Italy: The Italian Data Protection Authority's "Anti-Spam handbook"
Published 20 April 2015
The Italian Data Protection Authority (the Garante) has issued an "anti-spam handbook" (the Guidance), which summarises their advice for businesses to avoid invasive marketing activities across a variety mediums and provides guidance to consumers as to their rights. The Guidance also includes a simplified procedure for consumers to inform the Data Protection Authority of data breaches.
It also clarified that the rights under the Italian data protection law can only be enforced if the person is in breach is a legal entity established in Italy. If the transgressor is located abroad the Garante can ask for the cooperation of the local DPA to pursue that transgressor.
The Guidance is not mandatory but is useful insight as to how the Garante will view data protection compliance, particularly as marketing activity is currently viewed sensitively by the Garante.
A press release from the Garante asking for more severe sanctions for invasive marketing activities is available here (Italian).
Provided by Aldo Feliciani of Studio Legale Bonora e Associati in Milan, Italy.
What action could be taken to manage risks that may arise from this development?
Companies should bear the Guidance into account when carrying out marketing activities in Italy.