Skip to main content
SpringerLink
Log in

Italy

  • Chapter
  • First Online:
EU Personal Data Protection in Policy and Practice

Part of the book series: Information Technology and Law Series ((ITLS,volume 29))

  • 1352 Accesses

Abstract

This chapter focuses on privacy and data protection in Italy. The first section deals with the general situation regarding privacy and personal data protection. The second section deals with national government policies. The third section deals with laws and regulations. The fourth section deals with implementation. The fifth section deals with regulatory authorities and enforcement.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 69.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 89.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Judgments No. 348 and 349, 2007.

  2. 2.

    Eurobarometer 431 2015, p. 109.

  3. 3.

    Eurobarometer 431 2015, p. 110.

  4. 4.

    Based on survey results (see Sect. 1.3.4).

  5. 5.

    Garante 2016, p. 5.

  6. 6.

    Garante 2015, p. 4.

  7. 7.

    Garante 2014, p. 3.

  8. 8.

    Garante 2015, p. 228, Table 10.

  9. 9.

    The ‘Cookie law’ was introduced in Italy with the legislative decree 69 of 28/05/2012 and the Measure of the Garante of 8 May 2014 in the implementation of the Directive 2009/136/EC. It requires companies to have in place different data protection measures according to the cookies’ typology when installing such in users’ browsers. The Garante issued a Clarification Note about this procedure on 5 June 2015.

  10. 10.

    Based on survey results (see Sect. 1.3.4).

  11. 11.

    Eurobarometer 431 2015, p. 10.

  12. 12.

    Eurobarometer 431 2015, p. 29.

  13. 13.

    Eurobarometer 431 2015, p. 32.

  14. 14.

    Eurobarometer 431 2015, p. 40.

  15. 15.

    Eurobarometer 431 2015, p. 92.

  16. 16.

    Eurobarometer 431 2015, p. 95.

  17. 17.

    The Code is available in English at the following link:

    http://194.242.234.211/documents/10160/2012405/Personal+Data+Protection+Code+-+Legislat.+Decree+no.196+of+30+June+2003.pdf.

  18. 18.

    Based on survey results (see Sect. 1.3.4).

  19. 19.

    Based on survey results (see Sect. 1.3.4).

  20. 20.

    Based on survey results (see Sect. 1.3.4).

  21. 21.

    https://www.huntonregulationtracker.com/files/Uploads/Documents/EU%20Data%20Protection%20Reg%20Tracker/Reasoned_opinion_Italian_Chamber_of_Deputies.pdf.

  22. 22.

    For instance, by issuing a handbook on privacy at school and the responsible use of apps and social networks. The full list of information campaigns is available only in Italian language here: http://garanteprivacy.it/web/guest/home/stampa-comunicazione/vademecum-e-campagne-informative.

  23. 23.

    Based on survey results (see Sect. 1.3.4).

  24. 24.

    Garante 2015, Section 23.1, p. 187.

  25. 25.

    Garante 2015, Section 23.1, p. 187.

  26. 26.

    http://www.bbc.com/news/world-europe-38568881?intlink_from_url=http://www.bbc.com/news/topics/0021de37-b64a-46ac-a4bb-5bdbdf0908ec/italy&link_location=live-reporting-story.

  27. 27.

    BBC 2016.

  28. 28.

    https://www.theguardian.com/technology/2015/aug/19/ashley-madison-hackers-release-10gb-database-of-33m-infidelity-site-accounts.

  29. 29.

    Jones and Cinelli 2017.

  30. 30.

    Measure no. 548 of 21 December 2017 by the Garante. http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/7400401.

  31. 31.

    http://garanteprivacy.it/cookie.

  32. 32.

    Directive 2009/136/EC of the European Parliament and of the Council of 25 November 2009 amending Directive 2002/22/EC on universal service and users’ rights relating to electronic communications networks and services, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector, and Regulation (EC) No. 2006/2004 on cooperation between national authorities responsible for the enforcement of consumer protection laws, introduced the obligation for Member States to regulate the usage of cookies on users’ devices.

  33. 33.

    Legislative decree No. 69 of 28/05/2012, Article 1.5.

  34. 34.

    http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/3118884.

  35. 35.

    http://it.ibtimes.com/cookie-law-una-legge-che-non-piace-tra-multe-petizioni-e-tanta-confusione-1404832.

  36. 36.

    http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4006878.

  37. 37.

    http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/3661249.

  38. 38.

    Garante 2016, Section 13, p. 94.

  39. 39.

    Garante 2016, Section 4, p. 30.

  40. 40.

