Asmens duomenų apsauga darbo vietoje / Protection of personal data at the workplace

Bučinskas, Liudas

20 March 2006

Naujų informacinių technologijų pažanga įtakojo ir darbo santykius, iš esmės pakeitė darbo vietos supratimą, supaprastino ir paspartino daugelį darbo procesų. Tačiau tai parodė ir neigiamą savybę: darbdaviui atsirado poreikis kontroliuoti, kokiais tikslais darbo vietoje darbuotojai naudoja informacinės technologijas ir ar jomis nepiktnaudžiauja, tam pasitelkiant elektronines sekimo priemones. Elektroninio stebėjimo ir kontrolės priemonės įgalino darbdavius rinkti milžiniškus kiekius duomenų apie savo darbuotojus ar net kištis į jų asmeninį gyvenimą. Todėl išryškėjo konfliktas tarp darbuotojo teisės į privatumą ir darbdavio teisėtų verslo interesų, kurio sprendimo variantas – teisinėmis priemonėmis pasiektas balansas tarp šių teisinių vertybių. Darbo tema „Asmens duomenų apsauga darbo vietoje“ yra pakankamai plati, todėl autorius iš esmės nagrinėja, jo manymu, vieną problematiškiausių aspektų – elektroninį darbuotojų stebėjimą iš kontrolę. Darbe siekiama atskleisti privatumo darbo vietoje ribas, analizuojamos literatūroje pateikiamos elektroninio darbuotojų stebėjimo ir kontrolės priežastys, nagrinėjamos technologijos ir būdai darbuotojams sekti bei jų keliama grėsmė darbuotojų privatumui. Taip pat autorius analizuoja teisinio reglamentavimo ypatumus, susijusius su darbuotojų privatumu bei jų elektroniniu stebėjimu ir kontrole skirtingose teisinėse sistemose, daugiausiai remdamasis JAV, ES ir Lietuvos teisės aktais ir identifikuodamas pagrindines problemas. Nagrinėdamas... [to full text] / The progress of new modern technologies has made an impact on industrial relations and essentially changed the concept of a workplace. The work aims to reveal workplace privacy limits, to analyse the reasons of electronic monitoring and surveillance found in literature, to investigate the methods and technologies to survey employees and the possible threat to employees privacy caused by these methods. The author also analyses the peculiarities of legal regulations related to employees’ privacy and electronic monitoring and surveillance in different legal systems, his analyses being mainly based on the law of the USA, the EU and Lithuania and on the identification of the main problems.

Law

Privatumas

Elektroninis stebėjimas ir kontrolė

Asmens duomenų apsauga

Privacy

Elektronic monitoring and surveillance

Personal data protection

Ochrana osobních údajů při podnikání / Personal data protection while carrying on business

Hricová, Kateřina

January 2016

Personal data protection is only one of many specific fields of administrative law. In everyday life, personal data and their protection are quite wide area that deserves our full attention and it's possible to study it extensively. This diploma thesis deals specifically with personal data protection while processing them. First of all, it defines the right to privacy and the term personal data. Further, it deals with basic legal requirements concerning personal data processing based on Act no. 101/2000 Coll., on the protection of personal data, including transfer of personal data to other countries and its recent development in Safe Harbor principles that are rules for transfer of personal data into United States of America. Besides personal data being a unique tool to distinguish individuals from each other, they are a very useful and valuable tool in business too. Therefore the most common way of personal data processing is while carrying on a business. At the end of this thesis, some specific situations were chosen to demonstrate how entrepreneurs process personal data of their customers and other persons they come into contact with. Then the basic obligations of data processing are analyzed with respect to real situations.

Návrh ochrany osobních dat dle obecného nařízení EU 2016/679 ze dne 27. dubna 2016 / The proposal for personal data protection according to the general Regulation (EU) 2016/679 of 27 April 2016

Bartoňová, Julie

January 2018

This diploma thesis solves the proposal for personal data protection according to the Regulation (EU) 2016/679 of 27 April 2016 (generally known under the abbreviation GDPR) in a chosen company. The thesis begins with a theoretical background followed by the part devoted to the analysis of the company. These results are further confronted with the own solution which is presenting the proposals and recommendations to bring the selected company into line with the GDPR.

Ochrana osobních údajů před vznikem a při vzniku pracovního poměru / Personal data protection before and during the establishment of the employment relationship

Adámek, Jan

January 2021

Personal data protection before and during the establishment of the employment relationship The diploma thesis is devoted to personal data protection before and during the establishment of the employment relationship. The objective of this thesis is to outline the personal data protection in the context of the employment relationship establishment, to give a comprehensive overview of its legislation in particular, describe the basic terms and principles relating to this subject matter and specify the most important rights and obligations regarding both stages of the employment relationship establishment. The basis for the thesis is primarily the legislation of the General Data Protection Regulation and Personal Data Processing Act 2019 (No. 110/2019 Coll.). The diploma thesis is divided into four chapters. The historical events with a significant influence on the personal data protection development are described in the first chapter. This chapter also explains the concept of a right to privacy and separation of the right to protection of personal data from it. The second chapter deals with personal data protection legislation on the international level, as well as EU level and national level. The third chapter defines selected fundamental terms relating to personal data protection, particularly...

