Italy: Garante fines Comune di Urago d'Oglio €4,000 for GDPR violations
The Italian data protection authority ('Garante') issued, on 13 February 2020, a decision ('the Decision') fining the Comune di Urago d'Oglio €4,000 for violating Articles 5(1)(a) and (c), and Article 6(1)(c) and (e) of the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR'). In particular, the Decision highlights that an individual complainant argued that the local council published on its institutional website documentation such as the text of a judgment containing the individual's personal data, including health information. In addition, the Decision highlights that the local councils conduct amounted to a violation of the principles of lawfulness, fairness, and transparency, as well as of data minimisation.
You can read the Decision, only available in Italian, here.