SlideShare une entreprise Scribd logo

Workplace Privacy (excerpt)

Andrea Maggipinto [+1k]
Andrea Maggipinto [+1k]

Employees are entitled to a reasonable protection of their privacy in personal and professional relationships alike. But what about the Employer’s Control? NEW EMAIL ACCOUNT: AVVOCATO@MAGGIPINTO.EU

DroitTechnologieActualités & Politique
1  sur  11
Télécharger pour lire hors ligne
Professional Training in Milan (Italy) 4 June 2014 Workplace Privacy (excerpt) Dr. Andrea Maggipinto, ICT Lawyer Bar Association of Milan
Employer’s Control Avv. Andrea Maggipinto Employees are entitled to a reasonable protection of their privacy in personal and professional relationships alike (see Italian Constitution, and the Italian Data Protection Code: the so called “Privacy Code” - D.Lgs. 169/2003) ensuring that data subjects' rights, fundamental freedoms and dignity are protected also in the workplace limitations under local laws (Italy)
Binding principles Avv. Andrea Maggipinto The processing must be compliant with data protection safeguards in pursuance of the following binding principles: (i) necessity: information systems and software must be configured by minimizing use of personal and/or identification data in view of the purposes to be achieved (article 3 of the Privacy Code); (ii) fairness: the fundamental features of the processing must be disclosed to employees (article 11 of the Privacy Code), so they can be aware and fully informed thereof; (iii) the processing must be carried out for specific, explicit and legitimate purposes in compliance with relevance and non-excessiveness principles (article 11 of the Privacy Code).
Employer is required to Avv. Andrea Maggipinto always provide clear-cut, detailed information on the appropriate mechanisms of use applying to the equipment that is made available as well as on whether, to what extent, and how controls are carried out (it is appropriate to issue internal guidelines); always inform employees in advance and unambiguously about any processing operations that may concern them in connection with possible controls, according to article 13 of the Privacy Code (the so called “Information Notice”).
Hardware and Software Avv. Andrea Maggipinto It is not permitted to process data by means of hardware and software systems that are intended to carry out distance controls (at times in a very detailed manner) in order to keep track of employees' activities.
Compliance Employers may lawfully avail themselves of systems that allow distance controls to be carried out indirectly (so called “unintentional controls”) in compliance with article 4 of the Act no. 300/1970 (so called “Workers' Statute”). In fact, data protection Italian legislation must be applied jointly with sector-related rules concerning labor law (in particular, article 4 of the Workers' Statute regarding the so called “distance monitoring”). Avv. Andrea Maggipinto
Distance monitoring The Italian Data Protection Authority established that equipment intended for distance monitoring is forbidden, for instance: the systematic scanning and recording of email messages and/or the respective external data apart from what is technically necessary to provide email services; the reproduction and systematic storage of the web pages visited by employees; keystroke pattern analysis and recording devices; the hidden monitoring/analysis of laptops entrusted to individual employees. Avv. Andrea Maggipinto
Unintentional control The employer must respect his employees' dignity and freedom with particular regard to the prohibition against deploying "equipment for the purpose of controlling employees' activities from a distance" – which unquestionably includes hardware and software equipment intended to control the users of electronic communications systems. However, if potential criminal activities were detected through indirect and “unintentional controls”, this information could be used against the employee according to local laws. Avv. Andrea Maggipinto
Lawfully Data Processing Employers may lawfully process personal, non-sensitive data if the following applies: (i) if the circumstances are such as to warrant the legitimate establishment of a judicial claim; (ii) if the data subject has given his/her free consent thereto in a valid manner; (iii) without the data subject's consent only in pursuance of a decision that establishes a legitimate interest in processing the data in question as per the legislation concerning the so-called balancing of interests (see article 24). Avv. Andrea Maggipinto
Employees’ e-mail There are restrictions for the Company viewing and accessing of employee email. As regards the use of emails in the employment context and by having regard to the outward appearance of email addresses in the individual cases, in the absence of specific policies, the employee may legitimately expect certain types of communication to be kept confidential. So it is strongly recommended to establish company policy and procedure to control employee emails. Avv. Andrea Maggipinto
Dr. Andrea Maggipinto, ICT Lawyer andrea.maggipinto@gmail.com W W W . M A G G I P I N T O . O R G Via Caradosso n. 7 20123 Milan (Italy) T: +39 02 48102313 F: +39 02 48102321 it.linkedin.com/in/ andreamaggipinto @amaggipinto

Recommandé

Zurich Insurance Plc - Data Loss
Zurich Insurance Plc - Data LossZurich Insurance Plc - Data Loss
Zurich Insurance Plc - Data LossStuart Macdonald
 
Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Russell_Kennedy
 
Privacy Ordinance in Hong Kong
Privacy Ordinance in Hong KongPrivacy Ordinance in Hong Kong
Privacy Ordinance in Hong Kong若水 鲁
 
Identitymanagment
IdentitymanagmentIdentitymanagment
Identitymanagmentioannis iglezakis
 
