III. Privacy topics
Internet and consumer privacy
The Italian Code considers the sending of unsolicited emails to be a very serious offence.1 If an individual is found guilty of sending spam and trying to profit from such emails, he could face up to three years in prison. Since many companies are losing a large amount of bandwidth as a result of dealing with spam, the Italian government has now made spam an act of theft. Italy is one of the first countries to implement legislation that actively deals with combating spam. Critics remain skeptical of Italy's law, because many of the sources of spam are from outside the country and therefore outside the Italian court's jurisdiction.
The sending of spam, however, is an ever-recurring topic, not only as regards commercial messages, but also in connection with "political marketing". In 2004, the Garante issued two provisions. The Garante took part in meetings in which fixed and mobile telephony operators, consumer associations, and ISP associations participated. These meetings were focused on the drafting of a self-regulatory code.2 In 2008-2009 the Garante received many requests for action against unsolicited messages (email, fax, phone calls, SMS). On several occasions, even after inspection findings, the Authority has prohibited the sending of promotional communications by mail to third parties without data subjects' prior, specific, and informed consent according to Article 130 of the Code.3 In some case where unlawful processing was found, the Garante imposed administrative penalties according to Articles 161 and 162, paragraph 2-Bis of the Code) and informed the prosecution authority. With regard to "fax advertisements" to recipients who had received adequate information ex Article 13 of the Code, but who had never given their consent, the Garante adopted various restrictive measures and imposed administrative sanctions.4 On 20 November 2009, the Act No. 166, Art. 20 bis, finally adopted an opt-out system for commercial information, thus reversing the opt-in mechanism introduced by the Code.
Online social networks and virtual communities
In the 2007 Annual Report, the Garante stressed the necessity to clearly determine whether the information contained in personal profiles on social networks is protected and used properly.5 A Guide on Social Network Services and Privacy was finally adopted in March 2008. In the document, while mentioning the risks of the new digital environment, the Garante suggested a number of proactive measures like use of pseudonyms and the implementation of privacy by design. By stressing that data protection should be "embedded" in ICT through default settings, the idea is to prevent privacy infringement from the very beginning, through the incorporation of data protection safeguards in the use and employ of ICT.6
Online youth safety
As previously mentioned,7 during 2009, the Garante decided to launch an initiative targeted at students on the occasion of European Data Protection Day (28 January).8 The initiative was termed "Cinema & Privacy" and lasted four days; it was aimed at raising youths' awareness of the importance of protecting privacy in today's society and of the need for learning how to protect one's privacy. Movies chosen as particularly relevant in addressing privacy issues from different standpoints were shown at the Conference Room of the Garante. Each movie was introduced by one of the four members of the Garante as well as by a video created on purpose by the Garante to describe â€“ again with the help of movies â€“ minor and major "intrusions" into our private sphere. Students from high schools in Rome were invited to the shows and called upon to discuss and exchange views. Additionally, a booklet was produced by the Garante in 2009 to provide guidance (especially to youths) in dealing with social networks and making knowledgeable use of their potential. The booklet, called "Social Networks: Watch out for Side Effects" was made available for free in the main Italian post offices.9 This initiative was aimed at helping both experienced and inexperienced users to take full advantage of the potential inherent in these innovative communication tools without endangering their private and professional lives.
The Workers' Charter prohibits employers from investigating the political, religious, or trade union opinions of their workers, and in general, any matter that is irrelevant for the purposes of assessing their professional skills and aptitudes.10
On 2 February 2010, by sentence No. 4375/2010, the Court of Cassation, Job Section, stated that companies cannot spy on employees who surf the Web during office hours. The centralised computer monitoring of employees constitutes "a breach of their privacy and autonomy". In addition, if the navigation is done without encroaching on abuse the employee can not be fired.11
Health and genetic privacy
Legislative Decree No. 269 of 30 September 2003,12 converted with amendments into Act No. 326 of 24 November 2003,13 set out the requirements to monitor health care expenditure. During the process leading to the conversion of the legislative decree, the Garante drew Parliament's attention to the sensitive issues raised by Section 50 in the decree, providing, inter alia, for the establishment of a database containing the fiscal identification codes of all health care beneficiaries in order to monitor health care expenditure. The Garante pointed out that the purpose the decree sought was undoubtedly in line with streamlining supervision over the state's expenditure; however, the tools envisaged to that end might jeopardise citizens' rights to the protection of their personal data â€“ in particular the data concerning health, which are covered by special safeguards.14
On 1 January 2005, the Italian Electronic Health card was launched. Together with e-prescriptions, the e-Health card is a key element of the Italian national e-Health Programme, which aims at controlling public health expenses while improving communication between health professionals and delivering better services to patients. The card, which contains a magnetic stripe but no chip, also features the European e-health insurance card information on the back. They are used in conjunction with the National Healthcare Expenditure Monitoring System, commonly referred to as the "TS System." Designed to monitor and manage each phase of the public health expenditure cycle, from drug prescription to service delivery, the system will allow Italian authorities to enhance controls on the healthcare benefits of each citizen. The TS System is coordinated by the Italian Revenue Agency and implemented by Sogei15 in those regions where e-health cards are being issued. Distribution of the cards has already started in the Regions of Abruzzi, Umbria, Emilia Romagna, Veneto, and Lazio. The government will progressively introduce the e-health card in other regions, with the objective of issuing 15 million cards by April 2005.16 By June 2010, the goal of covering all of the regions of Italy was mostly achieved (with the safeguards we will illustrate in the section on major privacy case law).
