“Point-to-point” consent for third-party marketing

On 22 June 2021, the Italian Data Protection Authority (DPA) announced that a month earlier, it had issued a major decision for the data sharing economy concerning the interpretation of third-party marketing consent. A company active in the energy sector (Company A) was fined EUR 3 million for unlawful data processing activities which involved the use ...

Reflections on three years of the GDPR

In recent weeks I have noticed a growing number of influential figures in the data protection world speaking out against a perceived lack of enforcement of the GDPR, the most influential data protection law known to date. Those in favor of revisiting the seminal law argue, for example, that the One-Stop-Shop mechanism is misguided or ...

MORE ATTENTION TO INDIVIDUALS IS THE KEY TO SUCCESSFUL Work from Anywhere (WFA): A few (non-legal) words on “talent on the cloud” and the WFA phenomenon

I am usually requested to express my opinion on cloud services and their legal aspects; but today I want to share some thoughts on “talent on the cloud” and the Work from Anywhere (WFA) phenomenon.  I will consciously refrain from letting my legal thoughts (e.g., in terms of privacy and cybersecurity) kick in (mindful of the fact that it’s ...

Safer Internet Day: The tale of TikTok under the spotlight of the Italian DPA

In light of the 18th edition of Safer Internet Day, which “calls upon all stakeholders to join together to make the internet a safer and better place for all, and especially for children and young people”,  I have decided to dedicate a blog post to the Italian TikTok case.  The case of TikTok The Italian DPA (Garante per la protezione ...

LET’S MAKE 2021 THE YEAR OF TRUE ‘TRANSPARENCY’, A SOCIALLY RESPONSIBLE BEHAVIOR FOR DATA PROCESSING ACTIVITIES

By No tags Permalink

Today, 28 January, is Data Protection Day, an annual celebration of privacy and data protection commemorating the date that Convention 108 of the Council of Europe was first opened for signature. This year, however, I would invite all data protection practitioners, academics, business leaders, educators, politicians, security experts and human rights and privacy activists to ...

Expand your professional knowledge with the Lead auditor and consultant training on the CSA GDPR Certification and Code of Conduct

By No tags Permalink

Register today for our online course 17 – 20 November 2020 (from 15:00-19:00 CEST)   Become a qualified Code of Conduct (CoC) auditor and gain an in-depth understanding of how the CSA Code of Conduct for GDPR Compliance works!  Are you a professional wanting to guide organisations toward GDPR compliance? Do you have knowledge about the inner workings of a Code of ...

“Malware Found in Chinese Tax Software Used by Foreign Tech Firm” by William Hoke, Tax Analysts

By No tags Permalink

I was recently interviewed by Tax Analysts journalist William Hoke. Read more of what I had to say about malware and the importance of carrying out adequate cybersecurity risk assessments and analyses on software before implementing such technologies within organizations.   Read the entire article here.

EDPB Publishes FAQ on the judgment of the Court of Justice of the European Union in Case C-311/18 “A NEW AGE OF DATA TRANSFERS” PART II

By No tags Permalink

Today the European Data Protection Board published its Frequently Asked Questions on the judgment of the Court of Justice of the European Union in Case C-311/18 - Data Protection Commissioner v Facebook Ireland Ltd and Maximillian Schrems, adopted on 23 July 2020. The FAQ, which "will be developed and complemented along with further analysis, as ...

UPDATE (III): “PUBLIC HEALTH AND PRIVACY” AND NOT “PUBLIC HEALTH OR PRIVACY”: A COLLECTION OF GUIDANCE ON COVID-19

In the evolving COVID-19 scenario in which business continuity also depends on adequate data protection and cybersecurity practices on the part of organizations, knowledge mapping of privacy & data protection guidance and cybersecurity best practices has taken on an even more important role. It’s for that very reason that, without the presumption of completeness, I ...

ICTLC ranked by The Legal 500 in Data Privacy & Data Protection and Industry Focus: TMT

By No tags Permalink

I’m very pleased to announce that our firm, ICT Legal Consulting, has been ranked by The Legal 500 EMEA 2020 in the areas of Data Privacy and Data Protection (Tier 2) and TMT (Tier 4)!  I have been listed as a Recommended Lawyer together with my fellow Founding Partner Luca Bolognini and Of Counsel Francesco Torlontano.  This year’s result solidifies our position as a leading international firm in the ...