Record fine to Enel: “Serious deficiencies in the processing of user data”

Save a fine for Enel. The Privacy Guarantor fined Enel Energia over €79 million for “serious shortcomings in the processing of personal data of a large number of users in the electricity and gas sector for telemarketing purposes.” The Financial Police had the authority to impose sanctions of 1 million 800 thousand euros on four companies and to seize some databases used in illegal activities. “Further investigations carried out by the guarantor revealed that Enel Energia, The four companies, although they do not belong to the sales network of the energy company,” reads the privacy guarantor’s note.

Additionally, after subsequent inspections at Enel Energia, “the Authority found that the information systems for customer management and activation of services by the company showed serious security deficiencies”. According to the privacy guarantor, Enel had “failed to implement all necessary measures to prevent the illegal activities of malicious suppliers who for years fueled an illegal business through disturbance calls, identifying easy ‘gates of entry’ into the company’s information systems, service promotions and the conclusion of contracts that do not provide real economic advantages to customers”.

For these “serious violations”, which involved the activation of at least 9,300 contracts over time, the guarantor fined Enel Energia 79,107,101 euros. This is the highest penalty ever imposed by the Authority.

Source: Today IT