Italian Data Protection Authority: The "Exodus” Trojan Case –

12 aprile 2019

The "Exodus” Trojan Case – "Appalling”, said Antonello Soro'
(Ansa, 30 march 2019)

"What happened is appalling. The fact that hundreds of people having no connections whatsoever with criminal investigations have been intercepted because of a flaw in a Trojan used for those investigations is quite worrisome. More in-depth inquiries are necessary into this incident, and the Garante will also step in as appropriate.

The exact circumstances of the case have yet to be clarified and the chain of events must be brought to light. Nevertheless, what is unquestionable is that tools like these Trojans are quite dangerous: they can help investigations, but are also liable to give rise to unacceptable breaches of citizens' freedoms if they are deployed without the barest technical safeguards. We had drawn the Government's attention to these issues when we gave our opinion both on the draft legislative decree amending the interception laws – which also introduced regulations on the use of Trojans – and on the draft implementing decree that was supposed to lay down the appropriate safeguards in selecting the software for those purposes.

There is a lesson to be drawn from this case: we must be resolute in preventing similar breaches from occurring in future,  being aware that no mistakes may be allowed for in such a sensitive area – where investigational powers go hand in hand with no less strong technological applications. Investigational tools such as those at issue must be kept at the disposal of law enforcement bodies, as provided for by the law, but only if they are coupled with robust safeguards to protect citizens' freedom."

Retrieved from https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/9101790

Archivio news

 

News dello studio

lug2

02/07/2026

Obblighi del titolare del trattamento in caso di uso di sistemi di AI

L' utilizzo di sistemi di AI per il trattamento dei dati comporta la necessita' per il Titolare del trattamento di rivedere ed aggiornare tutti la documentazione sulla privacy, ivi incluse le informative

lug2

02/07/2026

Obblighi del datore di lavoro in caso di utilizzo di sistemi di AI in azienda

  L’articolo 11 della Legge 23 settembre 2025, n. 132 (“Legge AI”) sancisce i principi fondamentali per un uso etico e responsabile dell’AI. Tale disposizione, nel riaffermare

lug2

02/07/2026

Autorità nazionale anticorruzione - Comunicato 15 maggio 2026[3][1] Approvazione della delibera n. 148 del 1° aprile 2026: «Approvazione delle modifiche e integrazioni apportate allo “Schema di bando tipo n. 1/2023 aggiornato al decreto legislativo 31 dic

L'Autorità nazionale anticorruzione (ANAC), nell'adunanza del Consiglio del 1° aprile 2026, ha approvato la seguente delibera: delibera n. 148 del 1° aprile 2026 «Approvazione

News Giuridiche