PRIVACY

Search
Generic filters

Right to be forgotten and balance with the right to information.

The Italian Supreme Court (Corte di Cassazione), recently returned to the topic of the so-called right to be forgotten, affirmed the need to preserve the historicity of news when it is of interest to the community and to the economic and social history of a Country, while reaffirming the need to balance the interest of the community to maintain the memory of past news with the interest of the individual to maintain control of his or her personal data. From this point of view, the Court considers the deindexing of news on the web together with its updating to be an appropriate measure to balance the individual’s right to be forgotten with the collective right to information.

18 June 2020

Data breach: accidental dissemination of whistleblowers’ data.

Rome’s University “La Sapienza” ended up in the Italian Data Protection Authority’s sights after having notified a violation of personal data as required by art. 33 of the Regulations. Such violation concerned the disclosure of personal data processed through the University’s platform used for the management of offence reports by employees and third parties within the whistleblowing regime. Following the notification breach, the Authority initiated investigations. Violations of the measures provided in the Regulations for the protection of personal data were ascertained, with particular emphasis to the provisions relating to the current security measures in force.

12 June 2020

Cookies and consent: relevant news from the EDPB.

On May 4, 2020, the European Data Protection Board adopted an updated version of the Guidelines on consent under Regulation 2016/679, originally drafted by Article 29 Working Party back in 2017 and already subject to a first revision on April 10, 2018, introducing some important new features regarding cookies.

5 June 2020

FAQ of the Data Protection Authority: data processing at work in context with the current health emergency.

The measures imposed on public and private companies for the containment of the Covid-19 virus, provided for by current legislation and the “Shared protocol for the regulation of measures to contain the spreading of the Covid-19 virus in the place of work” of 14 March 2020, as amended and integrated, include provisions involving the processing of personal data by employers, both in the data relating to employees and to any third parties accessing company’s premises, ensuring the health and safety within the place of work. Therefore, more specifically to the critical data protection issues, the Data Protection Authority has intervened providing companies with concrete indications regarding the correct processing of personal data in the current emergency situation.

29 May 2020

COVID, mobile apps and privacy: European Commission guidance available online (pt. II).

As part of a Community approach to combating and containing the diffusion of the COVID-19 virus (the “coronavirus”), the European Commission has adopted the Guide to Data Protection in Applications to Support the Fight Against the COVID 19 Pandemic (the “Guide”).
Herewith below you can find the second part of the analysis of the aforesaid guidelines (the first part is available here) concerning privacy by design and by default, measures to be taken in order to ensure compliance with the principles of lawfulness, purposes of data minimization, access and storage limitation, based on the various features of the apps under review.

15 May 2020
    • Tonucci & Partners