PRIVACY

Privacy & Cybersecurity

Nel mondo digitale ed interconnesso la protezione dei dati personali e, più in generale, la tutela delle informazioni aziendali non è solo una necessità ma una vera e propria sfida, normativa e regolatoria. Tali dati ed informazioni costituiscono infatti un asset strategico e la loro sicurezza richiede un’attenzione costante e una competenza senza compromessi.

Il nostro Team offre consulenza d’eccellenza a livello nazionale ed internazionale nella privacy e nella cybersecurity con soluzioni su misura per le esigenze di imprese e di gruppi societari complessi e in continua evoluzione. Il nostro approccio nella gestione delle questioni legate alla protezione dei dati e alla cybersecurity ci consente di assistere con successo i nostri Clienti nella gestione dei rischi connessi alle sicurezza delle informazioni, lavorando sempre per garantire un equo contemperamento tra esigenze di legalità e di business.

Intelligenza Artificiale & Diritto delle nuove tecnologie

Nel contesto attuale, le tecnologie emergenti stanno trasformando radicalmente il panorama operativo e normativo in cui le imprese si trovano ad operare. L’Intelligenza Artificiale (IA), in particolare, ha aperto nuove opportunità ma comporta, allo stesso tempo, anche sfide significative in termini di compliance rispetto a nuove normative. Il nostro studio legale è specializzato nell’offrire consulenza d’eccellenza nel campo del diritto delle nuove tecnologie, aiutando le aziende a navigare con successo nel labirinto delle regolamentazioni, in particolare con il nuovo Regolamento in materia di Intelligenza Artificiale dell’Unione Europea (AI Act).

L’era digitale sta evolvendo rapidamente e, con essa, le normative che disciplinano l’utilizzo dei dati e dei servizi online. Il Data Act, il Digital Services Act e il Data Governance Act, il Digital Markets Act  sono solo alcuni dei regolamenti chiave che plasmeranno il futuro dell’Unione europea. Queste nuove normative pongono sfide legali complesse per imprese, società e gruppi societari complessi offrendo, allo stesso tempo, significative opportunità per una gestione più sicura, trasparente ed efficiente delle tecnologie digitali.

Il nostro studio legale è al fianco delle imprese per navigare con successo tra questi nuovi obblighi normativi. Offriamo consulenza strategica e operativa per garantire la piena conformità ai requisiti delle nuove normative emergenti, minimizzando i rischi legali e ottimizzando la gestione del cambiamento in ambito digitale.

Search
Generic filters

EDPS: ok to mobile tracking with adequate safeguards.

In the midst of the emergency linked to the spread of the COVID-19 virus (known to most as “coronavirus”), the search for possible solutions for the containment of the pandemic has now taken on a supranational dimension, recording the first contributions from European institutions. The possibility of monitoring population movements through the analysis of data collected by mobile communication devices, in order to verify the effectiveness of the restrictive measures imposed and the identification of connections between movement trends and contagions, is undoubtedly one of the options on the table. The European Data Protection Supervisor (“EDPS”), consulted by the European Commission, has therefore identified some elements to be taken into account in the implementation of such solutions.

Covid-19 Emergency and online education: the instructions of the Data Protection Authority.

The Italian government with its Legislative decree of 8 March 2020, suspended all educational activities from kindergartens to universities for children/students and their teachers. In the same decree a provision for teaching methods at a distance was activated. As a result of the same, the Italian Data Protection Authority in answer to the questions/reports received from the schools’ DPO, teachers and families, regarding the processing a preliminary guide on how schools and universities should use such tools, guaranteeing the protection of the personal data of the students, their families and their teachers.

Coronavirus: new guidelines on containing the spread of the virus adopted

In light of the approval, of the “Shared Protocol for the regulation of measures to combat and contain the spread of the Covid-19 virus in the workplace” (the “Protocol”) on March 14, 2020, we deem necessary to update our previous newsletter having as object the relationship between the autonomous initiatives of employers in order to manage the emergency related to the spread of the COVID-19 virus (“Coronavirus”) and the legislation on the protection of personal data.

The Italian Data Protection Authority against ENI: multimillion-dollar fine

Following the emergency measures adopted by the Italian Government as a consequence of the recent spread of the COVID-19 virus (known to most as “coronavirus”) in Italy and the consequent state of agitation among the public, the Italian Data Protection Authority issued a specific statement inviting public and private entities to comply with the procedures put in place by the competent authorities for the prevention and containment of the epidemic, avoiding the implementation of uncoordinated and unhelpful initiatives that could potentially violate the right to confidentiality of the data subjects concerned.

Unsolicited promotional activities: the Italian Data Protection Authority fines Eni Gas e Luce for 8 million euros.

The company Eni Gas e Luce has received from the Italian Data Protection Authority an administrative sanction of € 8,500,000.00 for unwanted telemarketing activities and unlawful management of contact data used for marketing campaigns. The company was sanctioned for having made advertising calls without the consent of the data subjects, for not having adopted adequate technical and organizational measures to implement the expressions of will of the data subjects and for having kept the data of the data subjects for a longer period than the necessary period to pursue the purposes. This is what emerged from the investigations of the Guarantor, which began following some reports received by the Authority during 2018 and 2019.

The Italian Data Protection Authority against ENI: multimillion-dollar fine.

Unsolicited contracts, inaccurate data and false subscriptions: the manifestly incorrect and fraudulent conduct of one of its agencies and the failure to apply adequate controls has cost Eni Gas e Luce S.p.A. a 3 million euro fine due to the several breaches found by the Italian Data Protection Authority with reference to the processing of personal data connected to the activation of energy supply contracts.

Commercial communications and the consent of its data subjects.

Sending commercial communications for promotional purposes to users must always be preceded by the acquisition of a valid consent, which must be free, specific and accountable. The Data Controller is also responsible for implementing adequate organizational and technical measures in order to guarantee the correct management of the rights of the data subjects, with particular reference to the right to object to the processing.
This is what is established by the provision of the Data Protection Authority n. 133 of 20 June 2019.

Online services: EDPB guidelines available online.

Following a public consultation process, the European Data Protection Board has adopted the final version of the Guidelines 2/2019 on the processing of personal data under Article 6(1)(b) of Regulation (EU) 2016/679 – General Data Protection Regulation (the “GDPR”) in the context of the provision of online services to data subjects.