No to the newsletter sent without consent by the offer aggregator site

On the same day, the Court of Cassation confirmed the sanctions imposed by the Privacy Guarantor for unlawful data processing on an offer aggregator site and a colossus such as Telecom, punished with a much heavier fine of 800 thousand euro.

In the first case, a platform that collects and displays a wide range of offers, discounts, and promotions from different sources (e.g. online shops or other e-commerce platforms) violated the Privacy Code. Aninternet company, sanctioned with 10,000 euro, ended up in the crosshairs, first of the Authority and then of the judges, for having unlawfully subscribed registered users to a newsletter, who became recipients of various information without their consent.

A green light is necessary in this case, which is not needed instead - explains the Supreme Court - for online shops. E-shops are, in fact, regarded as an electronic commerce system for which the data subject's consent is not mandatory if the data controller, for the purposes of the direct sale of its own products or services, uses the email address provided by the recipient in the context of the sale, provided that the services in question are similar to those being sold, and the data subject, adequately informed, does not refuse such use, either initially or on the occasion of subsequent communications. Otherwise, the consent must be requested, in the event that the user has only registered on the website, concluded a trial contract or, in any event, a free-of-charge contract with the data controller.

Telecom's situation was different, in which one subscriber was the holder of no less than 826 telephones, while another 644 customers together totalled over 7,000 lines in their name. A software anomaly that cost the telecommunications giant the maxi fine of 800,000 euro imposed by the Privacy Guarantor - for lack of legal basis for data processing and unlawful communication to third parties - and confirmed by the Court of Cassation.

The unlawful disclosure of customer data had been made to debt collection companies for the non-payment of invoices in the wrong name, wrongly entering the tax code of the persons concerned in the invoices issued to the real holders of the telephone lines. The inspection, which had been initiated following a report by a user, had ascertained that the complainant had been unjustifiably assigned 826 residential telephone lines over time. This circumstance was also admitted by Telecom, which hypothesised that the cause of the problem could be traced back to a software anomaly during the migration of customer data from the old to the new management system. An arbitrary allocation of telephone lines that had involved numerous, completely unsuspecting users over a period of time from 2003 to 2015. According to the sample check imposed on Telecom, 644 users had been found to be the holders of more than 7,000 telephone lines.