Giulio Coraggio

Subscribe to Giulio Coraggio's Posts
Follow:Read more about Giulio CoraggioGiulio's Linkedin ProfileGiulio's Twitter ProfileGiulio's Facebook Profile

The EU General Court has dismissed a French MEP’s challenge to the EU-U.S. Data Privacy Framework (“DPF”) for the transfer of personal data between the European Union (“EU”) and the United States (“U.S”). While the decision is welcome news to organisations relying on the DPF for transfers underpinning their

Continue Reading EU-U.S. Data Privacy Framework Survives First Challenge

The Italian Data Protection Authority’s recent decision provided guidance on the true meaning of personal data anonymization and the crucial distinction between the DPO as a monitor – not an executor. In a world driven by AI and public surveillance, both concepts are more relevant than ever.

On April 10, 2025, the Garante issued a

Continue Reading ITALY: Personal data anonymization and the risk of the DPO being an executor

The Italian Data Protection Authority (Garante) has fined a company EUR 420,000 for violating privacy laws in the workplace. The decision focuses on the employer’s use of content from Facebook, WhatsApp, and Messenger— shared from the employee’s personal accounts—for disciplinary purposes.

This ruling will have serious repercussions for any employer operating in Italy, especially those

Continue Reading Italy: Garante issues fine for use of employee’s private chats in disciplinary actions

A recent and far-reaching decision by the Italian Data Protection Authority (Garante) has significantly altered the rules governing marketing privacy consent in Italy, introducing a potential obligation to adopt a double opt-in mechanism for collecting consent, that exceeds the requirements in other EU countries.

Why This Case Matters: A Shift in Privacy Consent

Continue Reading Italy: Marketing Privacy Consent – Is Double Opt-In Now Mandatory?

The potential criminalization of activities associated with ransomware cyber attacks, including ransom payments by victims, has long been an unresolved issue. This concern has now led Italy to introduce a ground breaking legislative proposal aimed at enhancing cybersecurity and mitigating threats posed by digital extortionists.

Recognizing ransomware cyberattacks not merely as economic disturbances but as

Continue Reading Italy: Ransomware and Crime – A Proposal to Tackle Cyber Extortion in Italy

The Italian Data Protection Authority (the Garante) has issued its first GDPR fine for unlawful retention of metadata from employees’ emails and web browsing activities. The decision applies the Garante’s highly discussed guidelines of 2024 on the use of metadata in workplace email systems.

The Processing of Metadata in the Employment Relations

Metadata

Continue Reading Italy: The Garante Issues First GDPR Fine Over Employees Email Metadata Privacy Breach

In 2010, Congress included a provision in the Consumer Financial Protection Act (CFPA) requiring that the Consumer Financial Protection Bureau (CFPB or Bureau) promulgate rules effectuating what is commonly referred to as “Open Banking.”   Specifically, the rules would require any entity that engages in offering or providing a consumer financial product or service to make

Continue Reading US: Open Banking Regulation Arrives in the US