IoT & Privacy Sweep 2016: The Italian Data Protection authority focuses on Smart Homes

By Debora Stella, Francesca Mauro


The Italian Data Protection Authority (the “Garante”) started yesterday, along with other 28 Data Protection Authorities around the world, a "sweep investigation" on the data protection compliance in the context of the Internet of Things ("IoT").

This action of the Italian Data Protection Authority is part of the "Privacy Sweep 2016", the initiative promoted by the Global Privacy Enforcement Network ("GPEN"), the international network established to strengthen cooperation between the Data Protection Authorities of other countries around the world.

The Privacy Sweep 2016 will look at the data protection documentation and practices related to Internet connected devices, but each data protection Authority has the power to choose a different category of products: the Garante has declared it wants to focus its investigation on the world of the Smart Home devices (e.g. smart-fridges that inform you your milk is past its use-by date, smart metering etc.).

The results will be made public on the next September, but, in the meantime, the Data Protection Authorities will also assess whether there are any grounds to take legal action against the infringers.