Posts

The “Privacy by Design” principle has been known for years and was the subject of the resolution adopted by the 32nd International Conference of Data Protection and Privacy Commissioners in 2010. The GDPR in Article 25 regulates the principle “Data protection by design and by default” perhaps better known as “Data protection by design and by default”. A premise is necessary. Confidentiality, “privacy”, in Europe is a fundamental right pursuant to Article 7 (Respect for private and family life) of the Charter of Fundamental Rights of the European Union which states: ...

For the second consecutive year, I participated in “The Eleventh International Conference on Evolving Internet - INTERNET 2019”, organised by the International Academy, Research, and Industry Association (IARIA) which was held in Rome from June 30th to July 4th 2019. Furthermore, my participation was also as the chair of the special track “RAIEDP: Robotics, Artificial Intelligence, Ethics and Data Protection” together with my colleague Filippo Bianchini (co-chair). I presented the contribution entitled “The Meaning of ‘Accountability’, ‘Responsibility’ and ‘Liability’ in the GDPR: Proposal for an Ontology”. ...

I note from the statement published on the EDPS website that Giovanni Buttarelli passed away. The news much saddens me. The post published on the EPDS website defines Giovanni Buttarelli such a kind and brilliant individual. Throughout his life, Giovanni dedicated himself completely to his family, to the service of the judiciary and the European Union and its values. His passion and intelligence will ensure an enduring and unique legacy for the institution of the EDPS and for all people whose lives were touched by him ...

I am honoured to be a member of the Program Committee of the 8th International Conference on e-Democracy that will be held in Athens on 12-13 December 2019. Below the official communication. Spread the information the about the conference. Dear colleagues, Duetonumerous requests from potential authors, the submission deadline of 8th International Conference on e-Democracy: Safeguarding Democracy and Human Rights in the Digital Age has been extended to August 18, 2019. ...

Court of Justice of the European Union - PRESS RELEASE No 99/19 - Luxembourg, 29 July 2019. Here the document: https://curia.europa.eu/jcms/upload/docs/application/pdf/2019-07/cp190099en.pdf

“GDPR and privacy: awareness and opportunities. Reasoned analysis of personal data protection between ethics and cybersecurity” is the title of my new book published yesterday by Goware. The volume - with a preface by Giovanni Buttarelli (European Data Protection Supervisor - EDPS) - is available on Amazon both in digital version and paper or printed version. It will soon also be available on other digital stores. This is the abstract: Today we increasingly hear about data protection: but what does it mean, what value do data have and why should they be protected? The book takes us on a journey through the new discipline introduced by EU Regulation 2016/679 (GDPR) to help us understand its historical evolution, the ethical and legal principles that guide it and the obligations related to processing. Central is the theme of IT security, with specific reference to the most current communication methods introduced by the use of the Internet and the development of new tools that offer us connection possibilities through smartphones, email and social networks, posing, however, severe risks, especially for minors. The new technological frontiers (blockchain, IoT, big data, artificial intelligence, drones) are therefore examined, which require necessary awareness also for the purpose of a correct ethical approach to the theme. An impressive regulatory bibliography constitutes a useful guide for those who wish to deepen this fundamental theme of our time. The theme of awareness in the field of personal data protection is truly relevant. On this topic I refer to the post published a few days ago on this blog. ...

After one year, many people make evaluations, while others forecast or organise events. My purpose is not celebratory but purposeful and prodromal: what are the aspects concerning the protection of personal data on which it would be appropriate to reflect and which deserve further investigation? One of the most relevant aspects is undoubtedly the “awareness” that it means “to have exact consciousness about himself”. Among the principles laid down in the GDPR, the “accountability” (art. 5, paragraph 2) is the central pillar. The data controller or the data processor who has to respect the “accountability” principle must necessarily be aware of “having a perfect consciousness about himself” on the knowledge of the GDPR rules and principles. It is not about a purely technical-juridical knowledge that would favour the jurist in the application of the laws. Reading the GDPR often goes beyond the qualification of the rules of conduct that are part of the legal system: there is much more over. We cannot ignore the fundamental rights provided for by the European Charter and by the Convention 108 plus. ...

Some weeks ago I gave an interview to Ingenium Magazine and it has been published here. Grateful to Sonia Montegiove.

occasion for reflection: the scenario relating to personal data, ethics, AI, robotics The European Data Protection Day (Data Protection Day), which is celebrated on January 28 of each year (in Italy the Data Protection Authority has organized an event to be held in Rome on January 29), offers the opportunity for some reflections. The issue of personal data protection is extremely important and should not be underestimated. Technologies are used daily especially through computers, smartphones, tablets and other devices. We provide our personal data to enjoy goods and/or services and the data controller is required to comply with the provisions of the GDPR and the privacy code, as amended by Legislative Decree 101/2018. Moreover, the issue of the transfer of personal data abroad or to international organizations assumes further importance, especially in the use of services or technologies whose infrastructures are not located within the European Union. ...

Contribution by Nicola Fabiano and Filippo Bianchini The issue of identity theft is not new, since the phenomenon is ancient. In Italy, a definition of the phenomenon was provided by Article 30-bis of Legislative Decree no. 141 of 13/8/2010, concerning “Implementation of Directive 2008/48/EC on credit agreements for consumers, as well as amendments to Title VI of the Consolidated Banking Act (Legislative Decree no. 385 of 1993) regarding the regulation of operators in the financial sector, agents in financial activities and credit brokers”. The aforementioned Article 30-bis (entitled “Definitions”) states: ...