Ministero della Cultura – €12,000 Fine (Italy, 2026)

€12,000Garante per la protezione dei dati personali29 January 2026Italy
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

The Italian data protection authority fined the Ministero della Cultura €12,000 for misusing video surveillance footage at the Archaeological Museum of Campobasso. This is important because it shows that organizations must inform people about how their data is used and cannot misuse surveillance for purposes like employee discipline.

What happened

The museum used video surveillance footage for disciplinary actions against employees without properly informing them.

Who was affected

Museum visitors and employees who were recorded by the surveillance cameras.

What the authority found

The authority ruled that the museum failed to adequately inform individuals about the use of their video data, violating GDPR requirements.

Why this matters

This ruling emphasizes the need for transparency in data processing. Organizations using surveillance must clearly communicate how and why they collect video footage.

GDPR Articles Cited

AI-verified

Art. 13(GDPR)
Art. 5(1)(a) GDPR
Art. 6(1) GDPR
Art. 12(1) GDPR
View original scraped data
Art. 5(1) a) GDPR
Art. 6(GDPR)
Art. 12(1) GDPR
Art. 13(GDPR)
Art. 35(GDPR)
Art. 88(1) GDPR

Original data from scraper before AI verification against source document.

National Law Articles

AI-identified

Art. 4 L. n. 300/1970
Art. 114 Codice Privacy
Source verified 14 April 2026
articles corrected
national law identified
Italy enforcementGarante per la protezione dei dati personali actionsAll Ministero della Cultura actions
Full Legal Summary
Detailed

The Italian DPA has imposed a fine of EUR 12,000 on the Ministero della Cultura. The controller, who is operating the Archaeological Museum of Campobasso, used video surveillance in the museum, with the purpose of protecting the museums assets. But the controller also used the footage for disciplinary purposes against employees. Additionally the controller failed to adequatly inform data subjects regarding the processing.

Related Enforcement Actions (0)

No other enforcement actions found for Ministero della Cultura in IT

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

29 January 2026

Authority

Garante per la protezione dei dati personali

Fine Amount

€12,000

Enforcement Tracker ID

ETid-3077

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Ministero della Cultura - Italy (2026). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: