Data retention and online privacy: towards regulation compliant with EU law?

Abstract

Law Decree n.132/2021, then converted into law with amendments, draws a line under the criticised discipline on the "Retention of traffic data for other purposes" in order to comply with European law on the protection of personal data, as well as with the CJEU’s rulings on this matter. The new law has regulated the procedural aspects, providing for additional conditions for the acquisition of mobile and computer data traffic. With the present contribution we will discuss the considerable goals already achieved by the lawmaker, as well as those that, loudly, still require to be achieved. The discussion will take place with an eye toward the fair balance of rights and interests at stake, through a reinterpretation of the means of collecting the evidence in question, in the light of the new physiognomy it has assumed in the era of digitalization.