The right to the protection of personal data. Some relevant topics about its regulation in Peru / El derecho a la protección de los datos personales. Algunos temas relevantes de su regulación en el Perú

Eguiguren Praeli, Francisco José

25 September 2017

What guarantees do we have as titleholders of theright to personal data protection? Does the Political Constitution of 1993 truly protect this right in aproperly way? Which role does the relatively recentPeruvian Law on the Personal Data Protection playto that effect?In this article, the renowned constitutionalist gives answers to these questions with a brief and detailed analysis of the Peruvian Law on the Personal Data Protection and its rules of procedure, focusing in its pros and cons, but also of the Peruvian National Personal  Data  Protection  Authority’s  role  and functions to that effect. / ¿Qué garantías tenemos como titulares del derecho a la protección de datos personales? ¿Realmente la Constitución Política de 1993 tutela adecuadamente este derecho? ¿Qué rol juega al respecto la relativamente reciente Ley de Protecciónde Datos Personales?En el presente artículo, el reconocido constitucio- nalista da respuesta a estas cuestiones con un breve pero detallado análisis de la Ley de Protección de Datos Personales y su reglamento, incidiendo en sus ventajas y desventajas, así como del rol y funciones de la Autoridad Nacional de Protección de Datos Personales al respecto.

Law

Habeas Data

Hábeas Data

Autodeterminación Informativa

Ley De Protección De Datos Personales

Usability Issues in the User Interfaces of Privacy-Enhancing Technologies

LaTouche, Lerone W.

01 January 2013

Privacy on the Internet has become one of the leading concerns for Internet users. These users are not wrong in their concerns if personally identifiable information is not protected and under their control. To minimize the collection of Internet users' personal information and help solve the problem of online privacy, a number of privacy-enhancing technologies have been developed. These so-called privacy-enhancing technologies still have usability issues in the user interfaces because Internet users do not have the choices required to monitor and control their personal data when released in online repositories. Current research shows a need exists to improve the overall usability of privacy-enhancing technology user interfaces. A properly designed privacy-enhancing technology user interface will give the Internet users confidence they can monitor and control all aspects of their personal data. Specific methods and criteria for assessing the usability of privacy-enhancing technology user interfaces either have not been developed or have not been widely published leading to the complexity of the user interfaces, which negatively affects the privacy and security of Internet users' personal data. This study focused on the development of a conceptual framework, which will provide a sound foundation for use in assessing the user interfaces of Web-based privacy-enhancing technologies for user-controlled e-privacy features. The study investigated the extent to which user testing and heuristic evaluation help identify the lack of user-controlled e-privacy features and usability problems in selected privacy-enhancing technology user interfaces. The outcome of this research was the development of a domain-specific heuristics checklist with criteria for the future evaluation of privacy-enhancing technologies' applications user interfaces. The results of the study show the domain-specific heuristics checklist generated more usability problems and a higher number of severe problems than the general heuristics. This suggests domain-specific heuristics can be used as a discount usability technique, which enforces the concept of usability that the heuristics are easy to use and learn. The domain-specific heuristics checklist should be of interest to privacy and security practitioners involved in the development of privacy-enhancing technologies' user interfaces. This research should supplement the literature on human-computer interaction, personal data protection, and privacy management.

Domain-Specific Heuristics

Human-Computer Interaction

Personal Data Protection

Privacy-Enhancing Technologies

Privacy Management

Usability

Computer Sciences

基於存取目的之個資控管框架-以銀行業為例 / Purpose-Based PII Control Framework - A Banking Perspective.

