The Council of Ministers met on Wednesday, August 8th 2018, at 8:30 p.m. at Palazzo Chigi, under the chairmanship of Prime Minister Mr Giuseppe Conte, in order to approve seven legislative decrees adapting the internal system to European legislation, including the adaptation of national legislation to the provisions of Regulation (EU) 2016/679 (hereinafter also GDPR) repealing Directive 95/46/EC (General Regulation on Data Protection).
The Council of Ministers decision
In press release No 14, point 2, the Council of Ministers announced that after consideration by a committee set up for this purpose, and with a view to simplifying the application of the rule, it was decided to:
- revise the existing privacy code, despite the fact that the GDPR has in fact changed the code approach to the protection of privacy by introducing the principle of accountability;
- guarantee continuity for a transitional period without prejudice to the provisions of the Supervisory Authority and the authorizations, which will be subject to subsequent review, as well as the Codes of Ethics currently in force. They remain in their current form in matters falling within the competence of the Member States, while they can be summarised and amended on the initiative of the categories concerned, in the form of sector codes;
- given the need for simplification of micro, small and medium-sized enterprises, the Supervisory Authority is required to promote simplified ways of fulfilling the obligations of the Data Controller.
In light of the Council of Ministers decisions, the Privacy Code will remain in force with some revisions and additions; also the Measures, authorizations and Codes of conduct will continue to be applied until their revision.
New features introduced
The final text is not yet public, however, the draft that was presented included some innovations to be introduced, the most important of which are listed below:
- upon recommendation by the Ministry of Health, the Supervisory authority should adopt special measures for special data, especially with reference to those relating to the health status;
- although sanctions were not provided for by the European Regulation, it would seem that the Italian text shall include a strengthening and expansion of the same;
- the text should introduce the theme of “large-scale data processing” as a characteristic element of the offences provided for by the new Articles 167 bis and 167 ter: “Illegal disclosure and dissemination of personal data relating to a significant number of persons” and “Fraudulent acquisition of personal data”;
- limitations will be placed on the processing of data in the event of whistleblowing.
Labor Project will keep you apprised of any developments and provide links to the approved final text as soon as it is made public.
Source: Governo.it e LaRepubblica.it