Although the news has not attracted particular media response, the draft of the so-called Development Decree which has been circulating in the last few days would also have an impact on the protection of personal data.
Among other things art. 94 of the decree provides for nothing less than a change in the concept of personal data, adding a significant limitation on legal persons. In fact personal data would now come to mean “any information concerning a natural person and only regarding the electronic communications sector, any information concerning a legal person, body or association subscribing to an electronic communications service available to the public, provided that those persons can be identified or are identifiable even indirectly, by reference to any other information, including a personal identification number. “
Therefore the concept of interested party would also be changed. It would identify the natural person and the legal person, body or association subscribing to an electronic communications service available to the public, limited to the processing of personal data in the field of electronic communications.
Besides the debatable wording of the rule, which raises doubts about its interpretation, the theoretical framework and consequently the practical concept of personal data has been radically changed.
The innovations do not stop here, although the following are less significant.
In fact, there are also new provisions for digital prescriptions and electronic health records (Articles 129 and 130), and from 1 January 2013 school reports and certificates will be issued in an electronic format and made available on the web, by email or other digital formats (Art. 132) Leave certificates for employees whose children are off school ill will also be online (art. 131). As for transport, tickets for buses, trams or other local forms of transportation will be issued in an electronic format (Art. 137).
Finally, the draft decree contains regulations for the increase in the use of Certified email (Article 134), which must be adopted by all companies, not just those constituted in a corporate form. With regard to professionals already affected by this obligation, professional registers are also expected to publish “in any and every case” the certified email addresses of their members.
These predictions are not in fact final and we will follow their procedures and practical implications, which do however, arouse immediate interest and will soon be the subject of lively debate.