Data protection ppt
Data protection pptData protection ppt
Data protection pptgrahamwell
 
Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016John Greenwood
 
General Data Protection Regulation (GDPR) | Privacy Law in India |
General Data Protection Regulation (GDPR) | Privacy Law in India |General Data Protection Regulation (GDPR) | Privacy Law in India |
General Data Protection Regulation (GDPR) | Privacy Law in India |Bivas Chatterjee
 
Development & GDPR
Development & GDPRDevelopment & GDPR
Development & GDPRAndrea Tino
 

Recommandé

Zurich Insurance Plc - Data Loss
Zurich Insurance Plc - Data LossZurich Insurance Plc - Data Loss
Zurich Insurance Plc - Data LossStuart Macdonald
 
Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Russell_Kennedy
 
Privacy Ordinance in Hong Kong
Privacy Ordinance in Hong KongPrivacy Ordinance in Hong Kong
Privacy Ordinance in Hong Kong若水 鲁
 
Identitymanagment
IdentitymanagmentIdentitymanagment
Identitymanagmentioannis iglezakis
 
Data protection ppt
Data protection pptData protection ppt
Data protection pptgrahamwell
 
Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016John Greenwood
 
General Data Protection Regulation (GDPR) | Privacy Law in India |
General Data Protection Regulation (GDPR) | Privacy Law in India |General Data Protection Regulation (GDPR) | Privacy Law in India |
General Data Protection Regulation (GDPR) | Privacy Law in India |Bivas Chatterjee
 
Development & GDPR
Development & GDPRDevelopment & GDPR
Development & GDPRAndrea Tino
 
Intersection of video analytics and EU legislation - Ida Koskinen
Intersection of video analytics and EU legislation - Ida KoskinenIntersection of video analytics and EU legislation - Ida Koskinen
Intersection of video analytics and EU legislation - Ida KoskinenMindtrek
 
Star II sme hotline 21.01.20
Star II sme hotline 21.01.20Star II sme hotline 21.01.20
Star II sme hotline 21.01.20Trilateral Research
 
Personal Data Protection Bill 2018
Personal Data Protection Bill 2018Personal Data Protection Bill 2018
Personal Data Protection Bill 2018Nanda Mohan Shenoy
 
Cyber Law
Cyber LawCyber Law
Cyber LawSushma Habib
 
Cyber Law
Cyber LawCyber Law
Cyber LawSushma Habib
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)Extentia Information Technology
 
Data Protection & GDPR Health Check Service Overview
Data Protection & GDPR Health Check Service OverviewData Protection & GDPR Health Check Service Overview
Data Protection & GDPR Health Check Service OverviewDVV Solutions Third Party Risk Management
 
HOW TO PROCESS DATA IN VARIOUS GEO'S A COMPARATIVE ANALYSIS BY SANJEEV SINGH...
HOW TO PROCESS DATA IN VARIOUS GEO'S A COMPARATIVE ANALYSIS BY SANJEEV SINGH...HOW TO PROCESS DATA IN VARIOUS GEO'S A COMPARATIVE ANALYSIS BY SANJEEV SINGH...
HOW TO PROCESS DATA IN VARIOUS GEO'S A COMPARATIVE ANALYSIS BY SANJEEV SINGH...Sanjeev Bharwan
 
Employee Monitoring and Privacy.pdf
Employee Monitoring and Privacy.pdfEmployee Monitoring and Privacy.pdf
Employee Monitoring and Privacy.pdfAndrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
The Privacy Advantage 2016 - Wojciech Wiewiorowski
The Privacy Advantage 2016 - Wojciech WiewiorowskiThe Privacy Advantage 2016 - Wojciech Wiewiorowski
The Privacy Advantage 2016 - Wojciech WiewiorowskiKrowdthink
 
General data protection regulation - European union
General data protection regulation - European unionGeneral data protection regulation - European union
General data protection regulation - European unionRohana K Amarakoon
 
General Data Protection Regulations (GDPR) Summary
General Data Protection Regulations (GDPR) Summary General Data Protection Regulations (GDPR) Summary
General Data Protection Regulations (GDPR) Summary Compliance3
 
THE BRAZILIAN LAW ON PERSONAL DATA PROTECTION
THE BRAZILIAN LAW ON PERSONAL DATA PROTECTIONTHE BRAZILIAN LAW ON PERSONAL DATA PROTECTION
THE BRAZILIAN LAW ON PERSONAL DATA PROTECTIONIJNSA Journal
 
AI&IP CEIPI Training, Module 9
AI&IP CEIPI Training, Module 9AI&IP CEIPI Training, Module 9
AI&IP CEIPI Training, Module 9Giancarlo F. Frosio
 
3.6 legislation and regulations
3.6 legislation and regulations3.6 legislation and regulations
3.6 legislation and regulationsmrmwood
 
Principles of mobile privacy
Principles of mobile privacyPrinciples of mobile privacy
Principles of mobile privacyEuphodia Maluleke
 
