On June 6, the Italian Data Protection Authority, the Garante, presented its 2016 Annual Activity Report, focusing on several current data privacy issues and highlighting its efforts with regard to the upcoming entry into force of the General Data Protection Regulation in May 2018.
During the presentation, the Garante took the occasion to emphasize the importance of its privacy watchdog role over the past two decades and the relevance of its future duties in view of the new regulatory framework set forth under the GDPR.
In fact, since its late 1996 creation under the guidance of forerunner Professor Stefano Rodotà, the Garante has always played a crucial role in the balance between individual privacy, free circulation of data, and digital rights. “Should technology be ethically, politically, socially and legally acceptable above all, or is it just aimed at making things technically possible?” asked Rodotà in Garante’s first annual report to the Italian Parliament.
In 2017, the answer is still open to debate.
Although many things have changed over the past 20 years, the Garante acknowledged that the challenge to technology, data ethics, and privacy rights have never been so felt and discussed, both from an economic and a legal point of view.
The Garante underlined that the Italian legislature should ensure the authority’s wider inspection powers with regards to privacy enforcement by granting it a constant support from the Italian Fiscal Police.
To this extent, the report highlighted the need for greater institutional attention on effective privacy enforcement, supported by an increase of the human and economic resources available to the authority. This comes with the aim of strengthening the Garante’s supervisory powers and its future role within the European Data Protection Board, in line with what many other EU member states are already doing.
In light of the above, the Garante underlined that the Italian legislature should ensure the authority’s wider inspection powers with regards to privacy enforcement by granting it a constant support from the Italian Fiscal Police (i.e. Guardia di Finanza) and pushing for greater data protection awareness within the public administration at large.
As a matter of fact, the Garante’s 2016 enforcement action led to the record amount of 3.5 million Euros of sanctions issued, as well as to several thousand acts between general orders, opinions, recommendations, authorizations, inspections, and notifications. And this is without mentioning the recent record highest sanction ever across EU member states under Directive 95/46/CE, of 11 million euros issued in the famous “Money Transfer” case.
Since the relation between free market and digital rights is also at play, the Garante welcomed further cooperation with all national supervisory authorities operating in the field of antitrust and telecommunications, with a view to strengthening that “Digital Clearinghouse” firstly promoted by the European Data Protection Supervisor with the aim to investigate the extensive use of big data and advanced analytics techniques by so-called Over-The-Top providers.
In a sense, the Garante added, regulation of international data flows is also key for a correct exercise of the enforcement powers set forth by the GDPR. In fact, the Privacy Shield was only the first of many much-needed data flow agreements that shall be discussed around the world, with particular priority given to those with China and Japan.
In conclusion, this further report by the Authority is another strong sign that something is moving in the privacy world — not only with regards to the incumbent rise of the GDPR but also because it seems that a new data protection awareness culture may finally gain a foothold at both a national and international level.
Only time will tell us whether the Garante’s view will prove pioneering in the change of attitude towards data privacy and the unavoidable digitalization of our society. However, it remains clear that next year’s annual report may prove very surprising and definitely one to look forward to.
If you want to comment on this post, you need to login.