Skip to content

About GDPR and Extraterritoriality

The extra-territorial aspect of the GDPR has been designed mimicking the criminal law approach enforced to punish crimes committed abroad by a national citizen. But while this approach works for criminal law, it doesn’t for civil (in the Continental meaning of the word) law that is strongly based on the jurisdiction (meant as “geographical limit to the power of a sovereign State) concept. Under this principle, a law can’t extend its reach outside the boundaries of the State that passed it. (Continued)

The Agenzia delle entrate possible data-breach and the Italian Data Protection Authority’s reaction

According to Il Sole24 Ore (the Italian financial daily newspaper), the Agenzia delle entrate (the public body entitled to the processing of Italian citizen’s tax information – about 20 billion, says the newspaper) has been shut down because of a bug allowing unrestricted access to those tax related information.

This is a clear infringement of the data protection by design and by default rule, as well as evidence that a poor security check has been done before opening the server to the Internet. But the Italian Data Protection Authority, instead of starting an investigation, just “asked for information”, a rather odd behaviour if compared to the attitude showed by the Authority toward the private sector.

I wonder if the DPA will use the very same light approach when a similar – and maybe less threatening – even should happen to some non public entity.

The EUIPO wrong notion of Internet Domains

The European Union Intellectual Property Office published a chart to advocate the superiority of the trademark registration over the domain registration as a tool to protect a brand or a business name. But these information are legally incomplete and technically wrong.

Let’s see why. (Continued)

A CRISPR-Cas9 Research and the GDPR. A case-study

Personal genetic data processing is routinely believed to be subjected to Data Protection Regulations and in particular to the EU General Data Protection Regulation. While this is – in general – true, it is important to know exactly when and until where those regulation can affect the genetic research and – therefore – the possibility to find a cure for genetic diseases. Clearly, an actual life-or-death problem. (Continued)

Business Insider and the Western Centric Arrogance (Oversimplification, again)

A couple of articles from Business Insider just gave me the chance to talk again of the interconnected world cultural oversimplification problem, and the (lack of) responsibility of professional information provider (not only journalists, I mean.)

The European Data Protection Supervisor on HowTo Give GDPR-related Information when Hiring

A couple of weeks ago the European Data Protection Supervisor  released the call for application CA6/2017 to hire a data and social scientist (Continued)

Bruce Lee, Getty Images and the Dangers of Cultural Oversimplification in an Overconnected World

Chinese-American martial arts exponent Bruce Lee (1940 – 1973), in a karate stance, early 1970s. (Photo by Archive Photos/Getty Images)

The Internet is a necessary tool to handle international exchanges. Online Professional Content Delivery Services should pay the utmost attention to the information they release (Continued)

A landmark decision about privacy from Indian Supreme Court?

Thanks to professor Raymond Wacks, possibly the world leading authority on privacy and privacy-related issues, I had the chance to read a more-than-500-pages-long privacy decision issued by the Indian Supreme Court last August 27. Definitely, a text that worth to be read. (Continued)

The Basic Unfairness of the GDPR: a Regulation with No Teeth

A basic rule when designing a law is to create a precise link between the “order” part (thou shall not…) and the fine deriving from the non compliance (… otherwise shall go to jail.) But this is not enough, because to have a law working properly or being effective, it must be actually enforceable, otherwise this law would turn from a social regulation tool into an abuse of power from the State. (Continued)

Bloomberg’s Article Delivers Misleading Information on Robot Insecurity

Popular Robots are Dangerously Easy to Hack, Cybersecurity Firm Says” is an article by Jeremy Kahn published on Bloomberg Technology’s website that accounts for some vulnerabilities found in robot deployed in the industrial and home sectors. (Continued)