Data Protection Guide – What are your rights as a citizen?
Data Protection Guide – What are your rights as a citizen?Data Protection Guide – What are your rights as a citizen?
Data Protection Guide – What are your rights as a citizen?Edouard Nguyen
 
Data protection in_india
Data protection in_indiaData protection in_india
Data protection in_indiaAltacit Global
 
Digital evidence
Digital evidenceDigital evidence
Digital evidenceyourlegalconsultants
 
Quick guide gdpr
Quick guide gdprQuick guide gdpr
Quick guide gdprMiguel Mello
 
An Indian Outline on Database Protection
An Indian Outline on Database ProtectionAn Indian Outline on Database Protection
An Indian Outline on Database ProtectionSinghania2015
 
Privacy by design for peerlyst meetup
Privacy by design for peerlyst meetupPrivacy by design for peerlyst meetup
Privacy by design for peerlyst meetupIshay Tentser
 

Contenu connexe

Tendances

Intersection of video analytics and EU legislation - Ida Koskinen
Intersection of video analytics and EU legislation - Ida KoskinenIntersection of video analytics and EU legislation - Ida Koskinen
Intersection of video analytics and EU legislation - Ida KoskinenMindtrek
 
Personal Data Protection Bill 2018
Personal Data Protection Bill 2018Personal Data Protection Bill 2018
Personal Data Protection Bill 2018Nanda Mohan Shenoy
 
HOW TO PROCESS DATA IN VARIOUS GEO'S A COMPARATIVE ANALYSIS BY SANJEEV SINGH...
HOW TO PROCESS DATA IN VARIOUS GEO'S A COMPARATIVE ANALYSIS BY SANJEEV SINGH...HOW TO PROCESS DATA IN VARIOUS GEO'S A COMPARATIVE ANALYSIS BY SANJEEV SINGH...
HOW TO PROCESS DATA IN VARIOUS GEO'S A COMPARATIVE ANALYSIS BY SANJEEV SINGH...Sanjeev Bharwan
 

Tendances (8)

Intersection of video analytics and EU legislation - Ida Koskinen
Intersection of video analytics and EU legislation - Ida KoskinenIntersection of video analytics and EU legislation - Ida Koskinen
Intersection of video analytics and EU legislation - Ida Koskinen
 
Star II sme hotline 21.01.20
Star II sme hotline 21.01.20Star II sme hotline 21.01.20
Star II sme hotline 21.01.20
 
Personal Data Protection Bill 2018
Personal Data Protection Bill 2018Personal Data Protection Bill 2018
Personal Data Protection Bill 2018
 
Cyber Law
Cyber LawCyber Law
Cyber Law
 
Cyber Law
Cyber LawCyber Law
Cyber Law
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)
 
Data Protection & GDPR Health Check Service Overview
Data Protection & GDPR Health Check Service OverviewData Protection & GDPR Health Check Service Overview
Data Protection & GDPR Health Check Service Overview
 
HOW TO PROCESS DATA IN VARIOUS GEO'S A COMPARATIVE ANALYSIS BY SANJEEV SINGH...
HOW TO PROCESS DATA IN VARIOUS GEO'S A COMPARATIVE ANALYSIS BY SANJEEV SINGH...HOW TO PROCESS DATA IN VARIOUS GEO'S A COMPARATIVE ANALYSIS BY SANJEEV SINGH...
HOW TO PROCESS DATA IN VARIOUS GEO'S A COMPARATIVE ANALYSIS BY SANJEEV SINGH...
 

Similaire à Workplace Privacy (excerpt)

The Privacy Advantage 2016 - Wojciech Wiewiorowski
The Privacy Advantage 2016 - Wojciech WiewiorowskiThe Privacy Advantage 2016 - Wojciech Wiewiorowski
The Privacy Advantage 2016 - Wojciech WiewiorowskiKrowdthink
 
General data protection regulation - European union
General data protection regulation - European unionGeneral data protection regulation - European union
General data protection regulation - European unionRohana K Amarakoon
 
General Data Protection Regulations (GDPR) Summary
General Data Protection Regulations (GDPR) Summary General Data Protection Regulations (GDPR) Summary
General Data Protection Regulations (GDPR) Summary Compliance3
 
THE BRAZILIAN LAW ON PERSONAL DATA PROTECTION
THE BRAZILIAN LAW ON PERSONAL DATA PROTECTIONTHE BRAZILIAN LAW ON PERSONAL DATA PROTECTION
THE BRAZILIAN LAW ON PERSONAL DATA PROTECTIONIJNSA Journal
 
3.6 legislation and regulations
3.6 legislation and regulations3.6 legislation and regulations
3.6 legislation and regulationsmrmwood
 
Principles of mobile privacy
Principles of mobile privacyPrinciples of mobile privacy
Principles of mobile privacyEuphodia Maluleke
 
