Data Protection & Cybersecurity Archives | GamingTechLaw by Giulio Coraggio

The CNIL issues its Recommendations on Compliance of AI with the GDPR

The French Data Protection Authority (CNIL) has published useful recommendations on how to use AI solutions processing personali data in compliance with the GDPR.

Apr 2024

EU Data Act into Force to Revolutionize Digital Economy

The EU Data Act has entered into force and is a pivotal legislation aiming to reshape the fair distribution of value generated from data in the digital economy.

Mar 2024

ByRoxana Smeria 0Comments

The EU Parliament approved the Cyber Resilience Act: what obligations lie ahead for manufacturers, importers and distributors?

Last March 12, 2024, the EU Parliament officially approved the Cyber Resilience Act, marking an important step forward in cybersecurity of products placed on the market.

Mar 2024

Italy’s Largest GDPR Fine Against ENEL Highlights Flaws in DPAs’ Enforcement Procedures

The Garante issued the largest ever GDPR fine in Italy against ENEL Energia, which, however, shows deficiencies in the enforcement procedures that should be improved to benefit privacy-related values across Europe.

Cyber Criminals Are the New Bandits – How do you deal with them?

Cyber criminals have become a major threat with increasing ransomware attacks that require to implement robust measures of legal compliance, this article gives indications on how to deal with it.

Retention of Metadata of Employees’ Emails Restricted by the Italian Privacy Authority

In a highly discussed (and criticized) move, Italian Privacy Authority (the Garante) has mandated a dramatic shift in email metadata retention policies relating to employees emails’ metadata.

A data broker CANNOT rely on legitimate interest according to the Belgian data protection authority

A recent decision by the Belgian Data Protection Authority (DPA) explores the challenges for a data broker to rely on legitimate interest in its data monetization practices.

Here comes DORA: How can DLA Piper support you in complying with the Regulation?

Giulio Coraggio explains the methodology developed by the law firm DLA Piper to comply with the DORA regulation.

ByMaria Chiara Meneghetti 0Comments

CJEU clarifies that a data breach does not presuppose inadequate technical privacy measures

In a recent ruling, the Court of Justice of the European Union ("CJEU") has spoken for the first time on the interpretation of 32 of the GDPR and the obligation to take adequate privacy security measures in the context of a data breach.

Jan 2024