Andrea Mantovani’s practice is primarily devoted to litigation, corporate law, data protection, and cybersecurity.

He has extensive experience in the litigation practice, with emphasis on data protection, cybersecurity, commercial, and bankruptcy-related matters. He also regularly advises clients on corporate, contractual and compliance matters, particularly in the areas of data protection and cybersecurity, as well as in connection with internal investigations and investigations carried out by public authorities.

Andrea has been selected by the European Data Protection Board as an Expert to join its Support Pool for the areas of “legal expertise in new technologies” and “technical expertise in new technologies and information security.”

He joined the firm in 2009. Prior to joining Cleary Gottlieb, he worked for six years at the law firm Bussoletti Nuzzo & Associati, where he was primarily involved in the practice areas of corporate, banking, and bankruptcy law.

Read More

Selected Activities

trigger
  • Assistant lecturer in business law and honorary fellow in corporate and banking law, “Roma Tre” University

Publications

Cybersecurity Law Enters Into Force,” Cleary Gottlieb Alert Memo, July 25, 2024

AI Act and the GDPR: How Data Protection Rules Fit Together,” Agenda Digitale, July 8, 2024 

IT systems and services for e-mail management in the workplace and metadata processing, June 27, 2024

Intelligenza artificiale e obblighi per le aziende: come cautelarsi,” Il Sole 24 Ore - Econopoly, June 6, 2024

Statement 2/2024 on the Financial Data Access and Payments Package, June 5, 2024

L’intelligenza artificiale al banco di prova del GDPR,” Italian Legal Tech Report 2024, edited by T. Grotto, L. Mirafiori, M. Scapin, Giuffrè Francis Lefebvre, Milan, 2024

Defensive Controls: The Italian Supreme Court Outlines the Employer’s Duties” Cleary Gottlieb Alert Memo, November 13, 2023

Quoted in “Apple accused of restrictive third-party privacy policy,” Global Data Review, May 11, 2023

Italian National Cybersecurity Perimeter: Some Considerations Following Completion of the Regulatory Framework” Cleary Gottlieb Alert Memo, April 17, 2023

Italy Implements European Directive on Whistleblowing” Cleary Gottlieb Alert Memo, March 30, 2023

Quoted in “ECJ case may create ‘significant’ insolvency hurdles,” Global Data Review, January 20, 2023

Sfide legali collegate all’Intelligenza Artificiale Le azioni da mettere in campo in ottica di prevenzione e gestione del ‘rischio privacy,’” I quaderni del Gruppo ASLA di Corporate Compliance, 2022

Privacy in Italy: Overview,” Practical Law, August 2022

Quoted in “Deliveroo fined for rider data algorithms,” Global Data Review, August 4, 2021

Principio di accountability e prassi sanzionatoria dei Garanti europei,” I quaderni del Gruppo ASLA di Corporate Compliance, 2021

L’attività ispettiva e sanzionatoria del Garante Privacy: spunti operativi per prepararsi al meglio,” I quaderni del Gruppo ASLA di Corporate Compliance, 2020

Privacy in Italy: Overview,” Practical Law, August 2020

Options for Internal Investigations Under Italian Law and Data Protection Issues,” The In-House Lawyer, January 21, 2020

“Questioni relative al trattamento dei dati personali per finalità di marketing e profilazione,” in Data protection tra Unione europea, Italia e Svizzera, a cura di P. Bertoli, F. Ferrari, G. Ripamonti, G. Tiberi, Giappichelli, Torino, 2019

Questioni relative al trattamento dei dati personali per finalità di marketing e profilazione,” Law and Media Working Paper Series No. 3/2019

Note pratiche sul trattamento dei dati personali effettuato per finalità di marketing e di proflazione,” I quaderni del Gruppo ASLA di Corporate Compliance, 2019

Securities & Related Investigations Know-How Guide” (chapter on Italy) GIR Global Investigations Review, 2019

CJEU Judgment in the Fashion ID Case: The Role as Controller Under EU Data Protection Law of the Website Operator that Features a Facebook ‘Like’ Button

A Warning for Data Hoarders: The Case of Electronic Invoicing,” Regulating for Globalization, December 19, 2018

Quoted in “Italian Watchdog Warns on Electronic Invoicing,” Global Data Review, November 21, 2018

Novità interpretative in materia di protezione dei dati personali nel contesto dei controlli datoriali sui dipendenti,” I quaderni del Gruppo ASLA di Corporate Compliance, 2018

Securities & Related Investigations Know-How Guide” (chapter on Italy) GIR Global Investigations Review, 2018

Internal Investigations and Public Enforcement: Challenges Under Italian Law,” Legal Business, May 2018

Privacy in Italy: Overview,” Practical Law, March 2018

Data Protection in Italy: Overview,” Practical Law, March 2018

Internal Investigations and Public Enforcement: Challenges Under Italian Law,” The In-House Lawyer, December 12, 2017

Più attuali questioni di data protection nella repressione degli illeciti all’interno dell’azienda,” I quaderni del Gruppo ASLA di Corporate Compliance, 2017

“Securities & Related Investigations – Italy,” GIR Global Investigations Review, 2017

Co-authored GIR Global Investigations Review, Securities & Related Investigations Italy, 2016

“Revisione contabile delle società quotate e ‘servizi proibiti’ alla luce della riforma sul risparmio e delle recenti modifiche al Regolamento emittenti,” in Diritto della banca e del mercato finanziario, No. 3/2007, pp. 505-545

Events

Speaker at ASLA Corporate Compliance Round Tables 2024, Milan, November 22, 2024

Speaker at Intelligenza artificiale e sfide del mondo digitale nei contesti privacy e consumer protection, Rome, April 20, 2023

Speaker at the ASLA Corporate Compliance Round Tables, Milan, October 12, 2022

Lecturer in “Advanced Course on GDPR” at Sharcom Academy, Webinar, May 20, 2021

Lecturer in “Privacy & Data Protection” at the Link Campus International University of Rome, January 15, 2021

Compliance in the Pharmaceutical Sector: Protection of Privacy, Rome, March 14, 2020

Speaker at the ASLA Corporate Compliance Round Tables, Milan, November 14, 2019

Internal Investigations: Crisis Management, Legal Issues, Forensic Technologies, Rome, April 4, 2019

Internal Investigations: Crisis Management, Legal Issues, Forensic Technologies, Milan, February 19, 2019

Speaker at the ASLA Corporate Compliance Round Tables, Milan, November 14, 2018

Speaker at “Data Protection Matters Under the New EU Data Protection Rules (GDPR),” Como, October 26, 2018

Speaker at the ASLA Corporate Compliance Round Tables, Milan, November 15, 2017

Speaker at the ASLA Corporate Compliance Round Tables, Milan, May 10, 2016