Are the GEDI Group’s cookie banners compliant with the GDPR?

In recent weeks, cookies have received a great deal of attention in Italy after Italian media conglomerate, GEDI Gruppo Editoriale S.p.A., implemented new cookie banners across a number of its websites (e.g., La Repubblica, La Stampa, Huffpost, Il Secolo XIX).  GEDI is not alone, however, as other major Italian newspapers such as Corriere della Sera, ...

“Easy privacy information via icons? Yes, you can!”: The European Centre on Privacy and Cybersecurity (ECPC) Data Protection Icons win transparency contest organized by the Italian Data Protection Authority

We are very pleased to announce that the European Centre on Privacy and Cybersecurity (ECPC) is among the winners of the Italian Data Protection Authority’s “Easy privacy information via icons? Yes, you can!” data protection icons contest! Launched on 15 March 2021, the contest called upon members of the public to develop a set of icons which may be ...

New publication

Felice di aver partecipato con la collega Francesca Tugnoli alla stesura del commento sui Reati Informatici (art. 24 bis), Reati IP (art. 25 Nonies) e art. 67 nel Commentario al Decreto sulla responsabilità da reato degli Enti – D.Lgs. 231/2001 edito dalla Pacini Editore. Ringraziamo Guido Stampanoni Bassi e Lorenzo Nicolò Meazza dell'opportunità che ci ha permesso di sottolineare gli aspetti multidisciplinari di queste materie (IT, ...

“Public Health AND Privacy” vs. “Public Health OR Privacy” in the time of the COVID-19 pandemic

The COVID-19 outbreak has touched the lives of millions of individuals across the globe. Among those severely affected are the residents of my native Italy who are currently under a mandatory lockdown  (nationwide travel restrictions have been enacted) until an undefined date.  But how should the collection of potentially special category personal data (health data) be managed in a pandemic? Several data protection authorities have provided ...

GDPR and the Coronavirus in Italy

The COVID-19 outbreak has affected the lives of millions of individuals across the globe. Among those affected are the residents of my native Italy who are currently under a mandatory lockdown (nationwide travel restrictions have been enacted) until April 3rd. In this time of crisis, however, it's important to not forget that data ...

GDPR, focus sulla nuova privacy europea a #Sicurezza2017 | 16 novembre a Fiera Milano

"Toccherà a Federprivacy fare il punto sulle nuove regole in materia di privacy durante il convegno "GDPR, il nuovo Regolamento Europeo sulla protezione dei dati", organizzato da Ethos Media Group per il prossimo 16 novembre, a cui parteciperanno esperti della materia e rappresentanti delle autorità come il colonnello Marco Menegazzo, Comandante del Nucleo Speciale Privacy della Guardia ...

Italian employers can no longer control employees’ e-mails and communications when private-professional use of corporate devices are allowed

Background information/scenario Since the publication of the Guidelines Applying to the Use of E-Mails and the Internet in the Employment Context, the Italian Data Protection Authority (“Garante”) has had more than one opportunity to state its view on the controls of IT devices provided to employees to perform their job. In the case at stake, a ...

The Italian Data Protection Authority forbids the use of contact details of companies and professionals for marketing purposes without prior consent

Background information/scenario Do marketing purposes need specific consent and does such consent apply even when targeting professionals and companies whose contacts are publicly available on Internet? In one of its first decisions dated 2017, the Italian Data Protection Authority  (“Garante”) restated that all data controllers must collect a freely given and specific consent in order to ...