Italian data protection authority introduces new privacy rules on biometric data
Italian data protection authority, the Garante, recently issued a new set of privacy rules designed for facilitating the processing of biometric data, according to a report by Gaming Tech Law.
With the Internet of Things technologies and specifically biometric wearables significantly relying on the processing of biometric data, the Garante has introduced the new rules to aid companies in developing these technologies.
First, the provision to the data subject of a privacy information notice must now list key information, including all the information prescribed by Italian law, whether there are alternative technologies available to collecting biometric data, and specific instructions on how to use the device, along with any signs or warnings where biometric data is being collected to access specific areas.
The data protection authority (DPA) must be notified prior to the data processing with the exception of cases where the processing is being performed by medical practitioners.
There must be strict security measures in place for deleting the raw data collected during the biometric capture, using encryption technologies for their storage and transfer and using mobile device auditing technologies.
Data can be stored for no longer than the required term which varies based on the type of processed biometric data.
In the event of a data breach, the DPA must be notified via email within 24 hours of its occurrence.
The DPA must approve in advance the detailed application measures to be implemented in the data processing.
Prior consent from the individuals must also be given, except in specific scenarios where the Italian DPA has identified the processing of biometric data to face a lower risk and therefore does not require prior consent.
These cases include the biometric fingerprint or issue voice of a person to access databases and information systems, accessing sensitive areas or using dangerous machines where the data processing can also likely occur without the individual’s consent, confirming the content of electronic documents through advanced electronic signature, and scanning fingerprints and the topography of the palm of the hand to gain access to either public or private areas.
Article Topics
biometrics | IoT | Italy | privacy
Comments
27 Replies to “Italian data protection authority introduces new privacy rules on biometric data”
Leave a Reply
This site uses Akismet to reduce spam. Learn how your comment data is processed.
Italian data protection authority introduces new privacy rules on #biometric data: http://t.co/azvjauEZcR
Italian data protection authority introduces new privacy rules on biometric data: Italian… http://t.co/PybfgyK6SH via @BiometricUpdate
RT @BiometricUpdate: Italian data protection authority introduces new privacy rules on #biometric data: http://t.co/sRNA3tYZcM
Italian data protection authority introduces new #privacy rules on biometric data http://t.co/3dEPJG1tls #wearabletech #dataprotection
RT @CarloPiltz: Italian data protection authority introduces new #privacy rules on biometric data http://t.co/3dEPJG1tls #wearabletech #dat…
RT @BiometricUpdate: Italian data protection authority introduces new privacy rules on #biometric data: http://t.co/azvjauEZcR
New privacy rules on #biometric data? http://t.co/eCnYDG3ojL via @BiometricUpdate
New privacy rules on #biometric data? http://t.co/cXvzAYp39b via @BiometricUpdate via @m2sys
RT @CarloPiltz: Italian data protection authority introduces new #privacy rules on biometric data http://t.co/3dEPJG1tls #wearabletech #dat…
netizenrights: RT CarloPiltz: Italian data protection authority introduces new #privacy rules on biometric data http://t.co/BpixVA86Sf …
RT @CarloPiltz: Italian data protection authority introduces new #privacy rules on biometric data http://t.co/3dEPJG1tls #wearabletech #dat…
panchovera: RT CarloPiltz: Italian data protection authority introduces new #privacy rules on biometric data http://t.co/BpixVA86Sf #we…
RT @CarloPiltz: Italian data protection authority introduces new #privacy rules on biometric data http://t.co/3dEPJG1tls #wearabletech #dat…
“@m2shaon: New #privacy rules on #biometric data? http://t.co/4CcnB0eJHI via @BiometricUpdate via @m2sys” #italia
Italian DPA introduces new #privacy rules on biometric data http://t.co/CrVs0JTLCd #biometrics #DataProtection
Italian data protection authority introduces new #privacy rules on biometric data http://t.co/oRpA0kppp2 #biometrics
RT @MarieAndreeW: Italian data protection authority introduces new #privacy rules on biometric data http://t.co/oRpA0kppp2 #biometrics
Italian data protection authority introduces new privacy rules on biometric data:
http://t.co/ZtON6XNpD2
#Italia New privacy rules on biometric data? | BiometricUpdate http://t.co/QcFiEi8GOp #biometrics
RT @PrivacyPeru: #Italia New privacy rules on biometric data? | BiometricUpdate http://t.co/QcFiEi8GOp #biometrics
New privacy rules on biometric data? http://t.co/CSQvryoHpQ via @netizenrights
RT @Copywrong_: New privacy rules on biometric data? http://t.co/CSQvryoHpQ via @netizenrights
RT @PIAwatch: “@m2shaon: New #privacy rules on #biometric data? http://t.co/4CcnB0eJHI via @BiometricUpdate via @m2sys” #italia
RT @MarieAndreeW: Italian data protection authority introduces new #privacy rules on biometric data http://t.co/oRpA0kppp2 #biometrics
RT @MarieAndreeW: Italian data protection authority introduces new #privacy rules on biometric data http://t.co/oRpA0kppp2 #biometrics
Smoothing the way to introduce biometrics capabilities in our day life.
http://t.co/sQWIwOx7vI
#Italian #data protection authority introduces new #privacy #rules on #biometrics data: http://t.co/MStp1OfPRv via @biometricupdate