Search news
0 - 15 results of 1302
DATA PROTECTION
Italian Data Protection Authority: systematic retention of employees’ e-mails and access logs for disproportionate periods of time is unlawful. The systematic storage of employees’ e-mails - carried out for a considerable period of time (amounting to three years following the termination of the labour relationship) - and the systematic ...
22/10/2024
INFORMATION TECHNOLOGY
EU Commission: NIS 2, adopted the first implementing rules of the Network Security Directive. The EU Commission has adopted the first implementing rules on the cybersecurity of critical entities and networks under the Directive on measures for a high common level of cybersecurity across the ...
17/10/2024
INFORMATION TECHNOLOGY
National Cybersecurity Agency: the road map for the gradual implementation of the obligations provided for by the NIS 2 Directive and the transposing legislative decree has been published. IT security is increasingly important for companies and public administrations. From 16 October 2024, the new Italian legislation on Network and Information Security (NIS 2) is applicable. The fields ...
16/10/2024
COMPUTER CRIMES
Supreme Court of Cassation: it is not defamation if the sender is unaware that the Messenger account is accessed by several people. The sending of defamatory messages through the Messenger platform does not constitute the crime of (aggravated) defamation when the use of this channel - in the belief of the agent - is not ...
16/10/2024
DATA PROTECTION
European Data Protection Board: Guidelines on the processing of personal data based on legitimate interest. The EDPB adopted the Guidelines on the processing of personal data based on legitimate interest.
Data controllers need a legal basis to process personal data lawfully. Legitimate interest is one ...
11/10/2024
INFORMATION TECHNOLOGY
Legislative decree 144/2024 for the harmonisation of national legislation with the provisions of Regulation (EU) 2022/868 on European data governance published in the Official Gazette. The Italian legislative decree identifies AgiD – Italian Digital Agency as the national authority, which will have regulatory and sanctioning responsibilities and functions. In fact, AgiD will ...
10/10/2024
INFORMATION TECHNOLOGY
EU Council: Cyber Resilience Act (CRA) definitively approved, introducing new security requirements for digital products. The EU Council has finally approved the Cyber Resilience Act, the new law that introduces cyber security requirements for products with digital elements to ensure that, for example, connected home ...
10/10/2024
DATA PROTECTION
EU Court of Justice: the limits of legitimate interest as a basis for the lawfulness of processing for marketing and commercial purposes. An association of Dutch tennis clubs communicated the data of its members, without their consent, to external third parties (certain sponsors), including a company marketing sports products, and to ...
09/10/2024
DATA PROTECTION
European Data Protection Board: Opinion on Article 28 of the GDPR and on certain obligations arising from the designation of the External Data Processor (and sub-processors) adopted. Art. 64(2) GDPR provides that any DPA can ask the Board to issue an opinion on matters of general application or producing effects in more than one Member State. Following an Art. 64(2) GDPR request ...
09/10/2024
DATA PROTECTION
EU Court of Justice: Member States may make provision for competitors of the person allegedly responsible for an infringement of the laws protecting personal data to challenge that infringement in court as a prohibited unfair commercial practice.
The German Federal Court of Justice is to resolve a dispute between two German pharmacists. The pharmacist who owns the ‘Lindenapotheke’ pharmacy has been marketing pharmacy-only ...
08/10/2024
DATA PROTECTION
EU Court of Justice: an online social network such as Facebook cannot use all of the personal data obtained for the purposes of targeted advertising, without restriction as to time and without distinction as to type of data. The fact that Mr Maximilian Schrems has made a statement about his sexual orientation on the occasion of a public panel discussion does not authorise the operator of an online social network ...
04/10/2024
DATA PROTECTION
EU Court of Justice: conditions for exercising the right to delete personal data from the Business Register held by a Member State and for claiming compensation for non-material damage in the event of a refusal. The Court of Justice of the European Union (CJEU) published its judgment in Case C‑200/23, concerning the Agentsia po vpisvaniyata's (the Registry Entries Agency of Bulgaria) refusal to delete ...
04/10/2024
DATA PROTECTION
CJEU publishes judgment on compensation for non-pecuniary damages under the GDPR. The Court of Justice of the European Union (CJEU) published its judgment in Case C-507/23 regarding compensation for non-pecuniary damages under the General Data Protection Regulation (GDPR).
The ...
04/10/2024
INFORMATION TECHNOLOGY
Legislative Decree No. 138/2024, transposing Directive (EU) 2022/2555 NIS 2 on a common level of cybersecurity in the EU, will enter into force on 16 October. Legislative Decree No. 138 of 4 September 2024 on the ‘Transposition of Directive (EU) 2022/2555 on measures for a high common level of cybersecurity in the Union, amending Regulation (EU) No. ...
03/10/2024
INFORMATION TECHNOLOGY
Council of Ministers: legislative decree for the harmonisation of national legislation with the provisions of Regulation (EU) 2022/868 on European data governance definitively approved. The Council of Ministers of 2 October 2024 definitively approved the legislative decree for the harmonisation of national legislation with the provisions of Regulation (EU) 2022/868 on European data ...
02/10/2024