    Garante 2016, Section 13, p. 95.

  41. 41.

    Garante 2015, Section 11.7, p. 108.

  42. 42.

    Garante 2015, Section 11.7, p. 108.

  43. 43.

    Garante 2016, Section 23.5.2, p. 144.

  44. 44.

    Ponemon Institute 2017.

  45. 45.

    The same formula is used in every notice for public consultation. A full list is available on the Garante website at http://www.garanteprivacy.it/web/guest/home/ricerca?p_p_id=searchportlet_WAR_labcportlet&p_p_lifecycle=0.

  46. 46.

    http://www.federprivacy.it/fp/chi-siamo.html.

  47. 47.

    http://www.federprivacy.it/attivita/agenda/agenda-privacy/privacy-day-forum-2016.html.

  48. 48.

    http://www.istitutoitalianoprivacy.it/it/.

  49. 49.

    Based on survey results (see Sect. 1.3.4).

  50. 50.

    An exception thereof are the Annexes A.1, A.2 and A.3, which were introduced with the Italian data protection law preceding the DPCode.

  51. 51.

    http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/1557209.

  52. 52.

    http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/1502599.

  53. 53.

    http://garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/5846360.

  54. 54.

    http://garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/3898704.

  55. 55.

    http://garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4877134.

  56. 56.

    http://garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/3693403.

  57. 57.

    Based on survey results (see Sect. 1.3.4).

  58. 58.

    The Five Star Movement is a political party founded in 2009 by the former comedian Beppe Grillo and the entrepreneur Gianroberto Casaleggio. For the first time in Italy, candidates for the political election of 2013 were chosen online by the members of the party; the same happened in the following European and local elections. The party used online consultations to expel several members when not complying with its guidelines. Official website: http://www.movimento5stelle.it.

  59. 59.

    http://www.istruzione.it/allegati/2016/Piano_azioni_definitivo.pdf.

  60. 60.

    http://garanteprivacy.it/web/guest/home/stampa-comunicazione/vademecum-e-campagne-informative.

  61. 61.

    Garante 2016, Section 25.1, p. 168.

  62. 62.

    Based on survey results (see Sect. 1.3.4).

  63. 63.

    Garante 2016, Section 25.3, p. 169.

  64. 64.

    The full text in English is available here: http://194.242.234.211/documents/10160/2012405/Personal+Data+Protection+Code+-+Legislat.+Decree+no.196+of+30+June+2003.pdf.

  65. 65.

    Vecchi and Marchese 2016.

  66. 66.

    http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/1628774.

  67. 67.

    Based on survey results (see Sect. 1.3.4).

  68. 68.

    Directive 2009/136/EC of the European Parliament and of the Council of 25 November 2009 amending Directive 2002/22/EC on universal service and users’ rights relating to electronic communications networks and services, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector, and Regulation (EC) No. 2006/2004 on cooperation between national authorities responsible for the enforcement of consumer protection laws.

  69. 69.

    Legislative decree No. 69 of 28/05/2012, Articles 2, 3 and 4.

  70. 70.

    http://www.garanteprivacy.it/web/guest/home_en/data-protection-and-privacy-glossary.

  71. 71.

    http://www.garanteprivacy.it/web/guest/home_en/data-protection-and-privacy-glossary.

  72. 72.

    Full text of the Declaration is available at http://www.camera.it/application/xmanager/projects/leg17/commissione_internet/TESTO_ITALIANO_DEFINITVO_2015.pdf.

  73. 73.

    Website of the Special Commission for rights and duties on the Internet http://www.camera.it/leg17/1174.

  74. 74.

    Hermes Center 2017.

  75. 75.

    Frediani 2017.

  76. 76.

    Privacy Italia 2017.

  77. 77.

    http://www.ilsole24ore.com/fc?cmd=document&file=/art/SoleOnLine4/Norme%20e%20Tributi/2010/05/bozza-definitiva-codice-autodisciplina.pdf?cmd=art.

  78. 78.

    http://www.ilsole24ore.com/fc?cmd=document&file=/art/SoleOnLine4/Norme%20e%20Tributi/2010/05/bozza-definitiva-Protocollo-Codice-Autodisciplina.pdf?cmd=art.

  79. 79.

    See above under Sect. 9.2.

  80. 80.

    http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/3070048.

  81. 81.

    A list of the codes of conduct is available on the Garante website at http://www.garanteprivacy.it/home/provvedimenti-normativa/normativa/normativa-italiana. See above under Sect. 9.2.

  82. 82.

