Burgermenu-Close

YOUR
Search

    Marco Cappa
    ADVANT Nctm - Rome
    Lawyer
    Counsel

    Marco Cappa

    ADVANT Nctm - Rome
    Lawyer
    Counsel

    LANGUAGES

    English / Italian

    Practice Areas

    Corporate and Commercial - IT and Data

    Spotlight

    Artificial Intelligence - Cybersecurity

    Contacts

    T : +39 06 6784977

    marco.cappa@advant-nctm.com

    vCard Print

    Expertise

    Marco Cappa is a lawyer with solid expertise in the practice of privacy law (with reference to the EU Regulation 679/2016, the "GDPR"), IT law, AI and corporate and commercial.

    He successfully completed a PhD with a dissertation entitled: “The Transatlantic Evolution of the Right to Privacy.”

    He specialized with an LLM at the King's College of London. 

    He has provided legal and regulatory advice for several law firms and ICT companies.

    Marco is Research fellow of the Italian Academy of the Internet Code (2024 - 2014) for which he edited a series of scientific publications and served on the editorial board, as well as being the author of scientific articles for CONI's Sports Law Journal (2025–2015).

    He was also a regulatory and policy advisor for Google Italy (2017-2015) and legal advisor to the Jurisdiction Council of the Chamber of Deputies (2015-2014).

    Education

    • Certified Data Protection Officer (DPO), UNI CEI EN 17740:2024 (previously UNI ISO 11697:2017), valid 2019–2023 and 2023–2027
    • PhD in Privacy Law - University of Naples "Parthenope" - European University of Rome with a dissertation on "The Transatlantic evolution of the right to privacy", 2014 – 2017.
    • Admitted to the Bar of Potenza, 2013.
    • LLM in European Law - King's College London, 2012/2013.
    • Master in International Functions - SIOI (Italian Society for International Organization) Rome, 2011.
    • Post-Graduate Specialization Course in Energy Law - LUISS Guido Carli, 2010.
    • Specialization Course in the Legal System of Football - LUISS Guido Carli, 2009.
    • Degree in Law - LUISS Guido Carli (with top marks), 2009.

    Publications

    • “The challenges of GDPR”
      in: Across the Universe, n. 26, 2018
    • "Gli aiuti di stato e il calcio”
      in: Rivista di Diritto Sportivo del CONI, fasc. II/2015, 2015
    • “Commento all’art. 66-ter”
      in: I nuovi diritti dei consumatori. Commentario al D.Lgs. n. 21/2014, A.M. Gambino e Gilberto Nava, Giappichelli Edition, 201

    Articles

    2024 Annual Report of the Italian Data Protection Authority to Parliament
    The presentation of the 2024 Annual Report by the Italian Data Protection Author…
    Read more
    New digital accessibility obligations
    The requirement for compliance with accessibility obligations for digital servic…
    Read more
    Guidelines on pseudonymisation
    The new guidelines on #pseudonymisation (“Guidelines 01/2025 on Pseudonymisation…
    Read more
    Italian Data Protection Authority approves Code of Conduct on Telemarketing: major novelties and practical implications
    Pursuant to Article 40 of the GDPR, various trade and consumer associations drafted a Code of Conduct on Telemarketing and Telesales. The Code, approved by the Italian Data Protection Authority (“Garante”)…
    Read more
    The new adequacy decision to simplify data transfers to the US
    With the new adequacy decision of the European Commission, the transfer of personal data to the US will soon undergo significant and important developments. As in the best Netflix series, we start with…
    Read more
    Cybersecurity in Italy
    Threats and actors in the field Knowing the threats to cybersecurity. Preventing attacks and incidents. Taking action. A guide for businesses in five contributions on Italian cybersecurity legislation. …
    Read more
    The NIS Directive and the obligations of essential services operators and digital services providers
    This fourth contribution on Italian cybersecurity legislation deals with the obligations imposed by the NIS Directive on security of network and information systems upon essential services operators and di…
    Read more
    Memorandum on the Chinese GDPR – The new “Personal Information Protection Law”. Implications and consequences
    Introduction The recent legislative activity in the People’s Republic of China regarding the protection of personal data has attracted the attention not only of operators in the sector but also of the d…
    Read more
    Happy Birthday, GDPR!
    Regulation (EU) 2016/679, also called “General Data Protection Regulation” (the “GDPR”), turns three. The GDPR indeed came into force on 25 May 2018, becoming the global benchmark for personal data prot…
    Read more
    The so-called "Superbonus" introduced by the Relaunch Decree
    The purpose of this document is to briefly analyse the changes introduced by the Decree on Tax deductions for certain categories of entities implementing restructuring fulfilling specific energy efficiency…
    Read more
    OUR OFFICES
    Privacy Policy - Legal Notice - Cookie Policy