Privacy Shield passes Commission’s annual review

Today the European Commission published its first annual report on Privacy Shield, which is of fundamental importance with respect to international data transfers, having implications for both the EU and US economies. After one year, the Commission has confirmed that Privacy Shield is fit for its purpose, protecting the data of subjects whose data is ...

Council proposes new rules for analytics

In early September the Council reviewed the draft of the new e-Privacy Regulation (“EPR”) - previously published by the European Commission on 10 January 2017 -  which allows the use of first-party and third-party analytic cookies without express consent of the end-user. Among other changes to the new EPR, the Council has proposed amendments to Article 8, concerning ...

GDPR, focus sulla nuova privacy europea a #Sicurezza2017 | 16 novembre a Fiera Milano

"Toccherà a Federprivacy fare il punto sulle nuove regole in materia di privacy durante il convegno "GDPR, il nuovo Regolamento Europeo sulla protezione dei dati", organizzato da Ethos Media Group per il prossimo 16 novembre, a cui parteciperanno esperti della materia e rappresentanti delle autorità come il colonnello Marco Menegazzo, Comandante del Nucleo Speciale Privacy della Guardia ...

Professor of Privacy, Cybersecurity, and IT Contract Law at Maastricht University Faculty of Law’s ECPC

I am honoured to announce my new role as extraordinary Professor of Privacy, Cybersecurity, and IT Contract Law at the European Centre on Privacy and Cybersecurity (ECPC) within the Maastricht University Faculty of Law.

The limits of corporate email snooping

On September 5th, 2017, the Grand Chamber of the European Court of Human Rights declared that employees must be aware in advance of the monitoring of their corporate email account. The case brought by a Romanian worker, Bogdan Barbulescu, dates back ten years to when he used an online chat service, Yahoo Messenger, to answer customer ...

EU-Canada PNR Agreement is incompatible with EU fundamental rights

The Court of Justice of the European Union recently issued an opinion determining that the agreement envisaged between the EU and Canada on the transfer of Passenger Name Record (PNR) data may not be concluded in its current form, since several provisions of the draft agreement don't meet requirements stemming from the fundamental rights of the European ...

Banks: Garante determines employees are not allowed to furtively view current accounts

On 22 June 2017, the Italian Data Protection Authority confirmed the unlawful processing of personal data by an Italian bank which permitted one of its employees to illicitly view and communicate current account data of one its clients to third parties. In the case at stake, an account holder argued before the Garante that specific data relating ...

3rd Annual India Privacy Summit: Privacy & Security in the Age of Intelligent Machines

I will be a speaker at the 3rd Annual India Privacy Summit on September 21, 2017 at Taj West End, Bangalore. Speakers will deliberate on best practices and field-tested solutions for the latest privacy issues facing a wide range of businesses and expert speakers are invited by the Executive Committee will give keynote speeches and all issues ...

Italy approves 6 year data retention

On 19 July 2017, during a session dedicated to the fulfilment of obligations resulting from EU membership, the Italian Chamber of Deputies approved an amendment which extends the period of retention of telephone and electronic communication traffic data to 6 years with a view of detecting and suppressing criminal offences and terrorism. The amendment still has to ...