Category Archives: Privacy & identity

Italian DPA’s fines: the Supreme Court of Italy clarifies the highest limits

sanzioni privacy Garante

With decision of September 22nd 2023, no. 27189, the Italian Supreme Court of Cassation stated that quantifying the pecuniary administrative fine based on the average percentage applied in similar cases it’s a violation of the GDPR, which, on the contrary, imposes to quantify the amount of the fine based on the circumstances of the specific […]

How does the Italian DPA calculate fines? From Uber to the Cimitero dei Feti case

gdpr infringements

On May 24th 2023 the European Data Protection Board (EDPB) adopted theGuidelines 04/2022 with the goal to provide to national data protection authorities uniformed criteria to calculate the fines connected to GDPR infringements. GDPR infringements: Fines framework In case of an ascertained infringement of the GDPR, the authorities of the Member States have the power […]

The EU-U.S. Agreement to Transfer Personal Data Has Finally been Signed

EU-U.S. Data Privacy Framework

On July 10th 2023 the European Commission announced the adoption of the adequacy decision on the new EU-U.S. Data Privacy Framework for the protection of the personal data transferred towards USA. After the invalidation by the European Court of Justice of the previous decision of adequacy on Privacy Shield, now personal data should be able to […]

Spotify: a Euro 5 million fine for GDPR Infringement

With decision of June 12 2023, the Swedish Data Protection Authority concluded the proceeding started more than 4 years ago against Spotify, imposing a fine of € 5 million for infringing the right to access users’ personal data. The complain of Noyb and the action against the Swedish DPA (IMY) Noyb is a no-profit organization […]