Tag Archives: law

Web Cookies’ Processing: New Guidelines by the Italian DPA

On June 10, 2021 the Italian DPA has officially issued new guidelines for the processing of cookies and other online tracking instruments. Such newly-issued guidelines are aimed at compliance with principles set forth by the GDPR, as well as by the recently issued contributions of the European Data Protection Board. The new guidelines complement and update the previous ones issued in 2014.

New provisions mainly regard how consent is acquired and information to be provided to interested subject. In fact:

  • consent by the user must be given in accordance with principles of freedom and unambiguousness. Accordingly, the use of methods that do not comply with such principles, such as the “scrolling-down” and the “cookie-wall”, are unlawful and void;
  • the “cookie banner” must comply with the “privacy by design” and “privacy by default” principles, as resulting from article 25 of the GDPR. Consequently, simplified manners for the obtainment of the consent are allowed only to the extent that they comply with some pre-determined requirements;
  • “analytic cookies” can be processed without any consent by users only if they do not allow any identification (direct identification of the person concerned should not be achieved), and if they are used for the production of aggregate data only. Otherwise, they need to be expressly authorized;
  • information to be provided to the users must be specific and comply with articles 12 and 13 of the GDPR.

Data controllers now have a 6-months term (expiring on December 2021) for the adoption of the measures necessary to comply with such giudelines.

The full text of the measure can be found at the following link: https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/9677876.

New Data Transfer Standard Contractual Clauses Approved by the EU Commission

On June 4, 2021 the EU Commission approved new standard contractual clauses (“SCC“), which are regarded to provide appropriate safeguards within the meaning of Article 46(1) and (2) (c) of the GDPR.

The new SCC are updated with GDPR, the opinions expressed during the course of the consultation phase (including those of the European Data Protection Board and the European Data Protection Supervisor), as well as take into account the recent Schrems II judgement of the Court of Justice.

There are two different sets of SCC: (i) for data transfers from controllers or processors in the EU/EEA (or otherwise subject to the GDPR) and (ii) to controllers or processors established outside the EU/EEA (and not subject to the GDPR).

The new SCC promisemore flexibility for complex processing chains, through a ‘modular approach’ and by offering the possibility for more than two parties to join and use the clauses“.

If you or your company are using the old SCC, you have a transition period of 18 months.

Five Key Takeaways from Our Seminar on Clinical Trials

If you missed our seminar on clinical trials on January 16, here are five key takeaways to help you understand the changing regulatory environment in Europe and Italy.

  1. Be ready for a new regulatory landscape

The recent clinical trials regulatory overhaul within the EU aims at fostering research and facilitating the tasks of all actors involved in this area. However, delays in the implementation of such new legislation are posing an actual risk for the entire sector throughout the EU, while competition from emerging economies is getting stronger.

  1. Harmonized, but not enough

In several areas, such as observational studies or ethical committee’s assessments, a unified approach at European level is yet to be adopted. This leaves a lot of fragmentation among the various countries and a lot of work to be done at local level in order to ensure compliance with applicable regulations. Be prepared to deal with such inconveniences, in particular in the pharmaceutical sector.

  1. Changes in data protection laws offer new opportunities but challenges remain

GDPR brought new harmonized provisions to improve and support the use of data for the purpose of conducting research. However, guidance from national data protection and regulatory authorities in areas such as legal grounds for processing and secondary use is far from established. Moreover, different EU countries continue to adopt opposite approaches when it comes to consent and legitimate interest as valid legal grounds for data processing in the framework of clinical research. Data protection compliance will therefore continue to require local check-ups.

  1. New opportunities for independent research

Recent regulatory changes in Italy are being implemented to foster independent not-for-profit research in the clinical area. The new regulations, which are about to be adopted, envisage new opportunities for the participation of private actors in independent research and allow not-for-profit research institutions to better exploit the results of their research. The potential for conflicts remain and caution should be exercised within public-private relationships, but there is hope that new paradigms of collaboration will see the light.

  1. A new world of evidence is out there

More and more projects in the clinical research field involve real world data and real world evidence, gathered in a number of different ways outside the rigid protocols of a controlled study, whether through medical devices or other data collection instruments. Real world data are key to understanding how treatments work in reality and developing new healthcare paths. However, both clinicians and private actors are operating in uncharted territories and the line between studies and alternative research projects is thinner than you may expect. Be mindful of the regulatory and compliance ramifications of these new powerful tools.

Copyright European Legislation: Getting Ready for the Digital Era.

On September 12th the European Parliament approved amendments to the controversial Proposal for a Copyright Directive, the Directive of the European Parliament and of the Council on Copyright in the Digital Single Market, which aims at updating copyright rules.

