Ochrana osobních údajů v právu Evropské unie / Personal data protection under the law of European Union

Novotná, Lucie

January 2018

Personal data protection under the law of European Union ABSTRACT The diploma thesis discusses the legal regulation of personal data protection under the European Union law with focus on the rights of data subjects, i.e. natural persons whose personal data are being processed. The aim of the thesis is to compare the current legal regulation of the rights of data subjects (directive on the protection of individuals with regard to the processing of personal data and on the free movement of such data) with the legal regulation with forthcoming effectiveness (GDPR) with focus on the issue how the new legal regulation dealt with the problems for which the Directive has been criticised and how it dealt with problematic parts of the regulation of the rights of data subjects. The diploma thesis consists of five parts including the introduction, the conclusion and three chapters of the own text. The chapter one contains the introduction to the field of personal data protection, including the brief history of the development of personal data protection, and it is further divided into the sub-chapters where the primary and secondary law concerning personal data protection in the European Union and its development are introduced. The human rights context of personal data protection is also discussed in this chapter....

Marketingové využití osobních údajů klientů v bankovnictví / Marketing application of personal data of clients in banking

Šotola, Jiří

January 2012

The master thesis named "Marketing application of personal data of clients in banking" combines themes of personal data and marketing. The first part is devoted to the protection of personal data in general, sources from which financial institution gain data of their clients and support for this in the legislation. The second part deals with specific cases of marketing application of personal data and trying to find the solution of its problematic parts. A large part is devoted to the personal data processing as an core act between processors and data subjects and CRM, as a possible way of client data application.

Ochrana osobních údajů / Protection of personal data

Nutilová, Helena

January 2014

The primary aim of this dissertation thesis is to present a comprehensive analysis of the issue of personal data protection in the Czech Republic with regard to the regulation in the EU. The secondary goal of this work is to explore the historical genesis and material sources of the issue in question. The core information sources from which the thesis draws represent laws, judicial decisions, official documents and Czech/foreign expert literature. In order to achieve the objectives of the work, the methods that are generally applicable in the field of legal science were used. Therefore the method of description (including classification), analysis and synthesis is mostly applied. The dissertation consists of seven chapters. After a short introduction, it begins with a sociological treatise on the importance of the protection of personal data in the 21st century. Privacy is currently an important topic in the light of the rapid development of information and communication technologies which have been developing since the second half of the 20th century and burgeoned since the turn of the century. Technological innovations allow for the collection of personal data on a large scale. These privacy infringements can prove to be irreversible, hence the importance of this area of law. The personal data...

Asmens duomenų apsauga žmogaus teisių kontekste / Private Data Protection in the Context of Human Rights

Slabačiauskas, Erikas

24 February 2010

Šiame darbe taikant tiek teorinius, tiek empirinius metodus, detaliai analizuojamas žmogaus teisių institutas, naujoji asmens duomenų apsauga Lietuvos elektroninėje erdvėje, kuri kol kas mokslinėje literatūroje buvo aptariama tik fragmentiškai, nors viešojoje erdvėje ši tema nuolat susilaukia pačių įvairiausių vertinimų. Nors darbe daugiausia koncentruojamasi į asmens duomenų prevencinių priemonių teisinio reglamentavimo prieštaringumus, atkreipiamas dėmesys ir į ginčytinų teisės normų pagrindu kylantį galimą konstitucingumo klausimą. Darbą sudaro dvi dalys. Pirmojoje aptariamos bendrosios žmogaus teisių instuto tendencijos: pateikiamos įvairios žmogaus teisių ir laisvių koncepcijos interpretacijos, istorinė analizė ir vaidmuo socialinėje aplinkoje, charakterizuojama žmogaus teisių apsaugai reikšmingų teisės normų reglamentacija, įvertinamas galimas teisės normų kolizijos atvejis dėl Direktyvos 2006/24/EB integracijos į Lietuvos teisyną. Antrojoje darbo dalyje identifikuojamos apsaugos priemonių ir žmogaus teisės į privatumą teisinio reglamentavimo ir praktikos problemos. Darbe nustatyta, jog telekomunikacijų teikimo bendrovės rizikuoja pažeisti žmogaus teisę į privatumą asmens duomenų apsaugos srityje dėl nepakankamai sureguliuotų priemonių internervencijos. Be to, atkreiptinas dėmesys į tai, kad naujosios duomenų apsaugos teisės normos gali prieštarauti Lietuvos Respublikos Konstitucijos saugomoms vertybėms. Atsižvelgiant į nustatytas asmens duomenų apsaugos politikos... [toliau žr. visą tekstą] / This work, using both theoretical and empirical methods, in detail analyses The Institute of Human Rights, the new personal data protection in Lithuania’s electronic communications, which in scientific literature has only been discussed in fragmentary, although publicly this theme constantly receives a wide range of estimates. Although the work is mostly concentrated on contradictions in regulations of personal data preventative measures, it also draws attention to the possible constitutionality issue raised on the basis of controversial rules of law. The work consists of two parts. The first part discusses the general tendencies of The Institute of Human Rights: provides various interpretations on The Concept of Human Rights, historic analysis and their role in the social environment; characterizes rules of law regulations that are significant to The Human Rights protection; assesses the possible conflict of laws in the case of Directive 2006/24/EC integration into the Lithuania’s statute-book. The second part identifies legal and practical issues of The Human Right to Privacy and security measures. The paper found, that telecommunications companies are at risk to violate The Human Right to Privacy in the field of personal data protection due to intervention of insufficiently regulated measures. In addition, attention is drawn to the fact that the new rules of law on data protection may contradict the values protected by Constitution of the Republic of Lithuania... [to full text]

