Il regolamento (UE) n. 2016/679 relativo alla protezione delle persone fisiche con riguardo al trattamento dei dati personali intende garantire certezza del diritto e trasparenza per le persone ...fisiche e gli operatori economici. Lo strumento lascia agli Stati membri dell’Unione europea ampi margini di autonomia processuale, particolarmente nel caso di trattamenti transfrontalieri. Per tale ragione emergono diversi problemi che riguardano la competenza giurisdizionale, il rapporto tra procedimenti paralleli siano essi di natura civile o amministrativa, il rapporto fra il rimedio amministrativo e l’azione di risarcimento del danno. L’indagine si inserisce in un quadro assai complesso poiché le nuove tecnologie mettono costantemente alla prova il processo legislativo, così come l’interpretazione e l’applicazione delle pertinenti disposizioni di legge.
According to Article 8 of the Charter of Fundamental Rights of the European Union, everyone has the right to the protection of personal data concerning them, which must be processed correctly, for ...the purposes specified and with the consent of the data subject or on another legitimate reason provided by law (the fundamental right to the protection of individuals with regard to the processing of personal data). The General Data Protection Regulation – GDPR (Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27th, 2016) sets out the conditions that must be met for the processing of personal data to be lawful. This article analyses aspects regarding the content of the notion of personal data considered necessary for the conclusion or execution of a contract.
On 15 June 2021, the Court of Justice of the European Union (CJEU) ruled in case C-645/19 between Facebook and the Belgian Data Protection Authority. The CJEU offered some clarification on the ...General Data Protection Regulation's (GDPR) one-stop-shop mechanism. In particular, the Court addressed the question of whether a national supervisory authority that is not the lead authority can bring legal proceedings before a court in its Member State with respect to the cross-border data processing. In its judgment, the CJEU reaffirmed the allocation of competences between the 'lead' and 'concerned' supervisory authorities laid down by the GDPR, while emphasising the importance of sincere and effective cooperation between them, in order to ensure consistent and homogeneous implementation of the GDPR.
Full text
Available for:
BFBNIB, IZUM, KILJ, NUK, PILJ, PNG, SAZU, UL, UM, UPUK
Con il decreto legge n. 132 del 2021, convertito in legge con modificazioni, è stato offerto riparo alla bistrattata disciplina della "Conservazione di dati di traffico per altre finalità" al fine di ...renderla conforme alla normativa europea in materia di protezione dei dati personali ed alle decisioni della Corte di giustizia in questo ambito. La novella legislativa – intervenuta sull’aspetto procedurale della materia, con la previsione di ulteriori condizioni e limiti per l’acquisizione dei dati di traffico telefonico e telematico – per quanto apprezzabile pare non essere stata in grado di superare tutte le lacune presenti nella disciplina della data retention. Ne è un esempio il mancato intervento sui tempi di conservazione dei dati, riforma auspicata dal Garante per la protezione dei dati personali, ma, ad oggi, inattuata. Altro aspetto su cui il legislatore è rimasto silente è la delimitazione dell’ambito soggettivo dell’acquisizione dei dati di traffico per fini di giustizia, ovvero l’opportunità di individuare, con maggior specificazione, i soggetti nei confronti dei quali l’organo giudicante potrebbe autorizzare il conseguimento dei tabulati, dal momento che il fenomeno coinvolge non solo il diritto alla riservatezza dell’indagato ma anche delle persone con cui questi entra in contatto. Ciò premesso, con il presente contributo si intende offrire una rilettura del mezzo di ricerca della prova in esame che – nell’equo contemperamento dei diritti in gioco – si soffermi sulla nuova fisionomia assunta dalla data retention nell’era della digitalizzazione, riflettendo, in particolare, sui traguardi già varcati dal legislatore e su quelli che, a gran voce, chiedono, ancora, di essere raggiunti.
