The idea of the right to privacy was born in Boston at the end of the 19th century, when two young lawyers published an essay entitled "The Right to Privacy" contained in the Harvard Law Review. Samuel D. Warren and Louis D. Brandeis conceived "the right to be let alone", a modern formula of the "jus solitudes", i.e. the right to be left alone, to enjoy one's life in peace. They distinguished, for the first time, the right to privacy from the right to private property, invoking the protection of personal feelings, emotions and thoughts, coming to recognize the juridical value of human sensitivity. Their reflections were inspired by the diffusion of the daily press and photojournalism, which were beginning to publish curiosities, indiscretions and mundane accounts of the lives of others. The two barely thirty-year-old lawyers, with extreme foresight, introduced the new object of a legal discipline, invested in our days with irrepressible attention.

The Italian scenario
In Italy, the first success in achieving legislation on privacy and personal data protection came with Law 675/1996, implementing Directive 95/46/EC of the European Parliament. In 2003, this law was repealed by Legislative Decree 196/2003, also known as the "Consolidated Privacy Act", which remained in force until the advent of the well-known GDPR. The GDPR 679/2016 (General Data Protection Regulation) is a Regulation of the European Parliament and of the Council which entered into force in May 2016, relating to the protection of natural persons with regard to the processing of personal data and their circulation. The GDPR was implemented in Italy with Decree 101/2018, which harmonized the previous decree 196/2033. Article 5 of the GDPR outlines the 6 principles that organizations must respect when they collect, process and store the personal data of residents of the European Union: 1) lawfulness, correctness and transparency; 2) purpose limitation; 3) data minimization; 4) accuracy; 5) limitation of storage; 6) integrity and confidentiality.

Privacy protection
To comply with the legislation, first of all, it is necessary to make the privacy policy available to the public, i.e. a document that explains in a clear, concise but complete way the purposes of data collection and how the company intends to use them. The GDPR represents an important milestone towards the protection of personal privacy and dignity, especially in the current context, characterized by the widespread diffusion of the Internet and the development of technologies and digital markets. In the latter, specifically, data relating to customers cannot be collected and processed without explicit consent, and the right of the interested parties to request cancellation or rectification is valid at any time.

Specialized figure

Privacy and the processing of personal data pertain to difficult and thorny legal arguments, so it is a duty for each organization to rely on a specialized figure, who intervenes to ensure complete compliance with current legislation on the matter. Likewise, as users, it is a good habit to make sure that the subjects to whom the data are transferred keep and manage them according to the correct procedures.

Frances Muscas

© Riproduzione riservata