With lawyer Fulvio Sarzana di Sant'Ippolito, legal consultant for Assoprovider, we explore the major topic of obligations for providers on Privacy, Child Pornography and Parental Control, Data Retention, Copyright.

Italian regulations, often driven by seemingly commendable intentions, nevertheless appear to aim at burdening Providers with obligations that are difficult for small entities to manage, such as acting as "controllers" of online content, which may violate gaming regulations or copyright laws.

Actually, providers should not and cannot bear all these obligationsbecause they are activities that only increase costs at their own expense. It is a matter of fighting the Digital Divide: if the providers can no longer carry out their activities, because overwhelmed by tasks, they will end up not being able to bring connectivity to all those areas where the major operators are not interested in working.

This emerges from the reflections of the vice presidents of Assoprovider, Antonella Oliviero and Marcello Cama, with lawyer Fulvio Sarzana in the webinar:

"Electronic communication operators and the obligations set forth by law. How to respond to requests from Authorities (AGCOM, AGCM, Privacy Guarantor, and CNCPO) and the Judiciary."

Objective of the online meeting: guide operators towards the correct responses to provide to the Authorities through the analysis of regulations and practical cases.

The webinar was divided into two sections: the first reserved for Assoprovider members only, the second open to everyone, and which can also be reviewed on YouTube on the official Assoprovider channel:

Here is a summary of the topics covered in the last part of the webinar.

Consumer protection 

Among the entities that regulate the presence of content violating consumer rights, lawyer Sarzana mentions the AGCM, which can order, even as a precautionary measure, connectivity service providers to remove or inhibit the use of the networks they manage. 

Non-compliance may lead to the imposition of fines up to 5 million euros.

There is also the CNCPO (Centro nazionale per il contrasto alla pedopornografia online) at the Ministry of the Interior, which collects reports, monitors the Internet, and, through the creation of Blacklists, activates functions suitable for filtering websites.

The entity establishes the technical requirements for filtering tools that connectivity providers must use and has established an access system through links that requires providers to request certification to access it.

"The solution of automated systems that scan specific lists with sites to block can be an advantage for providers, but at the same time it represents a risk: in other countries where these systems have been implemented, they have led to the shutdown of YouTube and Twitter. It was clearly a mistake, which is why we need to be cautious with these types of tools," explains the lawyer.

In any case, it is necessary for these systems to be efficient and updated, yet the rules seem outdated, which constitutes an additional limitation for small providers.

Data Retention

Among the most important regulations in terms of Data Retention for providers, the lawyer mentions law 167 of 2017, which introduced the obligation to retain telematic traffic data for six years, borne by the providers. 

"A provision that the Court of Justice has censured, but which nevertheless remains in force. This makes us understand that the Italian authorities perceive the provider only as an entity obliged to perform certain activities on behalf of the State, all at its own expense," explains Sarzana.

Operators must then pay attention to requests received, for example, from Law Enforcement, which may request the list of logs for an ongoing investigation.

While maintaining the necessary collaboration with the institutions, it must be said that the requests are subject to precise rules: "the European and Italian regulations on data retention stipulate that for the acquisition of log files and traffic data, a provision from the GIP (Judge for Preliminary Investigations) is required," concludes the lawyer.

Parental Control

With questions from the participants, the discussion then moves to one of the hot topics in the telecommunications world, which is the AGCOM directive on Parental Control, a tool to be activated for consumer lines by October. 

"The technical aspects have not yet been defined," explains Sarzana. "And therefore, it is necessary to understand if and when sanctions will be imposed for the failure to adopt technical filters for parental control. The obligation already exists and the regulations are already in force, but it is necessary to understand technically how it is applied and how the Authority will sanction."

To the question of whether the lists to be inhibited will be made available by AGCOM and thus centralized, the lawyer responded:

"The hope is that if there will be, there will be only one authority and only one list – even if as Assoprovider we are not entirely in agreement with this solution – that controls the system, if and when the regulation is adopted from a technical perspective, to simplify activities for providers." 

Don't miss the APEventiWeb

To stay updated on technological innovations and industry regulations, Assoprovider periodically organizes online events reserved for duly registered members, through the platform www.apeventiweb.it

Assoprovider members receive numerous other benefits, such as registration to two legal lists, a list dedicated to facilitated finance, and a technical list, where they can request opinions and information from industry experts.

Become a member: for registrations visit assoprovider.it