Law

Žmogaus teisės

Privataus gyvenimo laisvė

Duomenų subjektas

Elektroninės ervės apsauga

Konstitucingumo klausimas

The human rights

The human right to privacy

Data subject

Protection of electronic communications

Constitutionality

Data Subject Rights in Mental Health Applications : Assessing the Exercise of Data Subject Rights under the GDPR / Rättigheter för Registrerade Personer i Mentala Hälsoappar : En Bedömning Enligt GDPR

Gustafsson, Oliver

January 2024

The rapid growth of Mobile Health (mHealth) applications, particularly those focusedon mental health, has provided accessible and affordable support for users’ well-being.However, this growth has raised substantial privacy concerns, especially regardinghandling sensitive personal health data. This thesis evaluates the extent to whichmental health apps allow users to exercise their Data Subject Rights (DSRs) under theEuropean General Data Protection Regulation (GDPR) and provides recommendationsfor enhancing data protection and user privacy. The primary objectives are to identifythe relevant DSRs for mental health apps, empirically assess the extent to which suchrights are respected on the existing apps, and propose actionable recommendationsfor improvement. The study’s methodology involved a comprehensive review ofprivacy policies, using automated tools for privacy assessment, and submitting DataSubject Access Requests (DSARs) to app providers. Findings indicate that whilesome apps demonstrate high conformity with DSRs, the majority still falls short invarious aspects. Common issues include inadequate transparency in privacy policies,incomplete responses to DSARs, and non-compliance with the right to data portability.Specifically, only 45.5% of apps responded to the DSARs with a partial or completeanswer, and only 40% of the responses contained data in machine-readable formats,meeting the requirements for data portability. The study emphasizes the need formental health app developers to enhance privacy practices, ensuring users are fullyinformed about data collection and usage, can easily access and delete their personaldata, and receive their data in portable formats. Recommendations include improvingthe clarity and accessibility of privacy policies, adopting best practices for datasecurity, and implementing user-friendly mechanisms for data access and deletion. Inconclusion, while progress has been made in GDPR compliance among mental healthapps, significant improvement is still needed. Addressing these challenges will betterprotect user privacy, build trust, and support the responsible development of digitalhealth technologies. / Den snabba tillväxten av mobila hälsoappar, särskilt de som fokuserar på psykisk hälsa,har gjort det möjligt för användare att få tillgång till prisvärt och lättillgängligt stöd förderas välbefinnande. Men denna tillväxt har också väckt betydande integritetsfrågor,särskilt när det gäller hantering av känsliga personuppgifter om hälsa. Dettaexamensarbete utvärderar i vilken utsträckning hälsoappar för psykisk ohälsa tillåteranvändare att utöva sina rättigheter enligt den europeiska dataskyddsförordningenoch bidrar med rekommendationer för att förbättra dataskydd och användarintegritet.De primära målen är att identifiera relevanta rättigheter för hälsoappar för psykiskohälsa, empiriskt bedöma i vilken utsträckning sådana rättigheter respekteras ibefintliga appar och föreslå konkreta rekommendationer för förbättring. Studienhar genomförts med en omfattande granskning av integritetspolicys, användning avautomatiserade verktyg för integritetsbedömning och inlämning av begäranden omregisterutdrag till applikationsleverantörer. Resultaten visar att även om vissa apparuppvisar hög överensstämmelse med rättigheterna från GDPR, faller majoritetenfortfarande kort på flera områden. Vanliga problem inkluderar otillräcklig transparensi integritetspolicys, ofullständiga svar på DSARs och bristande efterlevnad av rätten tilldataportabilitet. Specifikt svarade endast 45,5% av apparna på DSARs med ett delviseller komplett svar, och endast 40% av svaren innehöll data i maskinläsbara format,vilket uppfyller kraven för dataportabilitet. Studien betonar behovet för utvecklare avhälsoappar för psykisk ohälsa att förbättra deras integritet, säkerställa att användareär fullt informerade om datainsamling och användning, lätt kan komma åt och raderasina personuppgifter samt ta emot sin data i portabla format. Rekommendationerinkluderar att förbättra tydligheten och tillgängligheten av integritetspolicys, antabästa praxis för datasäkerhet och implementera användarvänliga mekanismer fördataåtkomst och radering. Sammanfattningsvis, även om framsteg har gjorts i GDPR-efterlevnad bland hälsoappar för psykisk ohälsa, behövs betydande förbättringar. Attta itu med dessa utmaningar kommer att bättre skydda användarnas integritet, byggaförtroende och stödja den ansvarsfulla utvecklingen av digitala hälsoteknologier.