Not many topics have polarized opinions in recent years in Europe. While supporters claim to have protected artists and to have inflicted a blow to the American tech giants, critics have talked about the “death of the internet”.

For clarity, even if the Directive passed the European Parliament vote, the changes are not yet definitive and it may be too early to conclude on what this decision entails. The Directive text shall be further reviewed in subsequent negotiations and there is still a slight chance that it may be rejected at another vote by the European Parliament in 2019. In addition, the Directive, even if (and when) definitely approved, should be implemented by single Member States.

But which results does the Directive aim to achieve?

Its scope and purpose appear based on the evolution of digital technologies, which has changed the way copyright works and other protected material are created, produced, distributed and exploited, with the consequence that new uses, new payers and new business models have emerged. The digital environment has given birth to new opportunities for customers to access copyright-protected content. In this new framework, right-holders face difficulties to be remunerated for the online distribution of their works. So, even if the objectives and principles laid down by the EU copyright framework remain valid, there is an undeniable need to adapt them to the new reality.

The Directive also intends to avoid the risk of fragmentation of rules in the internal market. In fact, the Digital Single Market Strategy1 adopted in May 2015 identified the need «to reduce the differences between national copyright regimes and allow for wider online access to works by users across the EU». The idea expressed in the 2015 by the European Commission was to «move towards a modern, more European copyright framework». The EU legislation purports to harmonize exceptions and limitations to copyright and connected rights, however some of these exceptions, which aim at achieving public policy objectives, such as research or education, remain regulated on national level, with the consequence that legal certainty around cross-border uses is not guaranteed.

As to the content of the Directive, we note the following points:

  • With specific regard to the scientific research, recital number 9 of the Directive says that the Union has already provided certain exceptions and limitations (even if optional and not fully adapted to the use of technology in the scientific research) covering uses for scientific research purposes which may apply to acts of text and data mining. Where researcher have lawful access to content, for example through subscription to publication or open access licenses, the term of the licenses may exclude text and data mining.
  • Article 11, called “link tax”, gives publishers a right to ask for paid licenses when online platforms share their stories. The amended version clarifies that this new rights «shall not prevent legitimate private and non-commercial use of press publications by individual users». The amendment tries also to clarify what can be considered as “sharing a story”, indicating that the mere hyperlinks cannot be taxed, nor can individual words.
  • Article 13, called by the critics as “upload filter”, sets forth that platforms storing and giving access to large amounts of works uploaded by their users shall conclude licensing agreements that include liability for copyright infringement, thus putting a large responsibility on platforms and copyright holders that must «cooperate in good faith» to stop this infringement by carefully monitoring every upload.

The Directive has been designed with the intent to rebalance the core problem of contemporary web: big platforms like Facebook and Google are making huge amounts of money providing access to material made by other people. Nevertheless critics object that this intent could lead to serious collateral effects.

We will see what the future of this Directive will be, and which consequences will entail. The path seems to be still long, but, at least, it has started.

 

Who’s Who Legal 2018: Our Life Sciences Practice in the Top Three!

Who’s Who Legal just published its 2018 rankings, highlighting the leading practitioners recognized “for their excellent work across the full spectrum of life sciences law”.

Our very own Paola Sangiovanni has been recognized among the top three most highly regarded practitioners in the life sciences legal industry in Italy. Here’s what Who’s Who Legal says about Paola:

«The “fantastic” Paola Sangiovanni at Gitti and Partners is “a truly dedicated life sciences expert”, who is considered “a great deal-maker”. Her transactional expertise in the life sciences space is in high demand, thanks to her “client-focused approach and excellent service”».

We are very proud to share such a terrific achievement with our clients and friends, and we would like to thank you all for your continued support!

New Whistleblowing Legislation Approved in Italy

Whistleblowers will be granted a higher level of protection under new legislation passed earlier this week in Italy.

The new provisions apply to civil servants as well as employees in the private sector. Whistleblowing protection will shield individuals who submit a good faith report concerning unlawful conduct, provided that such report is based on a reasonable belief and factual elements.

The new legislation prohibits any retaliation or other discriminatory measures against good faith whistleblowers, including termination, demotion, transfer or other organizational action.

In the private sector, the new legislation has a significant impact on organizational models adopted to prevent corporate criminal liability pursuant to Legislative Decree 231 of 2001. In fact, all organizational models will need to set up appropriate channels for the confidential reporting of criminal conduct and violations of the organizational models themselves.  Measures aimed at protecting the identity of the whistleblowers and the confidentiality of the reports, as well as disciplinary sanctions against retaliatory or discriminatory measures against whistleblowers, will also need to be included in such organizational models.