Data Protection Guide – What are your rights as a citizen?
Data Protection Guide – What are your rights as a citizen?Data Protection Guide – What are your rights as a citizen?
Data Protection Guide – What are your rights as a citizen?Edouard Nguyen
 
Data protection in_india
Data protection in_indiaData protection in_india
Data protection in_indiaAltacit Global
 
An Indian Outline on Database Protection
An Indian Outline on Database ProtectionAn Indian Outline on Database Protection
An Indian Outline on Database ProtectionSinghania2015
 
Privacy by design for peerlyst meetup
Privacy by design for peerlyst meetupPrivacy by design for peerlyst meetup
Privacy by design for peerlyst meetupIshay Tentser
 
"Legal tips and compliance requirements" - Anastasia Botsi, ICT Legal
"Legal tips and compliance requirements" - Anastasia Botsi, ICT Legal"Legal tips and compliance requirements" - Anastasia Botsi, ICT Legal
"Legal tips and compliance requirements" - Anastasia Botsi, ICT LegalCyber Watching
 
Curia case c‑131-12 gonzalez versus google
Curia case c‑131-12 gonzalez versus googleCuria case c‑131-12 gonzalez versus google
Curia case c‑131-12 gonzalez versus googleJan Husar
 
EU General Data Protection Regulation (GDPR)
EU General Data Protection Regulation (GDPR)EU General Data Protection Regulation (GDPR)
EU General Data Protection Regulation (GDPR)Enrico Gianluca Caiani
 
Data Security Law and Management.pdf
Data Security Law and Management.pdfData Security Law and Management.pdf
Data Security Law and Management.pdfMeshalALshammari12
 
Startups - data protection
Startups - data protectionStartups - data protection
Startups - data protectionMathew Chacko
 

Similaire à Workplace Privacy (excerpt) (20)

Employee Monitoring and Privacy.pdf
Employee Monitoring and Privacy.pdfEmployee Monitoring and Privacy.pdf
Employee Monitoring and Privacy.pdf
 
The Privacy Advantage 2016 - Wojciech Wiewiorowski
The Privacy Advantage 2016 - Wojciech WiewiorowskiThe Privacy Advantage 2016 - Wojciech Wiewiorowski
The Privacy Advantage 2016 - Wojciech Wiewiorowski
 
General data protection regulation - European union
General data protection regulation - European unionGeneral data protection regulation - European union
General data protection regulation - European union
 
General Data Protection Regulations (GDPR) Summary
General Data Protection Regulations (GDPR) Summary General Data Protection Regulations (GDPR) Summary
General Data Protection Regulations (GDPR) Summary
 
THE BRAZILIAN LAW ON PERSONAL DATA PROTECTION
THE BRAZILIAN LAW ON PERSONAL DATA PROTECTIONTHE BRAZILIAN LAW ON PERSONAL DATA PROTECTION
THE BRAZILIAN LAW ON PERSONAL DATA PROTECTION
 
AI&IP CEIPI Training, Module 9
AI&IP CEIPI Training, Module 9AI&IP CEIPI Training, Module 9
AI&IP CEIPI Training, Module 9
 
3.6 legislation and regulations
3.6 legislation and regulations3.6 legislation and regulations
3.6 legislation and regulations
 
Principles of mobile privacy
Principles of mobile privacyPrinciples of mobile privacy
Principles of mobile privacy
 
Data Protection Guide – What are your rights as a citizen?
Data Protection Guide – What are your rights as a citizen?Data Protection Guide – What are your rights as a citizen?
Data Protection Guide – What are your rights as a citizen?
 
Data protection in_india
Data protection in_indiaData protection in_india
Data protection in_india
 
Digital evidence
Digital evidenceDigital evidence
Digital evidence
 
Quick guide gdpr
Quick guide gdprQuick guide gdpr
Quick guide gdpr
 
An Indian Outline on Database Protection
An Indian Outline on Database ProtectionAn Indian Outline on Database Protection
An Indian Outline on Database Protection
 
Privacy by design for peerlyst meetup
Privacy by design for peerlyst meetupPrivacy by design for peerlyst meetup
Privacy by design for peerlyst meetup
 
Cyber security laws
Cyber security lawsCyber security laws
Cyber security laws
 
"Legal tips and compliance requirements" - Anastasia Botsi, ICT Legal
"Legal tips and compliance requirements" - Anastasia Botsi, ICT Legal"Legal tips and compliance requirements" - Anastasia Botsi, ICT Legal
"Legal tips and compliance requirements" - Anastasia Botsi, ICT Legal
 
Curia case c‑131-12 gonzalez versus google
Curia case c‑131-12 gonzalez versus googleCuria case c‑131-12 gonzalez versus google
Curia case c‑131-12 gonzalez versus google
 
EU General Data Protection Regulation (GDPR)
EU General Data Protection Regulation (GDPR)EU General Data Protection Regulation (GDPR)
EU General Data Protection Regulation (GDPR)
 
