Italy: Data Protection Authority opened investigation into users of spyware from Paragon Solutions and similar systems for alleged privacy violations

On 14 February 2025, the Data Protection Authority (DPA) issued a warning to users of the “Graphite” spyware systems provided by Paragon Solutions, or similar systems, and to those using information collected through these software. The DPA noted that the use of these tools outside of uses permitted by the law violates the Privacy Code and could result in administrative fines of up to EUR 20 million or 4% of company turnover. Such activities are only lawful when conducted for purposes strictly related to national security, crime prevention, investigation, detection, and prosecution.