Right to oblivion and indexing of non-EU websites: the position of Persona Data Protection Authoriy.

Google privacy saga concerning right to obivion continues with the measure of Italian Persona Data Protection Authority n. 557 dated December 21st, 2017 concerning the remova of certain Url from the list of European and non-European results of the widely-known search engine. It is very interesting the fact that the data subject is an Italian… Read More »

The ‘good officer’ that controls our data. How to appoint a DPO

The appointment of the Data Protection Officer (DPO) is one of the most controversial points of the implementation of the new Reg. EU 2016/679 on data protection. The Data Protection Authority provides guidance on this matter through a series of FAQs. The DPO is a key figure that is mandatory for public and private health facilities… Read More »

PRIVACY LAWS

My job allows me to attend many diverse workshops and events on GDPR. My overall impression is that most of the attendees have never really read a privacy legislation text, whether it’s the current legislation or the GDPR. This state of things is quite detrimental because the questions asked are often absolutely irrelevant (for instance,… Read More »

WP art. 29 published a document about transparency and Information to be provided

WP art.29 published on public consultation wp260  titled “Guidelines on transparency under Regulation 2016/679”. This document details how to comply with art. 12 to 22 and 34. Great attention is devoted to art.13 and art. 14.. WP art.29 on paragraph 2 make clear that privacy statements/ notices shall comply with Transparency, as expressed is in the document,… Read More »

Italian DPA forces an Italian Party to update its CMS

Recently the Italian Data Protection Authority obliged an italian party Movimento Cinque Stelle to update its web site Content Management System, reserving the right to apply administrative sanctions  ex art. 162 of Italian Privacy Code dlgs. 196/2003 vedi http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/7400401 How many companies have their site CMS out of date? Perhaps it is better to hurry up.… Read More »

Certification and liability of the data controller

This paper aims to analyse a tool of the so-called “soft law”, that is the certification in the field of data protection. Art. 42, paragraph 2 of EU Regulation 2016/679 defines certification as voluntary. However, it is, more appropriately, a regulated certification, since it is based on rules issued by official institutions: particularly, certification criteria… Read More »

Social Spam & Marketing

In the NEWSLETTER N. 435 del 29 novembre 2017 http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/7221009 the Italian Autority point attention on a type of questions that are often made to me during courses and / or conferences, id est if and within what limits it is possible to use the e-mail addresson socialfor marketing purposes. Our Autority reminds us that… Read More »

Delegation to the Government for the transposition of European directives and the implementation of other European Union acts

On 25 October the Delegation to the Government for the transposition of European directives and the implementation of other European Union acts (European delegation law 2016-2017) was issued. Delegation to the Government for the Transposition of European Directives and the Implementation of Other Acts of the European Union – European Delegation Law 2016-2017. (17G00177) (OJ… Read More »