鄭明璋, Cheng, Ming Chang

Unknown Date

新版「個人資料保護法」在民國99年5月公布，並正式實施於民國101年10月；隨著新法的實施，不管是公部門或民間組織，都投入大量資源以期改善並確保自己的組織對於個人資料之蒐集、處理與利用，能夠符合「個人資料保護法」的要求。 由於業務特性，個人資料的蒐集、處理與利用，乃是銀行業者日常必須面對的課題。雖然舊版個資相關法令「電腦處理個人資料保護法」與「銀行法」對於個人資料的處理都已有相關規定，但由於稽核與舉證困難、罰則過輕等原因，業者並未真正重視個資保護課題，善盡個資保護的責任，所以銀行發生個資外洩的案例時有所聞。新版「個人資料保護法」正式實施後，舉證責任歸屬由當事人變成企業，在疑似個資外洩事件發生時，企業須舉證其組織之系統或機制已對個人資料之控管機制已滿足「個人資料保護法」的要求，盡到完善管理之責任。因此業者不得不投入大量資源來周全組織內對於個人資料的保護與稽核機制，把新版法規的各項規定要求納入系統功能範疇。 伴隨「個人資料保護法」的實施，法務部頒布了「個人資料保護法之特定目的及個人資料之類別」細則來明確規範個人資料的類別範疇、以及存取個人資料之目的。本研究即針對此項要求，歸納分析銀行業的業務現況，並納入未來業務發展之可能需求，設計一具備彈性之個資存取框架以管理個資分類與存取目的，進而滿足「個人資料保護法」的要求。 / As the latest version of the "Personal Data Protection Act (PDPA)" published on May, 2010, and formally implemented since October, 2012, all public and private sector organizations need to put in significant resources to meet the strengthened legal requirements of personal data collection, processing and utilization. Yet banks are among the first to be affected by them, as personal data collection, usage and handling are essential to their daily operations. Therefore, this thesis investigates the compliance of PDPA from a banking perspective. A distinguished feature of the new "Personal Data Protection Act" is the inclusion of "purposes" in regulating access to personal data, namelyan organization must get the informed consent from its customer regarding how her personal data will be used, namely privacy preferences. Currently, employing a proper access control mechanism to protect customer's data is a well-accepted discipline in bank information system (BIS) development. However, the design of such mechanisms hardly includes the requirement of supporting customers’ preferences regarding the use of their personal data. It is therefore highly desirable to extend a BIS's access control to handle customers' privacy preferences. This thesis investigates the common practices of bank operations and presents a purpose-based access control framework for future BIS development. Specifically, we derive a classification of bank customers' personal data and purpose categories for bank operations so that the proposedaccees control framework can ensure all accesses to customers' personal data match their granted access purposes. As a result, the framework will lay a foundation to the compliance of PDPA for a bank.

個人資料保護法

隱私

目的

Personal Data Protection Act

Privacy

Purpose

Sledování zaměstnanců při práci / Monitoring of employees during work

Holsteinová, Lenka

January 2015

THE MONITORING EMPLOYEES AT WORK The thesis deals with the legal protection of privacy and property in connection with the employees monitoring. The legal practice solves this problematic area in a different ways, which makes this topic highly actual. The thesis is composed of six chapters, each of them describes important aspects of the employees monitoring. First two chapters are introductory and define basic terminology and legal principles related to the personal data protection. Chapter Three focuses on the privacy as a fundamental human right and points out the issue of the confrontation with other values. Possibilities to enforce the right of privacy are outlined in the last part of this chapter. Chapter Four examines relevant Czech legislation concerning employees monitoring and personal data protection in labor law relations. The means of employees monitoring are analyzed in Chapter Five, which is subdivided into five parts - camera surveillance systems, correspondence confidentiality, internet use, GPS localization and biometric identification and authentication. Chapter Six seeks to describe the relevant Czech case law and illustrates the approach to decision-making by the administrative authority. The thesis strives for the brief analysis of employees monitoring in terms of generally binding...

Kamerové systémy na veřejných prostranstvích - zajištění bezpečnosti nebo ohrožení soukromí? / Camera systems in public spaces - ensuring safety or endangering privacy?

Tokárová, Michaela

January 2014

of the Thesis This thesis deals with a problem of surveillance in public spaces. In the introduction it was specifies that the main aim of the thesis is to give a complex view on the topic of surveillance cameras in public areas from the constitutional law perspective. In the Czech republic, no further discussion has developer and legislatively, the issue is only regulated by the personal data protection law. And this regulation is not even complex, it only deals with CCTV kind of cameras, excluding the ones without storing the data. In the beggining of the thesis I explai right to privacy and under which conditions it can be limited. The core of the paper deals with camera systems themselves, their use, pros, cons and effecitivity. Later I describe opinions of some offices and states on the topic. Proportionality test of the constitutional court and the ECHR to balance right to privacy with the state responsibility for public safety was conducted in the last part of the thesis. The advantage of CCTV is that thez provie impression of security to the citizens. They discourage potential perpetrators and help to maitain security of individuals, property and public interests, as well as detection, prevention and conviction of criminals. It helps securing proofs for future trials. On top of that, CCTV...

Ochrana osobních údajů v pracovněprávních vztazích / Personal data protection in labour law relationship

Morávek, Jakub

January 2013

PERSONAL DATA PROTECTION IN LABOUR LAW RELATIONSHIP JUDr. Jakub Morávek The thesis is concerned with personnel data protection in connection with labour-law relationships. Personnel data protection issue is approached completely here and explanation of it is organically interconnected with cases of its use in labour-law relationships. Factually the thesis is output of grant-aided project GAUK No. 121009 "Personnel data protection in labour-law relationships" researcher of which the author was in the years 2009 - 2012. By no chance the name of above mentioned grant-aided project is identical with the name of the thesis. From the very beginning of the research of the project a monograph dealing with personnel data protection in the context of labour-law relationships, or more precisely thesis dealing with this topic that would be published, was planned as its output. Within four years of intense engagement in personnel data protection in labour-law relationships, in three of which the author worked on above mentioned project, almost thirty articles and papers in professional periodicals and collections,monograph anda rigorous thesis focused on personnel data protection in the process of employment relationship commencement, monograph focused on personnel data protection in the process of personnel...