GARANTE

Garante Privacy Orders Amazon to Stop Worker Surveillance

The Italian Data Protection Authority (Garante privacy) has ordered Amazon Italia Logistica to immediately stop its worker surveillance system. The authority found that Amazon collected sensitive information on employees, including health conditions, union activities, and personal/family life, violating data protection regulations.

Italian Privacy Authority Fines Intesa Sanpaolo €17.6 Million

The Italian Privacy Authority has fined Intesa Sanpaolo €17.6 million for unlawfully processing the data of approximately 2.4 million customers. The fine stems from the transfer of customer data to its wholly-owned subsidiary, Isybank, as part of a corporate operation.

Garante Privacy Fines Acea Energia €2 Million for Unauthorized Contracts

The Italian Garante privacy has fined Acea Energia spa €2 million for significant violations of personal data protection laws. The company was found to have used inaccurate customer data to activate over 1,200 unsolicited energy contracts through door-to-door agents.

Italian DPA Newsletter: Aldilapp Fine, Camera Rules, Delegation Platform, AI Concerns

The Italian Data Protection Authority (Garante) issued a newsletter on March 9, 2026, detailing several key actions. It includes a fine against Aldilapp for digital cemetery services, new rules for non-compliant cameras, approval for a delegation management platform, and global data protection authorities' concerns about AI-generated intimate content.

Garante Monitors 'Family in Woods' Case, Recalls Child Protection

The Italian Data Protection Authority (Garante) is monitoring the "family in woods" case and has issued a press release reminding media outlets of their obligations regarding child protection and data privacy. The Garante urges caution in disseminating information that could identify minors.

Garante Privacy Sanctions Aldilapp, Halts Non-Compliant Cameras

The Italian Garante Privacy has sanctioned Aldilapp and its distributors for non-compliant digital cemetery services, halting the use of non-compliant cameras. The authority also approved a delegation management platform and expressed global concerns regarding AI-generated intimate content.

Garante Privacy Sanctions eCampus, Rejects Pescara Body Cams

The Italian Data Protection Authority (Garante Privacy) has sanctioned the University eCampus with a €50,000 fine for unlawfully processing biometric data using facial recognition for online course attendance verification. Additionally, the Garante has prohibited the municipality of Pescara from using body cameras for local police due to risks of data transfer to non-EU countries.

Garante Privacy Fines Nursery, Approves IT-Wallet, CEREBRO, AI in Schools

The Italian Garante Privacy has fined a nursery school €10,000 for privacy violations related to children's photos and video surveillance. The authority also approved the experimentation of IT-Wallet, the use of CEREBRO for asset investigations, and issued guidelines for AI in schools.

GDPR Fines and Guidance on AI, Healthcare, and Public Transparency

The Italian Data Protection Authority (Garante privacy) issued a newsletter detailing several enforcement actions and guidance. Fines were issued to a bank (€100,000) and a municipality for transparency violations, and a hospital (€80,000) for improper access to patient health records. Global data protection authorities also affirmed that data protection fully applies to AI.

Hospital Fined €70k for Data Breach; FAQs on Public Tender Data Published

The Italian Data Protection Authority (Garante privacy) has fined a company managing a hospital €70,000 for the unauthorized disposal of a patient's tissue sample and failure to notify a data breach. The newsletter also announced new FAQs on data processing and transparency in public tenders.