The article elaborates the legal basis for data processing provided in Article 12, item 6 of the Law on Personal Data Protection, Official Gazette of the Republic of Serbia no. 87 as of 13 November ...2018. The article deals with the comparative advantages of implementing this legal basis in relation to others and provides a practical overview in terms of legitimate interest as an equivalent legal basis to other legal bases of data processing. Examples of good practice of the British Supervisory Authority for Personal Data Protection, as well as the practice of the Agency for Personal Data Protection - the Croatian supervisory authority for data protection - are presented, as well as a significant part of the exceedingly relevant Opinion no. 06/2014 of the Working Party referred to in Article 29 of the cited Directive 95/46 (now the European Data Protection Board). Special attention is given to the so-called LIA, a legitimate interest assessment document and a test of the balance between legitimate interest and the rights and freedoms of individuals, with regard to the processing of personal data. Finally, the article presents the safeguards that must be provided to individuals whose personal data are processed - as well as the need for transparency - in terms of informing individuals of the existence of a legitimate interest, as well as all other necessary information that must be provided to ensure the fair and lawful processing of personal data.
An individual's personal information identifies him and reveals who he is. Being aware of data privacy can help protect personal information from leakage. However, awareness is not enough. Conscious ...effort to understand and familiarize one's self on the provisions of data privacy should also be exerted to guarantee safety. The study used mixed methods of research on the knowledge of stakeholders and practice of the library and librarians on Philippine Data Privacy Act (DPA) of 2012 using a researcher-made questionnaire. The data were determined by computing the frequencies and percent values of the "Yes" responses of the 115 library stakeholders of Saint Mary's University. It was found that despite the library stakeholders' great knowledge of the DPA, they also exhibited insufficient knowledge on some provisions. In addition, the library exhibited great practice and compliance to the DPA, however there is a need to improve those provisions with poor practices.
Objectives The Central Anticorruption Bureau as a special service of the Polish state, constitutes a new quality in public life. His actions may pose a threat to the constitutional rights of the ...individual. In order to monitor the process of protection of personal data in this institution, the Proxy for the Control of Personal Data Processing was appointed in the Office. None of the Polish special services has such an institution. Material and methods Data from the CBA publication and articles and studies describing the roles and tasks of the CBA Results The broad autonomy of the Plenipotentiary and the special way of its dismissal is one of the essential guarantee elements of the independence of its activities. In this context, it can be stated that the Plenipotentiary performs a guarantee function for the protection of personal data. A similar remark should be made regarding the implementation of constitutional civil rights in the scope of privacy protection - including personal data. It should be noted, however, that this protection would be more complete if the provisions of the Act on the Central Anticorruption Bureau allowed for the appointment of a proxy also among other persons, including those from outside the CBA Conclusions The Central Anticorruption Bureau has an institutionalized system of personal data protection, properly anchored in legal regulations, with real protection possibilities.
This paper analyses two judgments from the European Court of Justice. Both were delivered soon after the new Data Protection Regulation became applicable. The argumentation in the judgments provides ...timely clarification on certain key concepts in European data protection law. As the analysis will show, the ECJ continues its broad interpretation of the parties responsible for data processing. The judgments are generally compatible with the Court's previous case law, which seeks to fill any potential gaps in the protection of individuals' privacy rights. Hence, the aims of data protection rules are predominately interpreted by the Court within a fundamental rights framework. Even though the cases have certain significant differences, the conclusions to be drawn are similar: the argumentation of the Court is focused on data protection throughout. Moreover, the Court emphasises strong protection of personal data in all kinds of situations, even those where other rights could also be relevant.
Full text
Available for:
BFBNIB, NUK, PILJ, PRFLJ, SAZU, UL, UM, UPUK
There is no doubt that the issue of personal data protection constitutes the basis of the democracy. Legislator, should very much precisely indicate standards of processing them. The technological ...development, the digitization and the computerization of systems, forced the alteration in the scope into accepting relevant regulations, concerning using with personal data from a distance, i.e. using electronic communication means. Moreover, to the purpose of the unification of provisions of member states of the European Union, a so-called general regulation on the protection of personal data was created (RODO), constituting the framework of correct functioning of provisions of law in the entire European Union, on the question of using personal data of its citizens. The purpose of the article is to indicate legal changes resulting both from the regulation on the protection of personal data, and the act on personal data protection, with particular reference on the rights of persons which data concerns. The first part of the work is concentrating on the issue of processing personal details and the scope of responsibilities of data administrators. The administrators are in cooperation with data protection supervisors, responsible for registering the data processing activities, including current control and response to situations of incorrect processing. In second, will be introduced, such principles as: right to be forgotten and the right to the transfer operation of personal data. Research methods contain legal acts together with publications in the field.