Select your nation of interest

Home

Some companies that have chosen us

Privacy Officer and Privacy Consultant
CDP Scheme according to ISO/IEC 17024:2012
European Privacy Auditor
ISDP©10003 Certification Scheme according to ISO/IEC 17065:2012
Auditor
According to standard UNI 11697:2017
Lead Auditor ISO/IEC 27001:2022
According to standard ISO/IEC 17024:2012
Data Protection Officer
According to standard ISO/IEC 17024:2012
Anti-Bribery Lead Auditor Expert
According to standard ISO/IEC 17024:2012
ICT Security Manager
According to standard UNI 11506:2017
IT Service Management (ITSM)
According to the ITIL Foundation
Ethical Hacker (CEH)
According to the EC-Council
Network Defender (CND)
According to the EC-Council
Computer Hacking Forensics Investigator (CHFI)
According to the EC-Council
Penetration Testing Professional (CPENT)
According to the EC-Council

Professional qualifications

Stay up-to-date with world news!

Select your topics of interest:

News

Home / News
/
ITALIAN SUPERVISORY AUTHORITY: PA Competitions, from the Privacy Guarantor 50 thousand euro fine to INPS – Personal data of over 5 thousand participants released

ITALIAN SUPERVISORY AUTHORITY: PA Competitions, from the Privacy Guarantor 50 thousand euro fine to INPS – Personal data of over 5 thousand participants released

The Privacy Guarantor fines INPS with 50 thousand euros for having published on its website the personal data of thousands of participants in a competition announced by the Institute. Among the data subject to the violation, in addition to the indication of the name and surname of the candidates and the date of birth, the score resulting from the average of the votes obtained in the written and oral tests, the score of the qualifications, the indication of admission with reservation including the reasons relating to health, of over 5 thousand interested parties between winners and eligible.

The investigation originated from the checks carried out during an initial proceeding that the Guarantor had concluded by imposing a fine of 20 thousand euros on the Institute for having disseminated the intermediate documents of the same competition, which then also ended up on social media by third parties.

Further investigations by the Authority highlighted that even the final rankings published online contained numerous detailed information relating to the personal and family affairs of the participants, exposing people to possible reputational damage. In fact, some names were associated with references to pending trials, which, although related to the dispute with the administration, generated the misunderstanding of the existence of criminal records.

As repeatedly highlighted by the Guarantor, the publication of the rankings must take place in compliance with the applicable industry regulations with regard only to the data of the winners necessary to ensure publicity and transparency. Online publication, unlike traditional forms of advertising, allows anyone, through the effect of common search engines external to the sites, to find a consistent set of personal information made available online, not always updated and of a different nature. Once published and indexed, the data in fact risk remaining online for an indefinite period and can also be used for other purposes.

https://www.garanteprivacy.it/home/docweb/-/docweb-display/docweb/10076607

Redazione
3 December 2024

Recommended to you

ROMANIAN SUPERVISORY AUTHORITY: Sanction for violation of the GDPR

6 March, 2025

LATVIAN SUPERVISORY AUTHORITY: A list of processing operations that are not required to be...

6 March, 2025

ICELANDIC SUPERVISORY AUTHORITY: Arion Bank hf.’s processing of personal data for marketing purposes and...

6 March, 2025

GERMAN SUPERVISORY AUTHORITY: BfDI participates in Europe-wide review of the right to erasure

5 March, 2025

DANISH SUPERVISORY AUTHORITY: EDPB launches coordinated action on the right to erasure

5 March, 2025

Vulnerability in Apache Tomcat (AL04/241217/CSIRT-ITA)

4 March, 2025

ROMANIAN SUPERVISORY AUTHORITY: Sanction for violation of the GDPR

4 March, 2025

CISCO Product Updates (AL01/230112/CSIRT-ITA)

4 March, 2025

Android Security Updates (AL02/250304/CSIRT-ITA)

4 March, 2025

Vulnerability in Progress WhatsUp Gold (AL02/240627/CSIRT-ITA) – Update (AL02/240627/CSIRT-ITA)

4 March, 2025

ManageEngine: vulnerability fixed (AL01/250304/CSIRT-ITA)

4 March, 2025

Mautic: Public PoC for CVE-2024-47051 Exploitation (AL02/250303/CSIRT-ITA)

3 March, 2025

CANADIAN SUPERVISORY AUTHORITY: seeks Federal Court order requiring Pornhub operator to comply with Canadian...

3 March, 2025

Security Updates for Synology Products (AL01/250303/CSIRT-ITA)

3 March, 2025

7-Zip vulnerability fixed (AL02/250122/CSIRT-ITA)

28 February, 2025

Vulnerability in PostgreSQL (AL01/250214/CSIRT-ITA)

28 February, 2025

ITALIAN SUPERVISORY AUTHORITY: Fetus Cemetery: Sanctioned the Municipality of Brescia

28 February, 2025

 ITALIAN SUPERVISORY AUTHORITY: a credit rehabilitation company fined for 70 thousand euros

28 February, 2025

ITALIAN SUPERVISORY AUTHORITY: Fetus Cemetery: Sanctioned the Municipality of Brescia

28 February, 2025

ITALIAN SUPERVISORY AUTHORITY: ok to telemedicine with more guarantees for personal data

28 February, 2025

Advanced Research