For the first time an Italian criminal court (in this case, the Criminal Court of Milan) has imposed criminal sanctions for spamming activities. The former managing director and the former CFO (who was also the data protection officer) of an Italian multinational company, providing services and solutions for 'mobile connected life', were convicted and sentenced to 9 months' imprisonment (stayed) for "unlawful data processing". At the same time, two managers were acquitted by the prosecution of computer fraud.
This decision is also significant since it recognised that unsolicited newsletters can be compared to unsolicited commercial emails.
The issue arose from a longstanding dispute (started in 2004) between the company and one of its former customers (a company owning a popular website) to which the company were providing internet and marketing services. According to the Italian Public Prosecutor, after the termination of the agreement between the company and its customer, the company continued sending unsolicited newsletters, including its own, to approximately 180,000 users (i.e. 39% of the subscribers of the former customer's newsletter).
Following the Criminal Court's decision, the company announced its intention to appeal against the decision of first instance on the basis that the supposedly unlawful data processing was based on a different interpretation of the contractual relationship between the company and its customer, rather than on an intentional act by the managers of the company.
In the past, disputes involving the company and its spamming activities have been brought before the Garante, although until this decision, these disputes never resulted in criminal conviction.