Andrea Monti – Page 113 – On ICT law, politics and other digital stuff

February 24, 2014

The Italian Data Protection Authority to wrongly enforce the Data Protection

The Italian Data Protection Authority continues the enforce a wrong interpretation of ? the Data Protection Code to affirm back ? its jurisdiction over the legal person.

On Feb. 7, 2014 an Italian company active in the ICT VAS received a decision issued by the Italian Data Protection Authority that challenged the handling of legal person data on the basis that, no matter what the recent amendment of the Data Protection Act says, the legal person data are still under the IDPA jurisdiction.

While the appeal against this decision is still to be (filed and) decided, it is important to understand the background of the IDPA assumptions. The EU Directive 95/46/CE clearly states that the its realm of application is limited to a “natural person” only, therefore the “legal person” are not subjected to the Data Protection Code and – a fortiori -to the jurisdiction of the DP Commissioner. Contrary to what the Directive said, Italy passed a “modified” DP Act extending its reach up to legal person. This lead to a waste of time and (huge quantity of) money to comply with something that the EU never asked for.
Only on Dec. 24, 2011 (better late than never) the Law n. 214 fixed this appalling mistake but the Data Protection Authority didn’t agree with the Parliament and issued an order where with a byzantine and convolute syllogism tries to get the notion of legal person back under its reach.

As the Italian Courts often show, the IDPA is not always right in its interpretation of the DP Act and in this specific case it will be interesting to see on which basis the Authority will affirm the superiority of the DP Act over another Law that, by coming later, has the power to limit or provide means of interpretation – even implicitly – an older one. To put it short, the Data Protection Act is not a Constitutional Law and can be interpreted and modified by later-issued law, as in this case.

February 17, 2014February 17, 2014

Conversation on Evidence

“Discorsi sulla prova” (“Conversations on evidence”) is a conference that will be held in Milan, next Apr. 4.

Judges, philosophers, physicians and scientist will talk about the different meaning of the word “evidence” in their specific fields.

More info here.

February 15, 2014

The Italian Data Protection Authority lost a trial (and must pay the legal fees)

On Jan. 29, 2014 the Italian Data Protetcion Authority lost a case tried by the Court of Milan and has been ordered to pay the plaintiff’s legal fees.

The claim has been filed by a company providing directory services, charged by the IDPA of having sent an unsolicited fax without having got the consent of the receiver.

There are several interpretation issues of the Italian Data Protection Act involved in this decision, that the justice decided not to address, by just trying to “save” the (wrong) interpretation backed by the IDPA. Nevertheless, the justice couldn’t avoid to state that the sending of the (allegedly) unsolicited fax happened in a B2B context that is protected by Sect. 41 of the Italian Constitution and that – as such – needing that information must freely flow (OMG, is this a chapter of ? “The Hacker Strikes Back”?)

🙂

February 4, 2014

How Linkedin Helped to Fight a Possible Scam

Among the usual daily flow of e-mails that submerges me, today I’ve spotted a request for contact coming from a North-European research firm active in the healthcare sector. Its CFO asked for information about a possible breach of contract litigation.

I didn’t have any reason to think of this e-mail as a scam, but there was “something” definitely odd in the message. So I checked both the person and the company name on the Internet and they were real. Still, I wasn’t convinced and decided to have a look at the message header: again, I got contradictory results. The mail server used to send the message was in a remote part of the US, belonging to a local ISP with no apparent connection with both Europe and the Healthcare industry the message was (apparently) coming from.

This couldn’t be a coincidence so I’ve searched the Linkedin profile of the manager that allegedly sent me the message and dropped him an in-mail (so to be sure about his identity and affiliation) and… gotcha! He replied confirming that it wasn’t him the sender of the message.

To put it short, it was a scam and being on Linkedin helped both me to avoid a fraud and this company to discover that it is targeted by an identity theft.

January 29, 2014December 9, 2016

The Legal Status of Bitcoin in Italy

While it’s easy to think of Bitcoin as a “currency” things become complicated when approaching the issue from a legal (though, Italian) perspective.? Under Italian law, Bitcoin neither is a “currency”, nor the equivalent of check or a credit card. Is “just” a good that people freely chose to put some value into, like an old camera or a classic car whose intrinsic value is close to nil, while the trading value skyrockets.

To better explain my point, let’s start with some economics.

Currency, in itself, has no intrinsic value. We do accept a piece of paper because we trust that somebody else, on the receiving side, will do the same, otherwise we don’t. This is what happened during the Cold War, when in the Eastern Block countries western currencies – officially not allowed – were traded on the black market, while in the West nobody would ever accepted Roubles. For the records, the root of this “psychological” way to create value dates back to the breaking of the Bretton-Woods Agreements.? So, as odd as it may seems, we may safely assume that money is just a creation of the mind. The “currency power” is a prerogative of a sovereign State. In other words, to be acknowledged as “currency” a currency must come from the Power-that-be. Thus, whatever doesn’t fit this requirement can’t be called “currency” or “money” (this is true within the EU, but not in some parts of the USA where the “private currency” is currently allowed.) It comes from this definition that Bitcoin is not a “currency”.

Is, then, Bitcoin something like a check or a promissory note? No, because under Italian law these things are regulated by specific laws.

Furthermore, is Bitcoin similar to a credit-card? Again, no, because there is no third-party who guarantee for use of the plastic-money.

One possible solution, at least under the Italian legal system, is to treat a Bitcoin as an immaterial good that can be traded as a quid-pro-quo either with other Bitcoins or different things. Simple as that.

Of course, I’m aware of the issues raised by the use of Bitcoins that – if you think for a while – aren’t different by those related to the use of cash or other valuable assets. Gold, diamonds and other precious things can be used for legitimate purposes or to fund illegal activities. But this doesn’t make a brick of gold illegal “ex se”. The same approach should work for Bitcoins (whathever its legal status.) It is the misuse that should be punished and not the Bitcoin in itself. Unfortunately, as always happens when technology is involved, the “Fear Spreading Professionals” are playing loud their “warning” instead of trying to understand how to gain advantage from a brilliant mathematical application.