Data Security Law and Management.pdf
Data Security Law and Management.pdfData Security Law and Management.pdf
Data Security Law and Management.pdf
 
Startups - data protection
Startups - data protectionStartups - data protection
Startups - data protection
 

Plus de Andrea Maggipinto [+1k]

Cyber security ai tempi delle reti OT: dalla data protection alla data defence.
Cyber security ai tempi delle reti OT: dalla data protection alla data defence.Cyber security ai tempi delle reti OT: dalla data protection alla data defence.
Cyber security ai tempi delle reti OT: dalla data protection alla data defence.Andrea Maggipinto [+1k]
 
Tutela e sicurezza digitale delle aziende ai tempi del GDPR (avv. Maggipinto)
Tutela e sicurezza digitale delle aziende ai tempi del GDPR (avv. Maggipinto)Tutela e sicurezza digitale delle aziende ai tempi del GDPR (avv. Maggipinto)
Tutela e sicurezza digitale delle aziende ai tempi del GDPR (avv. Maggipinto)Andrea Maggipinto [+1k]
 
L'industria nell'occhio del ciclone (digitale), tra attacchi cyber ed esigenz...
L'industria nell'occhio del ciclone (digitale), tra attacchi cyber ed esigenz...L'industria nell'occhio del ciclone (digitale), tra attacchi cyber ed esigenz...
L'industria nell'occhio del ciclone (digitale), tra attacchi cyber ed esigenz...Andrea Maggipinto [+1k]
 
intervento CONFAPI 27.10.2016 - Avv.Maggipinto (estratto)
intervento CONFAPI 27.10.2016 - Avv.Maggipinto (estratto)intervento CONFAPI 27.10.2016 - Avv.Maggipinto (estratto)
intervento CONFAPI 27.10.2016 - Avv.Maggipinto (estratto)Andrea Maggipinto [+1k]
 
Proteggere il business nell'era digitale
Proteggere il business nell'era digitaleProteggere il business nell'era digitale
Proteggere il business nell'era digitaleAndrea Maggipinto [+1k]
 
Slide seminario avvocato Maggipinto (privacy by design) estratto 10.3.2016
Slide seminario avvocato Maggipinto (privacy by design) estratto 10.3.2016Slide seminario avvocato Maggipinto (privacy by design) estratto 10.3.2016
Slide seminario avvocato Maggipinto (privacy by design) estratto 10.3.2016Andrea Maggipinto [+1k]
 
Tecnologia e Diritto nella Sharing Economy (avv. Maggipinto)
Tecnologia e Diritto nella Sharing Economy (avv. Maggipinto)Tecnologia e Diritto nella Sharing Economy (avv. Maggipinto)
Tecnologia e Diritto nella Sharing Economy (avv. Maggipinto)Andrea Maggipinto [+1k]
 
Protezione asset aziendali (Avv. Maggipinto) (estratto prima parte)
Protezione asset aziendali (Avv. Maggipinto) (estratto prima parte)Protezione asset aziendali (Avv. Maggipinto) (estratto prima parte)
Protezione asset aziendali (Avv. Maggipinto) (estratto prima parte)Andrea Maggipinto [+1k]
 
Opere dell’architettura e progetti di ingegneria
Opere dell’architettura e progetti di ingegneriaOpere dell’architettura e progetti di ingegneria
Opere dell’architettura e progetti di ingegneriaAndrea Maggipinto [+1k]
 
Negoziare diritti e responsabilità nei contratti di sviluppo e fornitura di p...
Negoziare diritti e responsabilità nei contratti di sviluppo e fornitura di p...Negoziare diritti e responsabilità nei contratti di sviluppo e fornitura di p...
Negoziare diritti e responsabilità nei contratti di sviluppo e fornitura di p...Andrea Maggipinto [+1k]
 
Privacy e riservatezza nella consulenza tecnica (estratto)
Privacy e riservatezza nella consulenza tecnica (estratto)Privacy e riservatezza nella consulenza tecnica (estratto)
Privacy e riservatezza nella consulenza tecnica (estratto)Andrea Maggipinto [+1k]
 
L'innovazione nei territori. Tecnologie per il cambiamento.
L'innovazione nei territori. Tecnologie per il cambiamento.L'innovazione nei territori. Tecnologie per il cambiamento.
L'innovazione nei territori. Tecnologie per il cambiamento.Andrea Maggipinto [+1k]
 
Privacy e volontariato: confini normativi e opportunità
Privacy e volontariato: confini normativi e opportunitàPrivacy e volontariato: confini normativi e opportunità
Privacy e volontariato: confini normativi e opportunitàAndrea Maggipinto [+1k]
 
CSIG protezione delle informazioni aziendali [I parte]
CSIG protezione delle informazioni aziendali [I parte]CSIG protezione delle informazioni aziendali [I parte]
CSIG protezione delle informazioni aziendali [I parte]Andrea Maggipinto [+1k]
 
