by Rocco Panetta
On 8 October 2021, some major novelties were proposed to the Italian legal system by means of Law Decree no. 139/2021 (‘the Decree’) which addresses access to cultural, sporting, and recreational activities in light of COVID-19 restrictions. Notwithstanding the aforementioned focus of the Decree, it also seeks to simplify the provisions governing the processing of personal data by public authorities, in light of COVID-19 given the ‘extraordinary urgency and necessity’ of the matter. Rocco Panetta, Managing Partner at PANETTA Law Firm discusses the impact of the Decree in this article.
The Decree provides that it enters into force the day after its adoption, however the Italian Parliament has 60 days to officially adopt it through a legislative act. Only then will the Decree produce its effects in the Italian legal system. In the absence of such a legislative act, the Decree will cease to have any effect, in other words, it would be as if it had never existed. Rocco Panetta, founder and managing partner of PANETTA Law Firm, discusses the Decree and changes to the Italian privacy framework in this article.
Considering the tight timeframe, Italian MPs are currently discussing the details of the Decree and interviewing experts in various fields, including data protection consultants and lawyers, to better understand the scope, and the potential consequences deriving from the adoption of the Decree in its current form.
Law no. 205/2021 (the ‘Law’), published in the Italian Official Journal on 7 December 2021, has been adopted by the Parliament, introducing further amendments to the initial version of the Decree. Evaluating the impact of such novelties is not an easy task, as the outcomes of the legislative process have been quite surprising.
The Decree has included some potentially impactful novelties regarding the Italian data protection framework. Specifically, through the introduction of Article 2-ter, paragraph 1-bis, to the Legislative Decree no. 196/2003 (‘the Privacy Code’), as already amended by Legislative Decree no. 101/2018, which is the national law which adapted the Italian legal system to comply with the General Data Protection Regulation (Regulation (EU) 2016/679) (‘GDPR’).