data protection

privacy

Data Subject Rights

GDPR

mobile health

mHealth

mental health apps

empirical study

dataskydd

integritet

Datasubjektets rättigheter

GDPR

mobil hälsa

mentala hälsoappar

empirisk studie

Computer Sciences

Datavetenskap (datalogi)

Управление деятельностью по обработке персональных данных на примере региональных органов Роскомнадзора : магистерская диссертация / Management of personal data processing on the example of regional bodies of Roskomnadzor

Бураков, В. В., Burakov, V. V.

January 2019

The master's work consists of 74 sheets, 59 bibliographic sources are used. The relevance of the research topic. The activity of Roskomnadzor in protecting the rights of personal data subjects, with the increasing influence of information technology on all spheres of society, is more important than ever. At the same time, the activities of this body are not as effective as modern realities require. Protocol of amendments to the said Convention in October 2018. The purpose of this master's thesis is to explore the management of personal data processing activities and formulate recommendations for its improvement. To achieve this goal it is necessary to solve the following tasks: get acquainted with the theoretical foundations of the processing of personal data; to compile a characteristic of Roskomnadzor as a state body and business entity using the example of the Roskomnadzor Office in the Urals Federal District; to analyze the results of Roskomnadzor's activities in the field of personal data; develop recommendations for improving the activities of Roskomnadzor in the field of personal data. The studies carried out allowed the formation of a number of measures to improve the activities of Roskomnadzor in protecting the rights of personal data subjects. The significance of the developed measures is characterized by an increase in the effectiveness of the fight against offenses in all spheres of society. / Магистерская работа состоит из 74 листа, использовано 59 библиографических источников. Актуальность темы исследование. Деятельность Роскомнадзора по защите прав субъектов персональных данных, с увеличением влияния информационных технологий на все сферы жизни общества важна как никогда. При этом, деятельность этого органа не так эффективна, как того требуют современные реалии. Протокола изменений к упомянутой Конвенции в октябре 2018 года. Цель данной магистерской диссертации – исследовать управление деятельностью по обработке персональных данных и сформировать рекомендации по её совершенствованию. Для достижения поставленной цели необходимо решить следующие задачи: ознакомиться с теоретическими основами обработки персональных данных; составить характеристику Роскомнадзора как государственного органа и хозяйствующего субъекта на примере Управления Роскомнадзора по Уральскому федеральному округу; провести анализ результатов деятельности Роскомнадзора в области персональных данных; разработать рекомендации по совершенствованию деятельности Роскомнадзора в сфере персональных данных. Проведенные исследования позволили сформировать ряд мероприятий по совершенствованию деятельности Роскомнадзора по защите прав субъектов персональных данных. Значимость разработанных мероприятий характеризуется повышением эффективности борьбы с правонарушениями во всех сферах жизни общества.

MASTER'S THESIS

PERSONAL DATA

PROFESSIONAL ACTIVITIES

PERSONAL DATA SUBJECT

DIRECTIVE 95/46/EC

INVIOLABILITY PRINCIPLE

LIABILITY PRINCIPLE

BIG DATA

PERSONAL DATA LAW

ПЕРСОНАЛЬНЫЕ ДАННЫЕ

ДИРЕКТИВА 95/46/ЕС

БОЛЬШИЕ ДАННЫЕ