers in the European Union to data processors located outside the European Union. Under European data protection laws, transfer of personal data to a third country that does not ensure (according to the European Commission) an adequate level of protection to the personal data (which for instance include the United States) cannot take place unless one of the exemptions prescribed by the Directice 95/46/EC applies. One...

Following a number of discussions on the topic, the revised version of the ePrivacy Directive governing the processing of personal data and the protection of privacy in the electronic communications sector will be shortly adopted by the European Commission. The current proposal prescribes: Mandatory Notification of Personal Data Breaches: communications providers and ISPs processing individuals' personal data that have been compromised (e.g. because of a destruction, a loss, an alteration or an unauthorised disclosure) shall inform such individuals if the breach is likely to damage them;  Spyware and...

Datonomy reports that tougher sanctions for data protection breaches are about to be introduced in the UK. This reminds me that similar measures have been implemented in Italy at the end of 2008. Indeed, Law No. 207/2008 prescribed, among others, sanctions:up to € 36,000 if a privacy policy compliant with the requirements prescribed by Italian data protection law is not provided to users; andup to € 120,000 for the unlawful processing of personal data (which includes any processing of personal data without the...