Università Telematica e-Campus – €50,000 Fine (Italy, 2026)

€50,000Garante per la protezione dei dati personali29 January 2026Italy
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Università Telematica e-Campus was fined €50,000 for using facial recognition to track attendance in online classes without proper legal grounds. This is significant because it shows that educational institutions must follow strict rules when handling personal data, especially sensitive information like biometric data.

What happened

The university used a facial recognition system for attendance tracking without a sufficient legal basis.

Who was affected

Students whose attendance was monitored through facial recognition technology.

What the authority found

The authority ruled that the university failed to comply with data protection principles, including data minimization and storage limitation.

Why this matters

This case highlights the risks of using advanced technologies in education. Institutions must ensure they have a valid legal basis and adhere to data protection principles.

GDPR Articles Cited

AI-verified

Art. 25(GDPR)
Art. 5(1)(c) GDPR
Art. 5(1)(e) GDPR
Art. 6(1) GDPR
Art. 9(1) GDPR
View original scraped data
Art. 5(1) c) GDPR
e) GDPR
Art. 6(1) c) GDPR
e)
(2)
(3) GDPR
Art. 9(1) g) GDPR
Art. 25(GDPR)

Original data from scraper before AI verification against source document.

National Law Articles

AI-identified

Art. 144 Codice Privacy
Source verified 14 April 2026
articles corrected
national law identified
Italy enforcementGarante per la protezione dei dati personali actionsAll Università Telematica e-Campus actions
Full Legal Summary
Detailed

The Italian DPA has imposed a fine of EUR 50,000 on Università Telematica e-Campus. The controller used facial recognistion system to controll the attendance in online classes, but failed to base the processing on a sufficient legal basis. Additionally the processor failed to comply with the prinicples of data minimisation, storage limitiation and data protection by default.

Related Enforcement Actions (0)

No other enforcement actions found for Università Telematica e-Campus in IT

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

29 January 2026

Authority

Garante per la protezione dei dati personali

Fine Amount

€50,000

Enforcement Tracker ID

ETid-3076

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Università Telematica e-Campus - Italy (2026). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: