Category Archives: Open Forum


As is widely known, the European Union General Data Protection Regulation, which replaces Directive 95/46/EC, will come into force in May 2018 and will bring relevant changes to all stakeholders: DPAs, individuals, controller and processor organizations. In order to help organizations understand the key operational impacts of the regulation and to stimulate their internal change,… Read More »


Architecture of GDPR as an answer to the modern need for a sustainable development of technological dynamics. Twenty years ago, the first Personal Data Protection Law entered into force in Italy. Since then, both the complexity of the regulations  and the public awareness have been growing wide, same pace with the thriving technological progress. Nowadays… Read More »

Practical alternatives to Safe Harbor

The European Commission issued a guide for transferring data outside of the EU after Schrems’s sentence: We now have two ways: using contractual clauses or binding corporate rules (BCR). These two methods are applicable to all transfers to Countries for which there is not an authorization by the European Commission or a local privacy… Read More »

The “Titolare” strikes back

We are all rereading the updated italian version of the GDPR text, which should be voted in the coming weeks. Compared to the previous version I thought they would only eliminate the deletions and renumber the articles. I do see that they touched up the translation as well. Some changes are marginal but there is… Read More »

Change in the group of coordinators

As part of the normal life of this blog we are announcing here a change in the coordinators. Guglielmo has asked to leave the coordinators group because of an increased workload due to external factors, but of course he will continue as one of the contributors. We thank Guglielmo who helped us kick off this initiative… Read More »

Report Verizon : violated 9 out of 10 companies

The 2015 edition of the Protected Health Information Data Breach Report, released by Verizon and based on a database of protected health information (PHI), amounting to 392 million records, and over 1,931 incidents detected in 25 countries. What’s most alarming is that 90% of companies involved in the survey suffered violations of personal health… Read More »