Category Archives: Privacy by Design

GDPR in practice

Everybody is talking about GDPR in every session at Security Summit this year, whatever the topic, but in practice what companies are doing to get prepared? Alessandro Vallega started from here to introduce the conference dedicated by Europrivacy to the new European Regulation, on the second day of the Summit organized by Clusit in Milan.… Read More »

Cyber Crime and Compliance at Milan Politecnico

The headlines go to the Cyber Crime attacks, but ultimately the Compliance remains the main expense leverage in IT security, at least for SMEs. That’s what emerges from the 2016 Survey by the Information Security & Privacy Observatory of the Milan Politecnico School of Management, presented on 2/2 at the conference “Cyber Crime: the invisible threat… Read More »

Privacy by design: which approach?

The principle of Privacy by Design introduced by General Data Protection Regulation (GDPR) requires firms and public administrations to adopt a proactive and not merely reactive approach to personal data protection, rendering necessary to provide operative procedures, configurations and safety measures safeguarding confidentiality, integrity and availability of personal data (RID) “by default”, meaning in the… Read More »

Data Protection compared to Data Governance: are there underlying implications ?

The customer data protection needs to be included under the logics inspiring the principles and measures of Data Governance. In this sense, the measures to protect customers’ personal data can only be effective if they follow the same principles that drive the measures to corporate Data Governance. A healthy setting of Data Governance rules is… Read More »

Portability: WP29 guidelines

The GDPR  Article 20 introduces a new right to “data portability” to enable data qwners to easily move or copy their personal data to another environment . The Opinion of the WP29 clarifies the conditions of application and provides concrete examples to explain the circumstances in which this right applies. The Opinion states that this… Read More »


During last years there has been an increase on variety and amount of data available, a development of channels to access data and a business globalization. This situation has created a data governance and compliance complexity, besides a growth of potential threats to confidentiality requirements, integrity and availability of information. In this context the need… Read More »

European Data Protection Supervisor Publishes 2015 Annual Report

On May 24, 2016, the European Data Protection Supervisor (“EDPS”) presented its 2015 Annual Report. It provides an overview of the EDPS’ activities developed in 2015 and highlights key priorities  for 2016. Of course, the EDPS focused on ensuring the adoption of a new and effective data protection framework. Moreover, a considerable attention is devoted to the high… Read More »

More on the DPO role (and what about the DPD?)

We can go on discussing about the role and collocation of the Data Protection Officer within the company, considering the new European Privacy Regulation. And we will. But when Luca Bolognini takes a stand, then the chatter end. Tuesday, 10/05 in Turin for the conference “The European Regulation Policy inside the Company” organized by Sistemi… Read More »