The new legislation is expected to enter into force shortly, upon publication in the official gazette.

Legality Rating by the Italian Antitrust Authority: Is It Useful?

Not only must we punish corrupt companies but also encourage healthy businesses“. The statement released by Mr. Raffaele Cantone, Chairman of the Italian Anti Corruption Authority, summarizes the rationale underpinning the so called “legality rating”, i.e. a score that the Italian Antitrust Authority assigns to companies who apply for it. In fact, Law no. 62/2012, converting Law Decree no. 29/2012, requires the Italian Antitrust Authority to assign a score ranging from one to three “stars”, to any applying company who complies with a series of legal requirements (inter alia, the absence of criminal sanctions or preventive/precautionary measures against key personnel of the company, no judgments pursuant to Legislative Decree No. 231/2001, no breaches in the field of health and safety at work, and no definitive tax assessments against the company).

The instrument, available to entities generating a turnover in excess of Euro two million per year, is completely optional, but continues to be widely utilized. A statement of the Antitrust Authority shows in fact that, in January 2015, the Authority  received respectively 14% more applications than in the previous month and the trend seems to continue.

So, companies line up as schoolboys in order to show that they are worth a certain number of “stars” in an effort to demonstrate the soundness of their compliance program: is it worth it? To respond, we have looked into the benefits of the legality rating to understand the actual relevance of a practice that is becoming widespread. Below is a summary of the alleged benefits.

  • A new Regulation, developed by the Italian Antitrust Authority in collaboration with the National Anti Corruption Authority, entered into force on November 14, 2012, sets forth that companies benefitting from a legality rating are enrolled in a register of virtuous firms. Such registration is supposed tofacilitate relations with banks or the granting of public funding as well as the possibility to participate in public tenders.
  • The first example of a public procurement process taking into account the legality rating refers to postal services. The procurement documentation (Decision of December 9, 2014, published in the Official Gazette no. 1 of the January 2, 2015) stated for the first time that “for the public procurement of large size, the contracting authorities can evaluate the opportunity to give an additional and proportionate score to companies that benefit from a legality rating issued by the Antitrust Authority pursuant to §. 5 ter of Law-Decree no. 1 of January 24, 2012, or that have equivalent certifications issued to foreign firms from other agencies or public authorities”. For the first time, legality rating actually mattered as it gave a chance to companies to score additional points in public tenders.Some have criticized the use of a legality rating in this context, given that section 83 of the Italian Public Procurement Code (Legislative Decree no. 163/2006) requires that contracting authorities assess bidding companies on the basis of objective requirements only. It has been in fact argued that making reference to a legality rating is too discretionary. However, the Antitrust Authority, in opinion no. 163/2013, seemingly admits the possibility of using discretionary requirements, such as “the curriculum of the company, possession of licenses or quality certifications, availability of business assets, the providing of services or similar work, and in general, skills and references” as “factors that can be weighedas criteria for admission to tenders”.

In conclusion, if public procurement tenders give some weight to the legality rating, then obtaining it may actually be a good idea.

The risk is, as with any type of certification, that it will become a merely formal requirement, which does not attest the actual compliance efforts or a corporation’s culture.

Hospital Use Of ATMPs: Toward A Stronger Protection Of Patients Resorting To Compassionate Use

The Italian Ministry of Health has recently strengthened the requirements to obtain the authorization to manufacture and use advanced therapy medicinal products (“ATMPs[1]) which are non-routinely produced. In fact, following the enactment of the Decree of the Ministry of Health of January 16th, 2015, published only last week (the ATMP Decree)[2], more control on such drugs’ hospital use is expected. The ATMP Decree does not apply to ATMPs under clinical trial and solely focus on compassionate use of non-routine ATMPs.

THE PREVIOUS REGULATORY SCENARIO. Prior to 2006, the use of gene therapy and cell therapy medicinal products, for which a marketing authorization had not been obtained, was authorized only within clinical trials[3]. In 2006[4] non-profit manufacturing and compassionate use[5] of gene therapy and somatic cell therapy medicinal products was first allowed.

The 2006 Decree allowed the use of such products on the basis of certain requirements, checked by the Agenzia Italiana del Farmaco, the governmental agency in charge of pharmaceuticals (AIFA). Given the lack of therapeutic alternatives in a life threatening condition, the requirements for production and use of gene therapy and cell therapy medicinal products were not especially strict and heavily relied on the patient’s consent and positive feedback by the Ethics Committee, as well as on the self-certification on the existence of the requirements by the doctor responsible for the drugs administering.

