Author Archives: PG Legal

Entrusting a promotional campaign to a marketing company may also entail liability for the commissioner in the event of a breach of privacy legislation. In fact, on 25 November 2021, the Authority for Personal Data Protection, at the request of two complainants who complained about the continuous receipt of unwanted messages, sanctioned two companies involved in a promotional campaign, […]

The operational indications contained in the new guidelines on cookies and other tracking tools adopted by the Authority to protect personal data with the provision of June 10, 2021 have become operative from January 10, 2022. The primary purpose of the document is to make a reconnaissance of the legal framework of reference, also specifying […]

Cyber attacks are now the order of the day in our country. On 20 October 2021, the Italian Society of Authors and Publishers (SIAE) was recently hit by a cyberattack from the Everest group, which stole 60GB of files containing data on artists and employees, including ID cards, addresses, contracts, and bank accounts. The hacker […]

Last October, the Authority for the Protection of Personal Data published a vademecum containing some suggestions for creating and managing passwords to prevent data breaches, which are becoming increasingly frequent. First of all, with particular reference to the creation of passwords, the Authority clarifies that a good password, to be defined as ‘strong’, must be […]

With 377 votes in favour, 248 against, and 62 abstentions, the European Parliament passed a resolution on 6 October 2021 calling on the European Commission to establish a permanent ban on biometric video surveillance in public. In particular, the Parliament requested the Commission to put all necessary tools to prevent any processing of biometric data, […]

On 16 September 2021, two meetings were held between the Italian Data Protection Authority and representatives of Facebook and Luxottica to discuss the privacy implications of bringing Ray-Ban “Stories” smart glasses to market. The wearable device allows users to send photos and record videos by voice command or by pressing a button, collecting images and […]

The Irish Supervisory Authority has sanctioned Whatsapp with a €225 million fine for violating the provisions of the GDPR (Regulation (EU) 2016/679). In particular, the world’s most popular instant messaging app would have shared data with other companies of the Facebook Group without providing data subjects with adequate information. The measure comes at the end […]

In a world where a large part of the information is disseminated through electronic communication channels, the protection of personal data being transmitted becomes more important. The content of electronic communications can reveal highly sensitive data about the individuals involved – such as sexual preferences or political opinions. Similarly, metadata derived from electronic communications (e.g. […]

The Italian Data Protection Authority has issued an injunction against Deliveroo Italy S.r.l. (Order No. 285 of 22 July 2021), for the unlawful data processing of 8,000 riders.  In addition to prescribing corrective measures to be implemented within a specific timeframe, the Authority also imposed a fine of €2.5 million on the Company. The measure was issued due to […]

On 9 July, the new Guidelines adopted by the Italian Data Protection Authority on cookies and other tracking systems were published in the Official Journal. The final text results from the examination of the various contributions collected during the months of public consultation, which ended on 9 January. The primary purpose of the Guidelines is to provide an overview of […]