Category Archives: Privacy & identity

Data Breach: the EU Court of Justice affirms the refundability of a non-pecuniary damage

data breach

On December 14 2023, the EU Court delivered a preliminarily judgement on case C-340/21 upon request of the Bulgarian Supreme Court, stating that the infringement of the principles established by the GDPR entails the compensation for the damages, also non-material ones, suffered by the interested party. Therefore, in case of data breach, the controller of […]

Italian DPA’s fines: the Supreme Court of Italy clarifies the highest limits

sanzioni privacy Garante

With decision of September 22nd 2023, no. 27189, the Italian Supreme Court of Cassation stated that quantifying the pecuniary administrative fine based on the average percentage applied in similar cases it’s a violation of the GDPR, which, on the contrary, imposes to quantify the amount of the fine based on the circumstances of the specific […]

How does the Italian DPA calculate fines? From Uber to the Cimitero dei Feti case

gdpr infringements

On May 24th 2023 the European Data Protection Board (EDPB) adopted theGuidelines 04/2022 with the goal to provide to national data protection authorities uniformed criteria to calculate the fines connected to GDPR infringements. GDPR infringements: Fines framework In case of an ascertained infringement of the GDPR, the authorities of the Member States have the power […]

The EU-U.S. Agreement to Transfer Personal Data Has Finally been Signed

EU-U.S. Data Privacy Framework

On July 10th 2023 the European Commission announced the adoption of the adequacy decision on the new EU-U.S. Data Privacy Framework for the protection of the personal data transferred towards USA. After the invalidation by the European Court of Justice of the previous decision of adequacy on Privacy Shield, now personal data should be able to […]