THE NEW RULES INTRODUCED. The ATMP Decree was introduced to protect consumers from fraudulent conducts. Even though the Decree does not make specific reference to it, it is widely accepted that the ATMP Decree aims at limiting the proliferation of cases like the famous “Stamina case”, where therapies for treatment of life-threatening diseases have been provided to patients in sheer lack of scientific grounds[6]. AIFA will enforce the new rules by way of on-site inspections that may lead to suspension or revocation of a previously granted authorization to manufacture, as well as to the prohibition to administer the drug. The ATMP Decree can be summarized as follows:

  • AUTHORIZATION TO MANUFACTURE. Manufacturing of ATMPs for non-routine hospital use now requires a prior authorization by AIFA, which is only issued to GMP (Good Manufacturing Practices) certified manufacturers[7]. Prior to issuing its authorization, AIFA checks compliance of the manufacturing site. The process may altogether take up to 120 days, save for further inquiries by AIFA[8].
  • AUTHORIZATION TO USE. Use of ATMPs is limited to “compassionate use”. Only certain public research hospitals will be suitable candidates to obtain AIFA’s authorization[9]. Moreover, the authorization will be released only upon approval by (i) a Committee for the Assessment of Admissibility to Phase I of Clinical Trials, composed of expert biologists and clinicians, and (ii) by the concerned hospital’s Ethical Committee. The authorization is issued after an analysis of all documents necessary to assess risks and benefits of the proposed treatment, as well as data concerning safety and efficacy available from previous clinical trials.
  • COOPERATION BY MANUFACTURERS AND PHYSICIANS.
    • Manufacturers of ATMPs must ensure traceability of medicinal products as well as of patients for thirty years, and must report to AIFA any adverse events. Also, manufacturers can deliver ATMPs only after authorization to use has been issued and in compliance with a physicians’ prescriptions.
    • Physicians, on the other hand, must ensure that the patient’s informed consent is obtained, and must comply with Good Clinical Practice principles in administering ATMPs in accordance with the protocol approved by the Ethics Committee. Finally, traceability of the drug and patient must be ensured and adverse events must be communicated promptly.

CONCLUSIONS. Manufacturing and use of ATMPs on non-routine basis shall follow objective requirements, to be assessed by governmental entities who are able to appreciate their scientific basis, rather than – as in the past – used under the mere responsibility of physicians and on the basis of self-certified manufacturing facilities. If, on the one hand, it would be advisable that all who need to resort to compassionate use of medicinal products can access medicinal products as quickly as possible, on the other hand it must be ensured that the same people receive adequate protection from deceitful conducts. The Stamina case showed how vulnerable to deception patients who are in a life threatening condition without any available cure can be to false hopes spread by therapies without scientific basis: the recent ATMP Decree attempts to protect them.

 

[1] According to Section 2 of Regulation (EC) No. 1394/2007 of the European Parliament and of the Council of 13 November 2007 on advanced therapy medicinal products and amending Directive 2001/83/EC and Regulation (EC) No. 726/2004 ATMPs include gene therapy products, somatic cell therapy products and tissue engineered products.

[2] The ATMP Decree has been published on the Official Gazette no. 56 of March 9th, 2015 and will become effective fifteen days after publication.

[3] See Section 1 of Ministerial Decree of March 2, 2004. Such non-routinely manufactured drugs were also excluded by the scope of the Pharma Code (Legislative Decree no. 219 of 2006) which focused on the industrial manufacturing of medicinal products and excluded non-routine drugs from its scope.

[4] Ministerial Decree n. 25520 of December 5th, 2006.

[5] According to Ministerial Decree n. 11521 of May 8th, 2013 “compassionate use” or “expanded access” of medicinal products may occur when no suitable alternative is available, in case of life-threatening situations, when serious harm to a patient’s health is potential, or in case of serious diseases with fast progression.

[6] The “Stamina Method”, created by Prof. Vannoni for the treatment of neurodegenerative diseases, is based on the conversion of mesenchymal stem cells into neurons and apparently lacks any scientific foundation. The method itself was also harshly criticized by Nature, one of the most prestigious scientific journals (http://www.nature.com/news/italian-stem-cell-trial-based-on-flawed-data-1.13329). Prof. Vannoni manufactured ATMPs while completely disregarding GMPs. Prof. Vannoni was criminally charged and prosecuted for organized crime with the purpose of fraud and recently plea bargained.

[7] Principles and guidelines of GMPs are contained in Commission Directive 2003/94/EC of 8 October 2003 laying down the principles and guidelines of good manufacturing practice in respect of medicinal products for human use and investigational medicinal products for human use.

[8] The process also includes submittal of request for authorization, along with a report on the ATMP.

