Skip to content

Author Archives: Andrea Monti

GDPR is for Filing System Processed Data Only

A fair quantity of data processing, though digitally performed, is outside of the GDPR’s reach. I do not have figures comparing database-based processing to instantaneous, non-filing-system-handled data manning, nevertheless it is fair to say that the latter are a relevant part of the digital ecosystem (think of the instant messaging sector, where end-to-end communication is […]

The GDPR and the problem of “simple” wording-based consent

An always present “advice” about GDPR’s consent gathering is “keep it simple and clear”. This call for clarity, mainly advocated by the Data Protection Authorities themselves, is based on the assumption that legalese is actually a way to deceive the data subject into releasing a non well understood consent. Clarity is a good thing but, […]

The GDPR doesn’t work for Data Retention

A simple syllogism.

The EU Court of Justice: privacy and data protection are different rights. Data Protection Authorities are on notice

The press release 84/2017 issued by the EU Court of Justice on the EU-Canada PNR transfer contains¬† an important (though unnoticed) statement: … the transfer of PNR data from the EU to Canada, and the rules laid down in the envisaged agreement on the retention of data, its use and its possible subsequent transfer to […]

A useful feature of the upcoming GDPR

The unified system of definitions set forth by the GDPR is its main strength because it prevents – at national level – the unauthorized modification of the EU provisions.

Enforcing the GDPR: Authority vs Legal Interpretation

In the last couple of days, commenting a Linkedin post about Article 29’s (the future European Data Protection Supervisor) opinions, I’ve been involved in an interesting thread that can be summarized as “Authority vs. Legal Interpretation”.

The Italian Data Protection Authority to Challenge the European Court of Justice?

According the online newspaper Repubblica.it, the Italian Data Protection Authority (DPA) stated verbatim that the 72¬† months retention periodo imposed by the upcoming legislation is much too long. By doing this, the DPA implied that the only problem with data-retention is its duration, and didn’t mention the main issue raised by the EUCJ decision: carpet […]

Vaccines do not cause autism, do they?

Vaccines do not cause autism: this is what, according an Italian online newspaper, the Supreme Court (is supposed to have) stated, thus putting a “The End” tag to story where the viruses of superstition and ignorance plagued the mind of millions people who refused to treat their children because of a blatantly false information.

Cyber-Wathever Expert in Ten Steps

No need to know what you’re talking about when writing about computers. Just follow these 10 steps and gain major media and companies attention!

Data Retention Strikes Back in Italy

The Italian Parliament is going to pass a provision (“hidden” into an elevator’s safety decree) to re-introduces the extension of the original (and still possibly illegal) data-retention term up to 72 months.