Comune di Orte (data controller) – €20,000 Fine (Italy, 2022)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The municipality of Orte was fined €20,000 for using surveillance cameras without informing citizens. This is important because it shows that local governments must follow data protection rules just like businesses do. The ruling encourages municipalities to be transparent about their surveillance practices.
What happened
Comune di Orte installed photo-traps for surveillance without informing the public.
Who was affected
Residents of Orte who were recorded by the surveillance cameras were affected.
What the authority found
The Italian data protection authority ruled that the municipality did not comply with legal requirements for operating surveillance systems.
Why this matters
This ruling sets a precedent that public entities must adhere to data protection laws. Local governments should ensure they inform citizens about surveillance to avoid penalties.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
National Law Articles
Entities Involved
A citizen of Orte filed a complaint against their municipality. The municipality of Orte is the controller and the citizen is the data subject. The controller installed photo-traps to prevent and punish illegal garbage disposal. The data subject submitted a request to the municipality under law 241/1990 for access to the surveillance system's administrative documents. The controller only gave him the supplier's (the urban cleaning company) technical offer. The data subject then filed a complaint with the DPA alleging that that (1) the municipality neglected to publish any information in the Municipal Notice Board (Albo Pretorio) and (2) he had been recorded several times. The controller claimed that the photo-traps were installed as part of an adjudication procedure for the urban cleaning service. The controller admitted that it adopted none of the administrative acts required by Italian law in order to lawfully operate the photo-traps. A municipal regulation on camera surveillance had been drafted, but not approved, according to the controller. Furthermore, the controller admitted it had not informed the citizens of the surveillance system's installation. Moreover, no agreement relating to the processing of the data collected by the cameras was concluded with the supplier. The controller later stated (past the deadline) that it only operated the photo-traps for a short time in order to verify their functionality. Some cameras were also installed for deterrence purposes. These cameras were not activated and did not collect data at that time. The controller eventually removed all of the cameras. The municipality claimed that they never processed any personal data aside from those collected in the testing phase, and that they never sanctioned any citizen based on the data collected through the surveillance system. During the preliminary investigation, the DPA also found that the contact information for the municipality’s DPO were the same as the contact information fo
Violations (1)
Non-essential cookies (tracking, advertising) are placed on the user's device before obtaining valid consent.
Art. 6(1) GDPR
Related Enforcement Actions (0)
No other enforcement actions found for Comune di Orte (data controller) in IT
This is the only recorded action for this entity in this jurisdiction.
Similar Cases
Enforcement actions with similar violations
Details
Fine Date
7 April 2022
Authority
Garante per la protezione dei dati personali
Fine Amount
€20,000
GDPRhub ID
gdprhub-5010About this data
Cite as: Cookie Fines. Comune di Orte (data controller) - Italy (2022). Retrieved from cookiefines.eu
Last updated: