Diritto & Internet

Development Decree: not only beaches but also privacy…

The Law Decree regarding “Prime disposizioni urgenti per l’economia” (Urgent First measures for the Economy), also called “Decreto-Sviluppo” (Development Decree), which was published in the Official Journal on May 13 and which led to much discussion of provisions concerning beach concessions, also contains several relevant amendments to the Privacy Code.

This Law Decree must be approved by parliament within 60 days of publication in the Official Gazzette, before it can be changed.

The following is a brief summary of the main changes:

 

 

Data regarding public and private bodies

The new art. 3-bis states that the processing of data regarding public and private bodies

in communications between such bodies and for administration and accountancy purposes is no longer subject to the application of the Privacy Code. So, this exemption will not include all data regarding private or public bodies but only data that matches all of the following criteria:

1) data concerning private or public bodies.

2) data used for communications between these bodies

3) data used for administrative and accountancy purposes

Therefore, as an example, invoicing data shared by companies for administrative purposes.

We would like to underline that EU Directive 46/95/EC applies only to data regarding individual persons and that in 1996 the Italian legislator made a different choice.

 

 

CVs of job seekers

CVs sent of their own free will by job seekers would no longer need to be given the information by data controllers. The information even in an unwritten form will only be required on the occasion of a first contact after CVs have been sent. In such cases, the consent of CVs senders would be no longer necessary, even if the CVs contained sensitive data.

 

 

Consent in relationships between companies

The consent to data communications between companies (in specific areas) for administrative and accountancy purposes will no longer be necessary.

 

 

Security measures

Data controllers who handle as sensitive and judiciary data only that regarding their employees and collaborators and their partners and relatives will no longer be obliged to compile the document which is a particular security measure provided for by Italian law. Instead, they can present self-certification.

However we must bear in mind that self-certification also involves relevant consequences regarding responsibility according to the Criminal Code.

The Italian Privacy Authority could further simplify matters on the issue of security.

Administrative accountancy aims are precisely defined in new art. 34, sub. 1 ter.

 

Unwanted marketing communications

In the same way as for marketing calls, consent will no longer be necessary and the opt-out system with its register of opposition will also be extended to ordinary mail communications.

 

 

Giusella Finocchiaro

Add comment

Scientific Director
Prof. Avv. Giusella Finocchiaro
Editorial Curator
Dott. Giulia Giapponesi

Lo Studio Legale Finocchiaro prosegue la sua attività con DigitalMediaLaws, la nuova società tra Avvocati fondata dalla Prof.ssa Avv. Giusella Finocchiaro e dal Prof. Avv. Oreste Pollicino.

Visita il sito di DigitalMediaLaws