    “Decisions” are judgments made in response to different kinds of complaints reported to the Garante (see below under Sect. 9.5). “Guidelines” are general indications given by the Garante in relation to specific kind of processing in order to guarantee a correct application of the principles of the DPCode (a list of the issued guidelines is available at http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/1772725).

  83. 83.

    For an example of such decisions see: http://www.garanteprivacy.it/web/guest/home_en/main-decisions.

  84. 84.

    http://curia.europa.eu/juris/fiche.jsf?id=C%3B131%3B12%3BRP%3B1%3BP%3B1%3BC2012%2F0131%2FJ&pro=&lgrec=en&nat=or&oqp=&dates=&lg=&language=en&jur=C%2CT%2CF&cit=none%252CC%252CCJ%252CR%252C2008E%252C%252C%252C%252C%252C%252C%252C%252C%252C%252Ctrue%252Cfalse%252Cfalse&td=%3BALL&pcs=Oor&avg=&mat=or&parties=google%2Bspain&jge=&for=&cid=495953.

  85. 85.

    Based on survey results (see Sect. 1.3.4).

  86. 86.

    http://garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/3590114.

    The full list of the general decisions is available here http://garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/3755203.

  87. 87.

    Based on survey results (see Sect. 1.3.4).

  88. 88.

    http://194.242.234.211/documents/10160/0/Linee+guida+in+materia+di+dossier+sanitario+-+Allegato+A.pdf.

  89. 89.

    Based on survey results (see Sect. 1.3.4).

  90. 90.

    Based on survey results (see Sect. 1.3.4).

  91. 91.

    Companies have only recently begun to consider PbD due to the entry into force of Article 25 of the GDPR.

  92. 92.

    Provisions on data and systems security, also containing procedures to follow in case of data breaches.

  93. 93.

    Based on survey results (see Sect. 1.3.4).

  94. 94.

    Technical specifications concerning minimum security measures, http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/1557184.

  95. 95.

    Consent Country Report on Italy 2012, p. 4.

  96. 96.

    “Il valore della privacy nell’epoca della personalizzazione dei media” Survey by CENSIS, 7/10/2012, p. 6.

  97. 97.

    Based on survey results (see Sect. 1.3.4).

  98. 98.

    “Il valore della privacy nell’epoca della personalizzazione dei media” Survey by CENSIS, 7/10/2012, p. 10.

  99. 99.

    http://194.242.234.211/documents/10160/7610771/Dotazione+organica+al+1%C2%B0+febbraio+2018.

  100. 100.

    Garante 2016, Section 27.1, p. 184.

  101. 101.

    For instance, the newsletter dated 14 February 2017 concerns the indiscriminate monitoring of employees’ emails and smartphones, telemarketing and electronic passport. The archive of all issued newsletters is available on the Garante website at http://www.garanteprivacy.it/web/guest/home/ricerca?p_p_id=searchportlet_WAR_labcportlet&p_p_lifecycle=0.

  102. 102.

    http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/5570645.

  103. 103.

    Garante 2016.

  104. 104.

    Garante 2016.

  105. 105.

    Garante 2016.

  106. 106.

    Garante 2016.

  107. 107.

    Garante 2016, p. 197, Table 7.

  108. 108.

    Based on survey results (see Sect. 1.3.4).

  109. 109.

    See above under Sect. 9.1.

References

Download references

Author information

Authors and Affiliations

  1. Leiden Law School, eLaw (Center for Law and Digital Technologies), Leiden University, Leiden, The Netherlands

    Bart Custers, Alan M. Sears, Francien Dechesne, Ilina Georgieva, Tommaso Tani & Simone van der Hof

Authors
  1. Bart Custers
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alan M. Sears
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Francien Dechesne
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ilina Georgieva
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Tommaso Tani
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Simone van der Hof
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bart Custers .

Rights and permissions

Reprints and permissions

Copyright information

© 2019 T.M.C. Asser press and the authors

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Custers, B., Sears, A.M., Dechesne, F., Georgieva, I., Tani, T., van der Hof, S. (2019). Italy. In: EU Personal Data Protection in Policy and Practice. Information Technology and Law Series, vol 29. T.M.C. Asser Press, The Hague. https://doi.org/10.1007/978-94-6265-282-8_9

Download citation

  • DOI: https://doi.org/10.1007/978-94-6265-282-8_9

  • Published:

  • Publisher Name: T.M.C. Asser Press, The Hague

  • Print ISBN: 978-94-6265-281-1

  • Online ISBN: 978-94-6265-282-8

  • eBook Packages: Law and CriminologyLaw and Criminology (R0)

Publish with us

Policies and ethics

Search

Navigation