La responsabilità delle imprese e degli enti per violazione della privacy e d...
La responsabilità delle imprese e degli enti per violazione della privacy e d...La responsabilità delle imprese e degli enti per violazione della privacy e d...
La responsabilità delle imprese e degli enti per violazione della privacy e d...Andrea Maggipinto [+1k]
 
Privacy by design: le nuove norme europee che rivoluzioneranno (anche in Ital...
Privacy by design: le nuove norme europee che rivoluzioneranno (anche in Ital...Privacy by design: le nuove norme europee che rivoluzioneranno (anche in Ital...
Privacy by design: le nuove norme europee che rivoluzioneranno (anche in Ital...Andrea Maggipinto [+1k]
 

Plus de Andrea Maggipinto [+1k] (19)

Cyber security ai tempi delle reti OT: dalla data protection alla data defence.
Cyber security ai tempi delle reti OT: dalla data protection alla data defence.Cyber security ai tempi delle reti OT: dalla data protection alla data defence.
Cyber security ai tempi delle reti OT: dalla data protection alla data defence.
 
GDPR: scenari attuali e futuribili
GDPR: scenari attuali e futuribiliGDPR: scenari attuali e futuribili
GDPR: scenari attuali e futuribili
 
Tutela e sicurezza digitale delle aziende ai tempi del GDPR (avv. Maggipinto)
Tutela e sicurezza digitale delle aziende ai tempi del GDPR (avv. Maggipinto)Tutela e sicurezza digitale delle aziende ai tempi del GDPR (avv. Maggipinto)
Tutela e sicurezza digitale delle aziende ai tempi del GDPR (avv. Maggipinto)
 
L'industria nell'occhio del ciclone (digitale), tra attacchi cyber ed esigenz...
L'industria nell'occhio del ciclone (digitale), tra attacchi cyber ed esigenz...L'industria nell'occhio del ciclone (digitale), tra attacchi cyber ed esigenz...
L'industria nell'occhio del ciclone (digitale), tra attacchi cyber ed esigenz...
 
intervento CONFAPI 27.10.2016 - Avv.Maggipinto (estratto)
intervento CONFAPI 27.10.2016 - Avv.Maggipinto (estratto)intervento CONFAPI 27.10.2016 - Avv.Maggipinto (estratto)
intervento CONFAPI 27.10.2016 - Avv.Maggipinto (estratto)
 
Proteggere il business nell'era digitale
Proteggere il business nell'era digitaleProteggere il business nell'era digitale
Proteggere il business nell'era digitale
 
Slide seminario avvocato Maggipinto (privacy by design) estratto 10.3.2016
Slide seminario avvocato Maggipinto (privacy by design) estratto 10.3.2016Slide seminario avvocato Maggipinto (privacy by design) estratto 10.3.2016
Slide seminario avvocato Maggipinto (privacy by design) estratto 10.3.2016
 
Tecnologia e Diritto nella Sharing Economy (avv. Maggipinto)
Tecnologia e Diritto nella Sharing Economy (avv. Maggipinto)Tecnologia e Diritto nella Sharing Economy (avv. Maggipinto)
Tecnologia e Diritto nella Sharing Economy (avv. Maggipinto)
 
Protezione asset aziendali (Avv. Maggipinto) (estratto prima parte)
Protezione asset aziendali (Avv. Maggipinto) (estratto prima parte)Protezione asset aziendali (Avv. Maggipinto) (estratto prima parte)
Protezione asset aziendali (Avv. Maggipinto) (estratto prima parte)
 
Opere dell’architettura e progetti di ingegneria
Opere dell’architettura e progetti di ingegneriaOpere dell’architettura e progetti di ingegneria
Opere dell’architettura e progetti di ingegneria
 
Negoziare diritti e responsabilità nei contratti di sviluppo e fornitura di p...
Negoziare diritti e responsabilità nei contratti di sviluppo e fornitura di p...Negoziare diritti e responsabilità nei contratti di sviluppo e fornitura di p...
Negoziare diritti e responsabilità nei contratti di sviluppo e fornitura di p...
 
EU Trademarks (excerpt)
EU Trademarks (excerpt)EU Trademarks (excerpt)
EU Trademarks (excerpt)
 
Privacy e riservatezza nella consulenza tecnica (estratto)
Privacy e riservatezza nella consulenza tecnica (estratto)Privacy e riservatezza nella consulenza tecnica (estratto)
Privacy e riservatezza nella consulenza tecnica (estratto)
 
L'innovazione nei territori. Tecnologie per il cambiamento.
L'innovazione nei territori. Tecnologie per il cambiamento.L'innovazione nei territori. Tecnologie per il cambiamento.
L'innovazione nei territori. Tecnologie per il cambiamento.
 
