On August 30, 2007, the Italian Data Protection Authority (Garante) prohibited the distribution of unsolicited electronic communications and faxes by an Internet website — TecaLibri — and by two Italian companies — Microsite s.r.l. and Onedirect s.r.l. These service providers were processing data for marketing purposes without the data subjects’ consent. In the first case, TecaLibri, an online bookshop, was sending advertising e-mails to potential new clients. The other two cases involved two companies sending faxes to individuals listed in a telephone directory. As the recipients were listed in the sections reserved for professionals, both companies relied on Art. 24 (1) letter d) of the Italian Privacy Act (Legislative Decree No. 196 of June 30, 2003), which contains an exception to the express consent rule when the processing concerns data relating to economic activities that are processed in compliance with the legislation in force as applying to business and industrial secrecy. The Garante made its ruling based on Art. 130 (2) of the Privacy Act on Unsolicited Communications, which requires that data subjects consent to commercial communications sent by e-mail, facsimile, MMS or SMS-type messages.
The press release is available (in Italian) at: http://www.garanteprivacy.it/garante/navig/jsp/index.jsp