Rocco Panetta

Practice Areas

Rocco Panetta is the Chairman of Panetta Consulting Group and Managing Partner at PANETTA Law Firm. He previously served as a senior executive at the Italian Data Protection Authority. Recognised nationally and internationally as a leading expert in technology law, data governance, and AI strategy, he has played a pivotal role in shaping legal frameworks in these fields.

In 2023, he was dubbed the “AI Lawyer” for representing major international companies in landmark proceedings before the Italian Data Protection Authority, which were the world’s first cases on Generative AI.

Since founding his firm, he has held numerous key positions across multiple sectors, including:

• Data Protection and AI Compliance;

• Information Technology (IT) and Telecommunications (e.g., outsourcing, internet, e-commerce);

• Cybersecurity, Forensic Investigations, and Cloud Computing.

As a Data Protection Officer (DPO) since 2018 and Consultant since 2008, he has advised both public and private entities across multiple industries, including:

• Technology & Artificial Intelligence;

• Luxury;

• TMT (Technology, Media, and Telecommunications);

• Health;

• Banking & Finance;

• Energy;

• Insurance;

• Food Retail.

Professional Memberships

Rocco Panetta is a certified CIPP/E, Uniter, and TUV professional, he currently serves as the Country Leader for Italy at the IAPP and is a former member of the IAPP Board of Directors.

Publications

Author of over 150 publications, including monographs, legal codes, and editorial series, his insights are regularly featured in Il Sole 24 Ore, Agenda Digitale, Repubblica, and Corriere delle Comunicazioni.

MAIN PUBLICATIONS

CODES:

Codice delle Energie Rinnovabili e dell’Efficienza Energetica, 2010, Edizioni Ambiente, Milano;

2005 Codice Privacy.

BOOKS:

2024 “The AI Act: A compass for approaching legislation with innovative and disruptive effects”, Journal of Data Protection & Privacy, Henry Stewart Publications, vol. 6(4), p. 318-331;

2021 Il Data Protection Officer tra Regole e Prassi, Giuffrè, Milano;

2019 Circolazione e Protezione dei Dati Personali, tra libertà e regole del mercato, Giuffrè, Milano;

2006 Libera circolazione e protezione dei dati personali II Volumi, Giuffrè, Milano;

2003 Il danno ambientale, Giappichelli, Torino;

2002 Le modifiche alla normativa in tema di privacy. Commentario al d.lgs. n. 467/2001 in tema di privacy e protezione dei dati personali – New Rules on Privacy in Italy, published by La Tribuna, Piacenza;

2024 Commerciabilità dei dati personali. Profili economici, giuridici, etici della monetizzazione, il Mulino, Bologna;

2023 Il telemarketing, tra evoluzione tecnologica e protezione dei dati personali. Tra evoluzione tecnologica e protezione dei dati personali, Aracne, Roma;

2020 Privacy 2030, pubblicato dal Garante per la protezione dei dati personali e IAPP;

2005 Ambiente – Profili civili (voce), in Gli interessi protetti nella responsabilità civile, The Environment – Civil issues, published by UTET, Torino;

2004 In margine all’art. 125 del d.lgs. n. 196/2003 – Art. 125 del D. Lgs. N. 196/2003, a chapter of Codice della Privacy, published by Giuffrè, Milano;

2004 Il danno all’ambiente – The Environmental Damage, a chapter of Persona e Danno, published by Giuffrè, Milano;

2003 Note critiche in tema di responsabilità extracontrattuale tra legge n. 675/1996 e d.lgs. n. 196/2003 – Notes on Civil Liability under Law no. 675/1996 and Legislative Decree no. 196/2003, in Rivista Critica del Diritto Privato, Jovene, Napoli;

2001 Le compromissioni ambientali – Environmental Damages, a chapter of Trattato Breve dei Nuovi Danni, published by CEDAM, Padova, Italy;

1999 In margine all’art. 7 del D.lgs. n. 171/98 “Chiamate di disturbo” - On Section 7 of the Legislative Decree no. 171/98, published in Privacy e Telecomunicazioni, by Jovene, Napoli, Italy;

1999 La circolazione delle informazioni economiche - Processing and Circulation of Economic Information, published in Privacy, by CEDAM, Padova, Italy.