The Garante has finally specified the conditions in which the right to privacy and the right of access to clinical records held by health care institutions could be balanced. This is an issue arising mostly in connection with the requests made by defence counsel carrying out their own investigations in order to access records containing data relating to health and/or sex life. In particular, the so-called "equal importance" principle holds that the processing of personal data in order to enable access is only allowed if the right to be defended through the request for accessing administrative records is at least as important as the data subject's rights, or else consists in a personal right or another fundamental, inviolable right or freedom. In other words, the defendant's rights must be equal to, or outweigh, the other individual's fundamental right to privacy.
As reported above, on 16 July 2009, the Garante issued guidelines concerning the management of health dossiers and e-files, as well as online medical reports.17
In 2008, the Garante prohibited the Italian Revenue Office from posting the tax returns of all Italians on the Internet a few days after the data had been made public on the Revenue Office's website.18 Dissemination of the data was found to be in breach of the sector-specific legislation, which allowed for different, less privacy-intrusive mechanisms to obtain information on taxpayers' income. Posting the data on the Internet was also found to be disproportionate vis-Ã -vis the purpose of making available the information in question. The consequences of this blanket, unfiltered disclosure of the data concerning all Italian taxpayers were manifold. A considerable number of users in Italy as well as abroad were able to access a huge amount of data in the space of a few hours, since the data were available at a single source. They could copy the data, generate their own databases, modify and/or process the data, create profiling lists, and circulate the data further with all the attendant accuracy risks. In addition, it could be established that the Revenue Office had failed to request the Italian DPA's opinion â€“ which is mandatory under the law â€“ prior to adopting the decision to publish the data on the Internet.
A decision adopted in September 2008 took stock of the critical problems found by the Garante following several inspections that had been carried out with respect to the taxpayers' register â€“ where millions of records on Italian taxpayers are kept and may be accessed, via different tools, by a considerable number of users including public and private bodies â€“ and set forth the technological and organisational measures required to enhance security of access and bring the processing into line with data protection legislation.19 Given that the critical problems in question were related to the lack of information on the overall number of access-enabled users, poor monitoring of access and inappropriate use of passwords and user IDs, and the inadequate technological measures to ensure data security, the Italian DPA required regular monitoring of the access-enabled bodies and organisations; carrying out a survey of all data flows from and to the Register including the particulars of the entities able to access the Register, the applicable legal grounds, nature and type of the transferred data; partitioning the data that may be accessed to ensure that only such data may be viewed as the individual user is authorised to access; implementing alert systems to detect and prevent security breaches; implementing authentication/enhanced authentication mechanisms; logging access and restricting the maximum number of instances of access; implementing secure connection channels in case of web-based data flow management; timely disabling of users no longer entitled to access the relevant data.
- 1. Will Sturgeon, "Italy Plans to Jail Spammers," Silicon.com, 5 September 2003, available at http://www.silicon.com/research/specialreports/thespamreport/0,39025001,....
- 2. Garante per la Protezione dei Dati Personali, Annual Report for 2007, supra.
- 3. See e.g. http://www.garanteprivacy.it/garante/doc.jsp?ID=1520263.
- 4. See e.g. http://www.garanteprivacy.it/garante/doc.jsp?ID=1667012.
- 5. Garante per la Protezione dei Dati Personali, Annual Report for 2007, full text in Italian available at http://www.garanteprivacy.it/garante/doc.jsp?ID=1533131. The English summary is available at http://www.garanteprivacy.it/garante/doc.jsp?ID=1750234.
- 6. Id. See also the section "Online youth safety," infra in this report.
- 7. See section "Data Protection Authority," supra in this report.
- 8. See http://www.garanteprivacy.it/garante/navig/jsp/index.jsp?folderpath=Atti....
- 9. Available in Italian and English at http://www.garanteprivacy.it/garante/doc.jsp?ID=1614258.
- 10. Legge No. 300, 20 May 1970. Â§ 8.
- 11. Corte di Cassazione, Sezione Lavoro, Judgment No. 4375/2010, 2 February 2010. See alsoRoberto Cataldi, "Cassazione: non si spiano i dipendenti ed Ã¨ illegittimo il licenziamento di chi naviga nel web" ("Court of Cassation: It Is Forbidden to Spy Employees and It Is unlawful to Fire who Is Surfing on Internet"), 25 February 2010, at http://www.studiocataldi.it/news_giuridiche_asp/news_giuridica_8080.asp.
- 12. Decreto Legislativo No. 269, 30 September 2003.
- 13. Legge No. 326, 24 November 2003.
- 14. Indeed, it would arguably always be possible to trace each data subject's medical history based on the information concerning prescriptions and specialists' advice. The Garante pointed out that the legislation in force already sets forth procedures to monitor health care expenditure without setting up centralised databases, and stressed that the need to increase the effectiveness of such procedures should not result in limiting the right to personal data protection. According to the Garante, in order to comply with personal data protection legislation, the monitoring system would have to prohibit the processing of identification data, and the setting up of a centralised database, if any, should be based exclusively on the use of anonymised data.
- 15. Homepage http://www.sogei.it/flex/cm/pages/ServeBLOB.php/L/IT/IDPagina/1/.
- 16. See "Italy eServices for Citizens," eGovernment News, 12 January 2005.
- 17. See Section "Data Protection Authority," supra in this report.
- 18. Annual Report of Article 29 Data Protection Working Party (2008), supra at 55.
- 19. Id.