Privacy

In its European Strategy for Data, the Commission presents its ideas on how the EU can create a «single European data space». The plan is to make the EU a leader in a data-driven society. By creating a single market for data, it will allow it to flow freely within the EU and across sectors for the benefit of businesses, researchers, and public administrations. One central factor in the European data space is putting in place clear and trustworthy data governance mechanisms. Focusing on publicly held data, the administrative structures in the Open Data Directive, the Data Governance Act (DGA), and the first sectoral data space proposed, the European Health Data Space (EHDS), are analyzed. The question posed in the article is whether the administrative structure that has been developed in the EU for the last decades, the European composite administration, is well placed to fulfil the ideal of clear and trustworthy data governance.

Despite the difficulties and the long implementation timeframe, the systematic introduction of algorithms and Artificial Intelligence in administrative activity represents the future of Public Administration. Thus, it is necessary to ask what the normative perspectives of this phenomenon will be, rethinking some categories of classical constitutionalism. The aim of this paper is to offer a more flexible and effective response to the challenges that the new means of exercising power pose to contemporary society. Therefore, the focus of analysis is on the possible effects on the activities of Public Administration of the European Union's new regulatory proposals on digital and technological regulation, with a specific focus on the proposal for an Artificial Intelligence Regulation. Although the proposal does not dictate particular rules for public administration, it will affect the public sphere, deserving special attention both for its consequences at the practical level and for its impact at the theoretical level.

The Council of state refused the appeal against the judgement of the T.A.R. Lazio, which denied a protective order for suspension of the mandatory use of so-called Green Pass, in order to exercise certain activities as introduced by the Decree of the President of the Council of Ministers of 17th June 2021. The decision stresses the importance of the vaccination as one of the UE measures for citizens’ health protection, as well as the evaluation of a real or a merely potential risk of security in processing of sensitive data, or in ensuring right to privacy and non-discrimination.

The French Council of State rules that the existing threat to national security currently justifies the generalized retention of data. It affirms also that the possibility of accessing connection data in order to fight serious crime allows, at the present time, the constitutional requirements of preventing breaches of law and order, and the tracking down of authors of criminal offences to be ensured. However, after examining the conformity with EU law of French rules on the retention of connection data, and verifying that the implementation of EU law (as interpreted by the European Court of Justice) does not jeopardize the requirements of the French Constitution, the French Council of State orders the Government to reassess regularly the threat that exists in France so as to justify the generalized retention of data, and to submit the use of these same data by the intelligence services to clearance provided by an independent authority.

In light of the numerous restrictive measures adopted in Italy, as in many other countries, to contain the SARS-CoV-2 epidemic, the authors examine the terms with which the use of the “App Immuni” could be qualified as a legitimate condition for carrying out activities at risk of infection. Digital contact tracing could give greater effectiveness to the measures taken to contain the epidemic and, therefore, lead to a better calibration of the limitations to personal freedoms. In this perspective, the authors’ attention is focused on analyzing the functioning of the app Immuni, especially in view of protecting personal data and in light of the analysis of the relevant European standards, also analyzed through the prism of the principle of proportionality.

Since 2009, Italian local authorities – and, more broadly, Italian public administrations – have faced a progressive increase of transparency obligations with regard to the publication of administrative documents on institutional websites as well as concerning their internal organization and activities. Prompted by an Italian privacy authority’s sanction based on the illicit online treatment of personal information, this paper analyses the correlation between the quantity of these obligations as well as the correct compliance thereof, and employees’ level of ICT training. The percentage and the characteristics of the employees that have acquired an adequate ICT training – with a particular reference to their age – represent a clear provisional indicator of their capability of complying with the obligations of publication and transparency without violating the privacy rights of the documents’ subjects and whose information is being published online.

On 8 April 2020, the EU Commission published a Recommendation on the principles to be followed in drawing up the guidelines to be used in the development of the new digital technologies that are emerging in the different Member States to counter the Covid-19 emergency ("toolbox").