Posts

The event “Privacy: orienting in the evolution of phenomena” organized by the Italian National Bar Council (Consiglio Nazionale Forense - CNF) will be held on 22 October from 15:00 to 17:00 and will be streamed by the CNF on YouTube. We will talk about the protection of personal data and privacy, emphasizing precisely what is the relationship between privacy and the evolution of phenomena. It will be an opportunity to present my latest book entitled “GDPR & Privacy. Awareness and opportunities. The approach with the Data Protection and Privacy Relationships Model (DAPPREMO)”, with the description of the DAPPREMO model (Data Protection and Privacy Relationships Model). ...

After months of hard work, my last book entitled “GDPR & Privacy: awareness and opportunities. The approach with the Data Protection and Privacy Relationships Model (DAPPREMO)” with the Foreword by Wojciech R. Wiewiórowski (EDPS) has been published. In this edition, you can find described the Data Protection and Privacy Relationships Model (its acronym is DAPPREMO) by which I propose a new approach to data protection and privacy. Here is the DAPPREMO logo © Nicola Fabiano - All rights reserved You can find any information on the book and online stores here. ...

Today we read the press release about the decision of the Court of Justice on the Case C-311/18 by which it has been invalided the Decision 2016/1250 on the adequacy of the protection provided by the EU-US Data Protection Shield. That decision is complex, and it needs to be examined carefully, point by point. Transfers of personal data to third countries or international organisations are a very crucial topic that has to be addressed soon by the European Commission both for a new adequacy decision and anyway for new standard contractual clauses. ...

Disclaimer We received a request from Augustina Baker (TechWarn) to publish on our blog the contribution titled “Sacrificing Your Privacy in the Fight Against Covid-19: What You Need To Know” written by Jack Warner (TechWarn). We host and publish the guest post from Jack Warner, as received, declining any responsibility for the content and for the opinions expressed by the Author. With cases of Covid-19 growing by the day, stakeholders in the healthcare sector are exploring a wide variety of technological solutions to stem the tide. Tech giants such as Google, Amazon, and Facebook have expressed interest in working with the World Health Organization (WHO) to combat the spread of the novel coronavirus as well as misinformation. Digital health communities all over the world are working with their respective governments to roll out solutions that can help monitor the spread of Covid-19 and facilitate better treatment. Contact tracing apps are the most common form of digital solutions for Covid-19 tracking. According to WHO, contact tracing is the process of identifying, assessing, and managing people who have been exposed to a disease to stop further transmission. When systematically applied, contact tracing breaks the chains of transmission of an infectious disease. Contact tracing is, therefore, an essential public health tool for controlling infectious disease outbreaks. We’ve also seen digital solutions for coronavirus prevention, diagnosis, and treatment. ...

The content of this post is available in PDF for download here: 1. Chronology of events During the last month, i.e. since the focus has increased on the incidence of the COVID-19 pandemic with respect to personal data protection, we have witnessed the publication of the following main measures issued by some institutional bodies: ...

The health emergency related to the #COVID19 pandemic is attracting particular attention in the privacy field, also about possible initiatives regarding the development of specific apps. Today, the European Data Protection Supervisor (EDPS) carried out an intervention entitled “EU Digital Solidarity: a call for a pan-European approach against the pandemic”. In particular, the EDPS intervention states The GDPR clearly states that the processing of personal data should be designed to serve mankind (it was the favourite quote from GDPR for my predecessor Giovanni Buttarelli). ...

The contribution has been published today by Broadband 4 Europe, here. 1. Introduction As is it well-known, the coronavirus pandemic (COVID-19) has profoundly changed our life, habits, communication and interaction between people, ways of working, etc. In essence, we are experiencing a situation that appears surreal because of the consequent behavioural rules that we are obliged to respect with social distancing to fight the battle of COVID-19. This pandemic situation, which in addition to Italy is leading many other states to adopt the most appropriate prevention measures, also entails a series of questions regarding the protection of personal data with which one must confront. The pandemic does not require new rules on the protection of personal data, except in the terms illustrated in more detail below, being sufficient to respect those currently in force. Moreover, in this sense is the statement of the Chair of the European Data Protection Board (EDPB), published on 16/03/2020 entitled “Statement of the EDPB Chair on the processing of personal data in the context of the COVID-19 outbreak”. Andrea Jelinek said: ...

The year is ending and I would propose some food for thoughts. Nowadays it seems that people are slaves of digital life, captured by devices and online social phenomena. What kind of phenomenon are we living? Is it a battle where people fight against digital contents provider or are we fighting against ourselves? Probably, it isn’t precisely a battle, but a matter of approach. The human uncontrollable desire to be potentially anywhere leads us to exalt the power of digital resources if we can be - although virtually - somewhere in the world together with others, showing our presence anyway. People, to realise this kind of digital desire, are available to unconditionally provide their personal data to everyone (developers or software provider) requires them. People can be excited by digital resources, but probably they don’t realise that in that way they risk being victims if it happens without awareness. We have always to balance the will to have any apps necessary to exhibit ourselves with the awareness about our personal data. What kind of addiction is it? Are we exaggerating, but above all, are we aware? Is it a human factor? The human factor is unpredictable and uncontrollable if not solely by our consciousness and awareness. We cannot discuss only in terms of abuse or misuse of personal data by developers and companies, but - above all - it is a matter of people’s awareness. Any organization or company has its own digital sovereignty and should act respecting human dignity firstly, consequently data protection laws and hence the “data protection by design and by default” principle. Generally speaking, respecting privacy and data protection should not mean to behave well only to avoid to be exposed to fines or sanctions but, essentially, to comply with the accountability principle, looking over, toward the right balance between ethics, human dignity and norms. ...

To my work as a lawyer, I wanted to add that of research, combining legal skills with technical ones; it is not simple; indeed, it is very demanding.It is necessary to always keep in mind that researchers must conduct any research activity with scientific rigour and based on objective elements, without neglecting any other contributions already published. The in-depth study phase of research topics is particularly tricky as it is necessary to always pay maximum attention to the object of the analysis and to the aspects that are intended to be highlighted. ...

The Swedish Data Protection Authority fined a school to pay about 20,000.00 euros. The measure is currently available only in Swedish; therefore, we propose the news with a brief comment without further details. Facial recognition system. © Nicola Fabiano - All rights reserved What has it happened? A Swedish school used a facial recognition system on the students to verify their attendance. During the preliminary investigation by the Swedish supervisory authority, the school defended itself by stating that the students expressed their consent. The supervisory authority closed the investigation sanctioning the school. ...