Privacy e volontariato: confini normativi e opportunità
Privacy e volontariato: confini normativi e opportunitàPrivacy e volontariato: confini normativi e opportunità
Privacy e volontariato: confini normativi e opportunità
 
CSIG protezione delle informazioni aziendali [I parte]
CSIG protezione delle informazioni aziendali [I parte]CSIG protezione delle informazioni aziendali [I parte]
CSIG protezione delle informazioni aziendali [I parte]
 
CSIG commercio elettronico [I parte]
CSIG commercio elettronico [I parte]CSIG commercio elettronico [I parte]
CSIG commercio elettronico [I parte]
 
La responsabilità delle imprese e degli enti per violazione della privacy e d...
La responsabilità delle imprese e degli enti per violazione della privacy e d...La responsabilità delle imprese e degli enti per violazione della privacy e d...
La responsabilità delle imprese e degli enti per violazione della privacy e d...
 
Privacy by design: le nuove norme europee che rivoluzioneranno (anche in Ital...
Privacy by design: le nuove norme europee che rivoluzioneranno (anche in Ital...Privacy by design: le nuove norme europee che rivoluzioneranno (anche in Ital...
Privacy by design: le nuove norme europee che rivoluzioneranno (anche in Ital...
 

Dernier

Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis LeeAlexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis LeeBlayneRush1
 
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceLaw360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceMichael Cicero
 
Sports Writing for PISAYyyyyyyyyyyyyyy.pptx
Sports Writing for PISAYyyyyyyyyyyyyyy.pptxSports Writing for PISAYyyyyyyyyyyyyyy.pptx
Sports Writing for PISAYyyyyyyyyyyyyyy.pptxmarielouisetulaytay
 
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...Dr. Oliver Massmann
 
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书SD DS
 
John Hustaix - The Legal Profession: A History
John Hustaix - The Legal Profession: A HistoryJohn Hustaix - The Legal Profession: A History
John Hustaix - The Legal Profession: A HistoryJohn Hustaix
 
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书SD DS
 
Test Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxTest Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxsrikarna235
 
POLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptxPOLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptxAbhishekchatterjee248859
 
Special Accounting Areas - Hire purchase agreement
Special Accounting Areas - Hire purchase agreementSpecial Accounting Areas - Hire purchase agreement
Special Accounting Areas - Hire purchase agreementShubhiSharma858417
 
Succession (Articles 774-1116 Civil Code
Succession (Articles 774-1116 Civil CodeSuccession (Articles 774-1116 Civil Code
Succession (Articles 774-1116 Civil CodeMelvinPernez2
 
如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书
如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书
如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书srst S
 
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTS
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTSVIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTS
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTSDr. Oliver Massmann
 
The Prevention Of Corruption Act Presentation.pptx
The Prevention Of Corruption Act Presentation.pptxThe Prevention Of Corruption Act Presentation.pptx
The Prevention Of Corruption Act Presentation.pptxNeeteshKumar71
 
Comparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesComparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesritwikv20
 
Key Factors That Influence Property Tax Rates
Key Factors That Influence Property Tax RatesKey Factors That Influence Property Tax Rates
Key Factors That Influence Property Tax RatesHome Tax Saver
 
Trial Tilak t 1897,1909, and 1916 sedition
Trial Tilak t 1897,1909, and 1916 seditionTrial Tilak t 1897,1909, and 1916 sedition
Trial Tilak t 1897,1909, and 1916 seditionNilamPadekar1
 
Difference between LLP, Partnership, and Company
Difference between LLP, Partnership, and CompanyDifference between LLP, Partnership, and Company
Difference between LLP, Partnership, and Companyaneesashraf6
 
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一st Las
 

Dernier (20)

Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis LeeAlexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
 
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceLaw360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
 
young Call Girls in Pusa Road🔝 9953330565 🔝 escort Service
young Call Girls in Pusa Road🔝 9953330565 🔝 escort Serviceyoung Call Girls in Pusa Road🔝 9953330565 🔝 escort Service
young Call Girls in Pusa Road🔝 9953330565 🔝 escort Service
 
Sports Writing for PISAYyyyyyyyyyyyyyy.pptx
Sports Writing for PISAYyyyyyyyyyyyyyy.pptxSports Writing for PISAYyyyyyyyyyyyyyy.pptx
Sports Writing for PISAYyyyyyyyyyyyyyy.pptx
 
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...
 
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
 
John Hustaix - The Legal Profession: A History
John Hustaix - The Legal Profession: A HistoryJohn Hustaix - The Legal Profession: A History
John Hustaix - The Legal Profession: A History
 
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
 
Test Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxTest Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptx
 
POLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptxPOLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptx
 
Special Accounting Areas - Hire purchase agreement
Special Accounting Areas - Hire purchase agreementSpecial Accounting Areas - Hire purchase agreement
Special Accounting Areas - Hire purchase agreement
 
Succession (Articles 774-1116 Civil Code
Succession (Articles 774-1116 Civil CodeSuccession (Articles 774-1116 Civil Code
Succession (Articles 774-1116 Civil Code
 
如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书
如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书
如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书
 
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTS
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTSVIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTS
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTS
 
