Italy’s data protection regulator fined Poste Italiane SpA €6.6 million and Postepay SpA €5.9 million, totaling €12.5 million, for allegedly illegally processing millions of users’ personal data through invasive monitoring. The regulator said the Postepay and BancoPosta apps required users to authorize monitoring of installed and running applications in a way it deemed excessively invasive, insufficiently disclosed, and not necessary for fraud prevention. #PosteItaliane #Postepay
Keypoints
- The Italian regulator imposed a €12.5 million fine on Poste Italiane and Postepay for data privacy breaches.
- The investigation targeted the Postepay and BancoPosta mobile apps for device-level monitoring of installed and running apps.
- Companies said the monitoring aimed to detect malicious software and protect transactions under payment rules.
- The regulator ruled the monitoring methods were excessively invasive, unnecessary for fraud prevention, and poorly explained to users.
- Authorities also cited inadequate security safeguards and excessive retention of user data.
Read More: https://therecord.media/italian-regulator-fines-postal-service-orgs-15-million-privacy