Author Archives: Maria Roberta Perugini

About Maria Roberta Perugini

For over 20 years, I have assisted clients in privacy and data protection field, providing legal advice in compliance activities, development of specific projects and facing proceedings by Data Protection Authority. I organize training events aimed at clients’ firms and participate as a lecturer at meetings and conferences.

DRAFT ePRIVACY REGULATION: THE COUNCIL OF THE EUROPEAN UNION RELEASED ITS PROPOSED AMENDMENTS

On September 8th, the Council of the EU released its proposed amendments to the draft ePrivacy Regulation (“Regulation”) which has already been the subject of different opinions and draft amendments over the last few months, as highlighted in our previous news. As clarified in the text, this document is only a first redraft of the… Read More »

e-PRIVACY REGULATION PROPOSAL’S DEVELOPMENT – II) Work in progress

On June 9, Marju Lauristin, the Member of the European Parliament (MEP) and Member of the Committee on Civil Liberties, Justice and Home Affairs (LIBE), released a draft report containing amendments to the Regulation. In the preparation of this report, the rapporteur Marju Lauristin has conducted extensive and thorough discussions with the following Committees: draft… Read More »

e-PRIVACY REGULATION PROPOSAL’S DEVELOPMENT – I) Art. 29WP and EDPS’s opinions

As already mentioned in a previous post, on 10 January 2017 the European Commission presented a proposal for a Regulation (the “Regulation”) which is expected to amend the Directive 2002/58/EC (e-Privacy Directive) standardising the current European legal framework for the processing of personal data in the electronic communications sector and whose final approval is expected to… Read More »

WILL THE CONSENT COLLECTED BEFORE THE EFFECTIVE DATE OF GDPR STILL BE VALID?

The “Guide on the Application of the European Personal Data Protection Regulation” published by the Italian DPA states, in the “Recommendations” at the foot of the consensus form, that: “The consent obtained before May 25, 2018 remains valid if it has all of the above characteristics. Otherwise, it is appropriate to work before that date… Read More »

THE PROPOSAL FOR A REGULATION ON PRIVACY AND ELECTRONIC COMMUNICATIONS IS READY

On 10 January last the European Commission presented a proposal for a Regulation (hereafter, the “Regulation”) concerning the processing of personal data and the protection of private life in the electronic communications, and aimed at repealing Directive 2002/58/EC (hereafter, “ePrivacy Directive”). This proposal for a Regulation updates the legislation currently in force, providing better protection… Read More »

BODY IN CHARGE OF VIGILANCE AND CONTROL AND PRIVACY ROLES: GENERAL EVALUATION AND FIRST CONSIDERATIONS ON DPO’S PROCESSINGS.

Giancarlo Butti has proposed the interesting topic concerning individuation of the role assigned to bodies in charge of vigilance and control within instances of personal data processing; these bodies are by their nature independent to the entity they supervise, even when being part of it. Among them, Butti has chosen as example the Organismo di… Read More »

GLOBAL GDPR READINESS: CIPL REPORT

As is widely known, the European Union General Data Protection Regulation, which replaces Directive 95/46/EC, will come into force in May 2018 and will bring relevant changes to all stakeholders: DPAs, individuals, controller and processor organizations. In order to help organizations understand the key operational impacts of the regulation and to stimulate their internal change,… Read More »

“PERSONAL DATA MADE PUBLIC BY THE ‘DATA SUBJECT’ AND USE OF INFORMATION PUBLISHED ON SOCIAL NETWORKS: INITIAL OBSERVATIONS OF THE GDPR ART. 9, para. 2, letter e)” [SECOND PART]

Turning to the provisions of the GDPR at issue, it is necessary to underline that art. 9, para. 2, letter e) constitutes an exception to the general principle that sets forth in an absolute prohibition on the processing of personal data belonging to the specific categories indicated paragraph 1: in summary, the provision states that… Read More »

“PERSONAL DATA MADE PUBLIC BY THE ‘DATA SUBJECT’ AND USE OF INFORMATION PUBLISHED ON SOCIAL NETWORKS: EARLY OBSERVATIONS OF GDPR ART. 9, para. 2, letter e) [FIRST PART]

GDPR art. 9, entitled “Processing of special categories of personal data”, after having setting forth the general rule, specifically that “1. Processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a… Read More »