The Prevention Of Corruption Act Presentation.pptx
The Prevention Of Corruption Act Presentation.pptxThe Prevention Of Corruption Act Presentation.pptx
The Prevention Of Corruption Act Presentation.pptx
 
Comparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesComparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use cases
 
Key Factors That Influence Property Tax Rates
Key Factors That Influence Property Tax RatesKey Factors That Influence Property Tax Rates
Key Factors That Influence Property Tax Rates
 
Trial Tilak t 1897,1909, and 1916 sedition
Trial Tilak t 1897,1909, and 1916 seditionTrial Tilak t 1897,1909, and 1916 sedition
Trial Tilak t 1897,1909, and 1916 sedition
 
Difference between LLP, Partnership, and Company
Difference between LLP, Partnership, and CompanyDifference between LLP, Partnership, and Company
Difference between LLP, Partnership, and Company
 
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
 

Workplace Privacy (excerpt)

  • 1. Professional Training in Milan (Italy) 4 June 2014 Workplace Privacy (excerpt) Dr. Andrea Maggipinto, ICT Lawyer Bar Association of Milan
  • 2. Employer’s Control Avv. Andrea Maggipinto Employees are entitled to a reasonable protection of their privacy in personal and professional relationships alike (see Italian Constitution, and the Italian Data Protection Code: the so called “Privacy Code” - D.Lgs. 169/2003) ensuring that data subjects' rights, fundamental freedoms and dignity are protected also in the workplace limitations under local laws (Italy)
  • 3. Binding principles Avv. Andrea Maggipinto The processing must be compliant with data protection safeguards in pursuance of the following binding principles: (i) necessity: information systems and software must be configured by minimizing use of personal and/or identification data in view of the purposes to be achieved (article 3 of the Privacy Code); (ii) fairness: the fundamental features of the processing must be disclosed to employees (article 11 of the Privacy Code), so they can be aware and fully informed thereof; (iii) the processing must be carried out for specific, explicit and legitimate purposes in compliance with relevance and non-excessiveness principles (article 11 of the Privacy Code).
  • 4. Employer is required to Avv. Andrea Maggipinto always provide clear-cut, detailed information on the appropriate mechanisms of use applying to the equipment that is made available as well as on whether, to what extent, and how controls are carried out (it is appropriate to issue internal guidelines); always inform employees in advance and unambiguously about any processing operations that may concern them in connection with possible controls, according to article 13 of the Privacy Code (the so called “Information Notice”).
  • 5. Hardware and Software Avv. Andrea Maggipinto It is not permitted to process data by means of hardware and software systems that are intended to carry out distance controls (at times in a very detailed manner) in order to keep track of employees' activities.
  • 6. Compliance Employers may lawfully avail themselves of systems that allow distance controls to be carried out indirectly (so called “unintentional controls”) in compliance with article 4 of the Act no. 300/1970 (so called “Workers' Statute”). In fact, data protection Italian legislation must be applied jointly with sector-related rules concerning labor law (in particular, article 4 of the Workers' Statute regarding the so called “distance monitoring”). Avv. Andrea Maggipinto
  • 7. Distance monitoring The Italian Data Protection Authority established that equipment intended for distance monitoring is forbidden, for instance: the systematic scanning and recording of email messages and/or the respective external data apart from what is technically necessary to provide email services; the reproduction and systematic storage of the web pages visited by employees; keystroke pattern analysis and recording devices; the hidden monitoring/analysis of laptops entrusted to individual employees. Avv. Andrea Maggipinto
  • 8. Unintentional control The employer must respect his employees' dignity and freedom with particular regard to the prohibition against deploying "equipment for the purpose of controlling employees' activities from a distance" – which unquestionably includes hardware and software equipment intended to control the users of electronic communications systems. However, if potential criminal activities were detected through indirect and “unintentional controls”, this information could be used against the employee according to local laws. Avv. Andrea Maggipinto
  • 9. Lawfully Data Processing Employers may lawfully process personal, non-sensitive data if the following applies: (i) if the circumstances are such as to warrant the legitimate establishment of a judicial claim; (ii) if the data subject has given his/her free consent thereto in a valid manner; (iii) without the data subject's consent only in pursuance of a decision that establishes a legitimate interest in processing the data in question as per the legislation concerning the so-called balancing of interests (see article 24). Avv. Andrea Maggipinto
  • 10. Employees’ e-mail There are restrictions for the Company viewing and accessing of employee email. As regards the use of emails in the employment context and by having regard to the outward appearance of email addresses in the individual cases, in the absence of specific policies, the employee may legitimately expect certain types of communication to be kept confidential. So it is strongly recommended to establish company policy and procedure to control employee emails. Avv. Andrea Maggipinto
  • 11. Dr. Andrea Maggipinto, ICT Lawyer andrea.maggipinto@gmail.com W W W . M A G G I P I N T O . O R G Via Caradosso n. 7 20123 Milan (Italy) T: +39 02 48102313 F: +39 02 48102321 it.linkedin.com/in/ andreamaggipinto @amaggipinto