The Italian Privacy Authority’s Annual Report Presented in Parliament

The presentation of the Italian Privacy Authority’s Annual Report in Parliament today has provided much food for thought.

There are many talking points, starting with the title of the Report itself, “Men and data”.

As stated in the report, “Men and data cannot be split up into different worlds. Data are not only the product of men and their ability to communicate and organize, but are now also an essential part of their way of being.” This is particularly evident in the world of “self exposure and global transparency”, especially in that world of social networks. In this context, speaking of the “right to oblivion” runs the daily risk of being perceived as laying unacceptable claim to restricting the right to “know” in all its meanings.”

In his speech the Authority’s President, Francesco Pizzetti raised many new issues such as net neutrality, the obligation to report serious breaches and the need to redefine responsibilities in the area of complex chains of data processing.

Great importance was given to the risks posed by cloud computing, smartphones and tablets, tools which can transform each potential user into an “Electronic Hop-o’-My-Thumb”, who often unconsciously leave the traces of their movements, as they have left their device’s location-based systems turned on.

This year the Authority’s Report also offers two modules on cloud computing and smart phones and tablets, which set out guidelines respectively for responsible use of services and current scenarios and operational prospects.

There is also a certain critical element in the Report regarding the current system of telemarketing and the recent Development Decree (decreto sviluppo).

The Authority recommends putting off unnecessary changes while waiting for the pending redefinition of the European guidelines, which in all likelihood will take the form of a directly binding Regulation. The Authority also hopes that its jurisdiction on making provision for new minimum security measures for the protection of personal data will be recognized. Obviously, given the quality of recent legislative measures, this would be preferable.