On May 16, 2018, the Garante per la Protezione dei Dati Personali, Italy’s Data Protection Authority (DPA), authorized the transfer of personal data using Binding Corporate Rules, BCR, approved by May 24, 2018. What is BCR. BCRs are a tool to allow the transfer of personal data among branches belonging to the same multinational company […]
On March 9, 2017, the Garante per la Protezione dei Dati Personali, the Italian Data Protection Authority (DPA), issued a favorable opinion on a legislation that regulates the Banca Nazionale del DNA, the Italian DNA Bank. The legislation regulates the modalities of deletion of DNA profiles, the destruction of biological samples, the input and updating of the data necessary […]
On October 27, 2016, the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali) authorized the transfer of personal data to the U.S. according to the EU-US Privacy Shield. With its decision, the Italian DPA has aligned itself with to the European Commission’s decision of adequacy, which recognized the Privacy Shield as granting an adequate […]
Cookie regulation in Europe is quite strict. In a previous blog we discussed the cookie law of France, Germany, Italy and the UK, focusing on information to users, user consent and consequences of violations. However, cookies are not the only method to track users. There are cookie-free tracking methods that are similarly invasive, for example […]
Internet-of-Things (IoT) (or internet-of-everything as it is often interchangeably called-) is a buzzword and it is all over. At present, the news is more technological than legal. Nonetheless, the IoT triggers some worrisome legal issues, among which data collection, data security, and invasion of privacy are among the most compelling. Actually, these issues are imposing because […]
Internet-of-Things (IoT) (or internet-of-everything as it is often interchangeably called-) is a buzzword and it is all over. At present, the news is more technological than legal. Nonetheless, the IoT triggers some worrisome legal issues, among which data collection, data security, and invasion of privacy are among the most compelling. Actually, these issues are imposing because […]
Tags: DATA PROTECTION, IOT, US PRIVACY
France Article 32-II of the French Data Protection Act transposes into French law the obligation to obtain informed consent to store information of Article 5.3, Directive 2002/58/EC (above). On December 16, 2013, the CNIL, the French Data Protection Authority, released a set of practical FAQs (plus technical tools and relevant source code, in French) providing […]
Cookies are making headlines in Europe recently. In this blog we will have a closer look at the situation of France, Germany, Italy and the UK, focusing on information to users, users’ consent and consequences of violations. What is a cookie? “A cookie is a small piece of data that a website saves on your […]
On June 5, 2015, the Italian Data Protection Authority (“DPA”) issued Doc 4006878 clarifying specific issues concerning the implementation of the law on cookies (Individuazione delle modalità semplificate per l’informativa e l’acquisizione del consenso per l’uso dei cookie – Means to inform and obtain consent for the use of cookies, dated May 8, 2014 [3118884]). In […]
Nowadays in Italy there is a big debate on “cookies”. Starting on June 3, 2015, data controllers shall implement the requirements issued by the Italian Data Protection Authority (Garante) with Decision no. 229 of 8 May 2014 “Simplified Arrangements to Provide Information and Obtain Consent Regarding Cookies” (Published in the Official Journal no. 126 of […]