Categories: Insights, Publications


19 Apr 2018

Privacy at work. New legislation entering into force on May 25, 2018 (Guida al Lavoro de Il Sole 24 Ore, 20 April 2018 – Vittorio De Luca, Elena Cannone, Antonella Iacobellis, Luciano Vella, Lucio Portaro)

The European Regulation on the Protection of Personal Data is entering into force.

Starting from 25 May , 2018, the European Regulation will be fully operative, introducing many news on the matter of privacy; news that companies will have to deal with on a daily basis. First of all, the accountability principle is introduced: more freedom for Data Controllers and Data Processors in the choice of the measures to be adopted but also greater responsibility, especially in view of the penalties established to protect compliance with the Regulations, which has become more severe. Second of all, the new Regulations redefine their territorial scope of application: in fact, companies outside Europe but processing personal data of parties located within the European Union will also be subjected to the application of the Regulation. In addition, the methods in which data are transmitted outside the European Union are carefully regulated. The new legislation, in addition to reaffirming some fundamental rights already known, establishes new ones, such as the so-called right to data portability and the so-called right to be forgotten which, although already known in practice, has been officially regulated for the first time. Another new aspect, which was much discussed, is the mandatory appointment, under certain conditions, of a Data Protection Officer (DPO) tasked with supervising the correctness of the fulfilments in this regard and of acting as a point of contact between the various parties involved (Data Controller, Data Subjects, and Supervisory Authorities). Moreover, again in order to strengthen compliance with the Regulation, if data processing may put at risk the rights of Data Subjects, the Data Controller, prior to processing the data, shall carry out a potential impact assessment (PIA), focused on the analysis of the probability and severity of the risk. Furthermore, from the provision of the Regulation, the system of notifications and communications of possible violations of personal data (so-called Data Breach), is well regulated. In short, the Regulation represents a clear response by the European legislator to the evolution that the concept of “privacy” is undergoing, especially in light of the ongoing industrial revolution. It will, however, have to deal with the legal institutions existing in our system, first of all art. 4 of the Workers’ Statute and Whistleblowing Law 179/2017.

Subscribe to our newsletter

Contact

Need information? Write to us and our team of experts will respond as soon as possible.

Fill in the form

More news and insights

8 Jul 2026

Pay transparency: one month after its entry into force, two approaches are emerging in the market (The Platform, 8 July 2026 – Vittorio De Luca, Claudia Cerbone e Martina De Angeli)

Since 7 June, EU rules aimed at strengthening the principle of equal pay between men and women for the same work or for work of equal value have…

2 Jul 2026

Did you know…? As of 7 June 2026, Legislative Decree No. 96/2026 is fully in force

As of 7 June 2026, Legislative Decree No. 96/2026 is fully in force. It also introduces into the Italian legal system a structured framework on pay transparency, with…

2 Jul 2026

Failure to serve disciplinary charges does not render the dismissal null and void: italian supreme court confirms no reinstatement remedy for employers below the statutory workforce threshold

Principle of Law In its recent judgment No. 17283 of 1 June 2026, the Italian Supreme Court (Corte di Cassazione) examined the legal consequences arising from the employer's…

2 Jul 2026

AI and the employment relationship: initial guidance from the implementing decrees and data protection implications

Following the preliminary approval by the Council of Ministers, on 10 June 2026, of the first draft legislative decrees implementing the enabling law on artificial intelligence (Law No.…

1 Jul 2026

Sustainability, Responsibility, and the Future: A Commitment That Grows with Time

As we celebrate our 50th anniversary, we have chosen to look to the future with the same care and dedication with which we preserve our roots. Those roots…

25 Jun 2026

Pay Equity and Pay Transparency: What Will Change in Italy (People are People, 25 June 2026 – Claudia Cerbone e Martina De Angeli)

With Legislative Decree No. 96 of 7 May 2026, which entered into force on 7 June 2026, Italy transposed Directive (EU) 2023/970 on pay transparency, becoming one of…