Tax Relief on Exploitation of Intellectual Property Rights and Know-How

INTRODUCTION OF THE SO CALLED “IP BOX”. Law no. 190 of December 23, 2014 (“Law”), provides for a new regulatory framework concerning taxation of revenue arising from exploitation of intellectual property rights and know-how eligible for legal protection.

Starting from 2015, repatriation of intangible assets owned by Italian and foreign companies abroad will be favored. Exportation or re-exportation of intangible assets to countries having more favorable taxation of revenue arising from exploitation of intellectual property rights will likely decrease, whereas investments in R&D activities in Italy should increase.

SCOPE OF THE LAW. The Law expressly covers works of intellect, patents, trademarks, design, models, processes, formulas, as well as industrial, commercial, and scientific know-how eligible for legal protection[1]. Revenue arising from both direct and indirect exploitation will receive a more favorable taxation as profits from licensing of eligible assets as well as their direct use (e.g. use of patented machineries in manufacturing processes) will be partially excluded from companies’ taxable income. The Law provides for a progressive implementation of the tax relief system. In 2015, only 30% of the profits will be excluded, whereas such percentage will increase to 40% in 2016, and to 50% in 2017[2].

Capital gains arising from sale of eligible intangible assets will be entirely tax-exempt, upon condition that at least 90% of sales revenue are invested, within two years from the relevant sale, in maintenance or development of any of such assets.

It must be noted that the tax relief will not automatically apply to all eligible entities. Instead, companies must expressly opt for the regime, and their choice will be binding and irrevocable for the following five fiscal years.

WHO CAN BENEFIT. Entities carrying out business activity in Italy, regardless of their type or size, can benefit from the new taxation regime. Foreign companies and other incorporated or non-incorporated entities, including trusts, carrying out business activity in Italy through a permanent establishment, can also benefit from the newly introduced regulatory framework provided that their country of residency is a party to a double tax treaty and undertakes to exchange relevant information with Italy.

CONDITIONS. The exclusion of profits from corporate income will apply only to those entities that carry out R&D activities by way of contracts entered into with either universities or equivalent research entities, or with companies other than those belonging to the same group[3].

In case of direct exploitation of eligible intangible assets, companies must conclude an advanced pricing agreement (APA) with the Agenzia delle Entrate (the Italian tax agency) to determine the ratio between the production value of the assets and the corporate income[4]. Such an agreement is optional for revenue arising from exploitation of eligible assets within the same group[5], whereas it is mandatory in case of capital gains deriving from sale of the assets.

EXEMPTED INCOME. Not all of corporate income benefits from the tax relief. The benefitting quota is instead calculated on the basis of the ratio between R&D costs incurred for maintenance and development[6] of eligible intangible assets and overall costs borne to produce such assets.

[1] The Law originally provided for works of intellect, patents, trademarks that are functionally equivalent to patents, processes, formulas and know-how eligible for legal protection. The meaning of “trademarks functionally equivalent to patents” has been debated ever since, with experts stating that such trademarks could be indentified in those trademarks used to market patented inventions. The recent Law Decree no. 3 of January 24th, 2015 (currently still to be converted into law) expanded the scope of the Law to all kind of trademarks, therefore also to purely commercial trademarks, as well as to design and models.

It must be noted that the scope of the Law is wider than what provided in other European countries by similar tax regimes, where tax relief is usually limited to exploitation of patents. Such systems are therefore commonly defined as “Patent Box”.

[2] The exemption is relevant to calculation of both IRES (corporate income tax) and IRAP (regional tax on production). It is estimated that, starting from 2017, revenue arising from exploitation of eligible assets will be taxed at a rate of 13.75%.

[3] The provision is aligned with the “nexus approach” adopted by OECD, aiming at limiting harmful tax competition amongst OECD countries. According to such an approach, tax relief is to be granted only when R&D costs are incurred, therefore hindering companies from exporting intangible assets to countries with more favorable tax rates without carrying out any R&D activity in such countries. (For further information on this issue visit http://www.oecd.org/ctp/beps-2014-deliverables.htm)

[4] The agreement is reached upon an international ruling procedure that is usually applied with regards to transfer pricing and dividends within the context of multinational companies.

[5] The Law originally provided for a mandatory agreement also in case of exploitation within the same group. Law Decree no. 3 of January 24, 2015, made such an agreement optional. Please note that the agreement may remain mandatory if the law decree is not converted into law or if it is modified by the law of conversion.

[6] Law Decree no. 3 of January 24, 2015, provides that such costs are increased by those incurred for the purchase of the asset or for research contracts entered into with companies belonging to the same group up to 30% of maintenance and development costs.