Our Lorenzo Pellerano took part to the 7th International Research Seminar in Maritime, Port and Transport Law hosted in Venice by the North Adriatic Sea Port Authority.
The title of Lorenzo’s presentation was “The issue of compliance in Italian Ports: Safety, Data Protection, Legislative Decree 231/01”; he dealt with the main contents of three legal instruments introducing compliance requirements applicable to Italian port operators.
As far the issue of safety is concerned, a focus was dedicated to the lack of co-ordination between the legal framework concerning safety in Italian port areas (Legislative Decree 272/1999) and the general provisions ruling the safety at work in Italy (Legislative Decree 81/2008).
The second part furnished a brief introduction to Legislative Decree 8 June 2001, n. 231. Such a legal instrument introduced in Italy the administrative liability of legal entities related to the commission of a special list of crimes (among others – as ports may be involved – the non-voluntary murder or personal injury caused with violation of the safety regulations, but also the sea pollution caused by ships).
Under Legislative Decree 231/2001, if a crime is committed by a director or an employee of a company in the legal entity’s interest, the legal entity is exposed to a number of sanctions (fines, interdiction of the activity, waive of public authorizations, concessions and licenses, prohibition to make advertisement, etc.).
Finally, the contribution commented the possible impact of Regulation (EU) 2016/679 – also known as General Data Protection Regulation – on port operators. From 25 May 2018 on, the GDPR became applicable and many shipping operators are required to achieve soon compliance with Regulation (EU) 2016/679 requirements, because every day shipowners, charterers, port agents, terminals and Port Authorities based in the European Union process a huge number of personal data of passengers, clients, suppliers, employees. While processing the relevant personal data the Controllers and the Data Processors have now to respect the GDPR principles; otherwise they will be exposed to onerous administrative fines and liabilities.