Enel Energia SpA – €79,100,000 Fine (Italy, 2024)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The Italian DPA has fined Enel Energia SpA EUR 79.1 million due to its lack of compliance with technical and organisational measures aimed at limiting the potential abuses by agencies that unlawfully performed telemarketing activities. According to the DPA, Enel Energia acquired as many as 978 contracts from four different previously sanctioned companies, even though they did not belong to the energy company’s sales network. Moreover, following subsequent inspections at Enel Energia, the DPA ascertained that the information systems used for customer management and service activation by the company showed the abovementioned serious security shortcomings. Enel failed to put in place all the necessary measures to prevent the unlawful activities of unauthorised agents who fuelled for years an illicit business carried out through nuisance calls, service promotions, and the signing of contracts with no real economic benefits for customers by identifying easy ‘front doors’ in the company’s information systems.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The Italian DPA has fined Enel Energia SpA EUR 79.1 million due to its lack of compliance with technical and organisational measures aimed at limiting the potential abuses by agencies that unlawfully performed telemarketing activities. According to the DPA, Enel Energia acquired as many as 978 contracts from four different previously sanctioned companies, even though they did not belong to the energy company’s sales network. Moreover, following subsequent inspections at Enel Energia, the DPA ascertained that the information systems used for customer management and service activation by the company showed the abovementioned serious security shortcomings. Enel failed to put in place all the necessary measures to prevent the unlawful activities of unauthorised agents who fuelled for years an illicit business carried out through nuisance calls, service promotions, and the signing of contracts with no real economic benefits for customers by identifying easy ‘front doors’ in the company’s information systems.
Related Enforcement Actions (0)
No other enforcement actions found for Enel Energia SpA in IT
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
8 February 2024
Authority
Garante per la protezione dei dati personali
Fine Amount
€79,100,000
Enforcement Tracker ID
ETid-2306
About this data
Cite as: Cookie Fines. Enel Energia SpA - Italy (2024). Retrieved from cookiefines.eu
Last updated: