Den ofredade sfären : En studie om digital integritet och i vilken mån skydd av denna inskränker den enskilde individens rätt till självbestämmande / Protection of Digital Integrity : The extent to which it infringes on personal autonomy

Lindeberg Sandahl, Lisa

January 2020

The increasing digitalization of society has led to new legal issues related to the protection of personal integrity, particularly the protection of personal data. Digitalization allows for greater possibilities for private individuals to access the personal data of others. As the General Data Protection Regulation (GDPR) is not applicable on treatment of personal data by individuals, there is a risk of a loophole forming allowing breaches of personal integrity committed by individuals.                        This paper clarifies the meaning of the term ‘personal integrity’ in a digital context, focusing on how digital integrity is separate from physical integrity, and which key elements constitute personal integrity, be it physical or digital. The paper also discusses how the term previously has been used in legal documents, notably in the UDHR, the EU Charter (focus on dignity) and Swedish legislation (focus on the personal sphere). Furthermore, the paper examines whether the protection of personal integrity can motivate an infringement of the right to personal autonomy of the individual in question.                        The discussion on personal integrity is followed by an analysis of the protection on a physical and digital level respectively in order to clarify whether the different protections can be considered equivalent, and to what extent it would be appropriate for them to be so. This is done taking into account that strengthening protections of personal information would require limiting the individual’s right to autonomy, which in turn infringes upon their dignity.                       The consequences that can arise by an intrusion of the digital integrity can be serious, wherefore one could argue that the protection thereof should be as strong as the protection from intrusions of the individual’s physical integrity. Should the consequences of intrusion of personal integrity be as strong on both the physical and digital level, then the protection of digital integrity may need to be strengthened. This could potentially require further infringements of the individual’s right to autonomy. Such an infringement must therefore always be preceded by an appropriate proportionality assessment, aiming to find a solution minimizing the total infringement on the rights of the individual.

privacy

personal integrity

personal data

digitalization

human dignity

personal autonomy

GDPR

Law

Juridik

Problematika využití biometrických údajů v pracovněprávních vztazích / The issue of the use of biometric data in labour relations

Dobiášová, Lucie

January 2021

The issue of the use of biometric data in labour relations Abstract This diploma thesis deals with the current topic of the legal framework for the protection of biometric data in the context of labour relations. With the development of information technology, interest in the use of biometric data is growing. It is becoming common in the workplace that the biometric data are used, among others, for recording attendance, gaining access either to the workplace itself or to the individual work equipment. Their use is simple and convenient, as employees can use for verification their fingerprints, iris scans, etc. However, biometric data are inherently unchangeable, which is an advantage as well as the Achilles heel of their processing. Therefore, due to their nature, they fall into the category of sensitive personal data and as such enjoy enhanced protection. Development in the field of information technology suggests that biometric data are highly likely to become part of everyday life. Hence, it is more than appropriate for this development to be reflected in the legislation. The aim of this diploma thesis is to provide a general insight into the issue of using biometric data in the labour relations, where a particularly high increase in their use can be expected. The first part of this thesis acquaints the...

Osobní údaje jako komodita / Personal data as a commodity

Juřičková, Jelizaveta

January 2021

in English Abstract The thesis aims to fathom different aspects of the commodification of personal data. The topic is an issue of current interest. On one hand, due to the constant improvement of the technology of collecting and processing personal data, individuals are becoming very vulnerable. Techniques of influencing their thinking and decision-making based on their personal data have become so subtle and insidious that they often go unnoticed by the individuals. On the other hand, the development of the data economy can contribute to many goals that benefit society. This paper aims to answer two research questions. The first research question is how to guarantee the secure processing of personal data and to eliminate negative impacts on the subject and on society. The second research question concerns both ensuring adequate access of digital industry to personal data and empowering the data subject. Given the complexity of the issue and the confusion about the meaning and interpretation of basic concepts such as personal data and information, it is necessary to first briefly outline the nature and characteristics of personal data. The next two chapters analyse the legal means to achieve the objectives set out in the research questions. The final chapter provides a summary of recommendations on...

Informační bezpečnost jako ukazatel výkonnosti podniku / Information Security as an Indicator of Business Performance

Gancarčik, Rastislav

January 2017

The content of this thesis is a proposal of methodology for evaluating company's performance in areas of information security, while their performance will be judged based on compliance with standard ISO/IEC 27001:2013, Act no. 181/2014 Coll., Regulation 2016/679 of European Parliament and Directive 2016/1148 of the European Parliament. The proposal of this methodology is designed in a particular company which operates in the Czech Republic.

Návrh ochrany osobních dat dle obecného nařízení EU 2016/679 ze dne 27. dubna 2016 / The proposal for personal data protection according to the general Regulation (EU) 2016/679 of 27 April 2016

Bartoňová, Julie

January 2018

This diploma thesis solves the proposal for personal data protection according to the Regulation (EU) 2016/679 of 27 April 2016 (generally known under the abbreviation GDPR) in a chosen company. The thesis begins with a theoretical background followed by the part devoted to the analysis of the company. These results are further confronted with the own solution which is presenting the proposals and recommendations to bring the selected company into line with the GDPR.

Purging Sensitive Data in Logs Using Machine Learning

Ljus, Simon

January 2020

This thesis investigates how to remove personal data from logs using machine learning when rule-based scripts are not enough and manual scanning is too extensive. Three types of machine learning models were created and compared. One word model using logistic regression, another word model using LSTM and a sentence model also using LSTM. Data logs were cleaned and annotated using rule-based scripts, datasets from various countries and dictionaries from various languages. The created dataset for the sentence based model was imbalanced, and a lite version of data augmentation was applied. A hyperparameter optimization library was used to find the best hyperparameter combination. The models learned the training and the validation set well but did perform worse on the test set consisting of log data from a different server logging other types of data. / Detta examensarbete undersöker om det är möjligt att skapa ett program som automatiskt identifierar och tar bort persondata från dataloggar med hjälp av maskinlärning. Att förstå innebörden av vissa ord kräver också kontext: Banan kan syfta på en banan som man kan äta eller en bana som man kan springa på. Kan en maskinlärningsmodell ta nytta av föregående och efterkommande ord i en sekvens av ord för att få en bättre noggrannhet på om ordet är känsligt eller ej. Typen av data som förekommer i loggarna kan vara bland annat namn, personnummer, användarnamn och epostadress. För att modellen ska kunna lära sig att känna igen datan krävs det att det finns data som är färdigannoterad med facit i hand. Telefonnummer, personnummer och epostadress kan bara se ut på ett visst sätt och behöver nödvändigtvis ingen maskininlärning för att kunna pekas ut. Kan man skapa en generell modell som fungerar på flera typer av dataloggar utan att använda regelbaserade algoritmer. Resultaten visar att den annoterade datan som användes för träning kan ha skiljt allt för mycket från de loggar som har testats på (osedd data), vilket betyder att modellen inte är bra på att generalisera.

GDPR

LSTM

RNN

GloVe

personal data

machine learning

Computer Sciences

Datavetenskap (datalogi)

Les données personnelles et la propriété du soi / Personal data and self-ownership

Perbal, Bernard

12 December 2018

La progression fulgurante des sciences biologiques, dont les impacts sociétaux n’avaient peut être pas été suffisamment anticipés par le droit international, a créé des conflits conceptuels qu’il est souhaitable d’appréhender dans des débats constructifs respectueux de la richesse des différences individuelles, afin d’éviter des cloisonnements idéologiques qui ne seront d’aucun bénéfice pour l’Humanité. L’analyse des sources du concept de données personnelles et de l’évolution de son acception, renvoie au très long et difficile chemin parcouru depuis les premiers textes fondateurs européens jusqu’à la consécration de la notion de respect du droit à la vie privée que l’on doit à l’opiniâtreté de ses deux défenseurs qu’étaient Samuel Warren et Louis Brandeis, dont l’œuvre séminale a impacté le droit international dans son ensemble. Les données personnelles, maintenant identifiées à des data, sont devenues des ressources convoitées par les mondes de l’économie, du commerce électronique, de la biomédecine et de la criminologie. La dématérialisation des caractéristiques individuelles qui en a découlé a provoqué une immense vague de problèmes et différends relatifs aux modalités de collecte, traitement, diffusion et conservation de ces données, surtout quand elles concernaient des identifiants sensibles tels que les données génétiques. Les secrets de la vie et de l’hérédité s’ouvrent maintenant à un grand public souvent désarmé face aux entreprises qui souhaitent exploiter la richesse du soi intime des individus. Les potentialités nouvellement révélées du génie génétique humain, ont mis en exergue la faiblesse et l’inefficacité de textes juridiques et normatifs ayant mal vieilli qui conduisent à des clivages de principe rigides face à des technologies génétiques visant à améliorer le bien-être des peuples. Il est aujourd’hui nécessaire de dépassionner les débats et de redéfinir au plus tôt, sur des bases scientifiques objectives, le statut juridique des données génétiques et de l’information que leur exploitation peut livrer. / The dazzling growth of biological sciences, whose societal impacts might not have been well enough anticipated by the international law, has created conceptual conflicts that should be apprehended in constructive debates, respectful of the richness of individual differences, so as to avoid any ideological compartmentalization, which will be of no benefit to Humanity. The analysis of the roots of the concept of personal data and of the evolution of its acceptance, sends back to the very long and difficult journey from the very first European founding texts to the consecration of the right to privacy rooted in the obstinacy of its two defenders SW and LB whose seminal works have impacted international law as a whole. Personal information identified as data, has become coveted resources by the worlds of economy, electronic business, biomedicine and criminology. The dematerialization of individual characteristics brought with it an immense wave of issues and conflicts in relation with procedures of collection, processing, circulation and confidentiality of this type of data, especially when it dealt with sensitive identifiers such as genetic data. Technically unattainable until now, the secrets of life and heredity are currently being offered to the general public, who often finds itself powerless when facing companies willing to exploit the richness of their intimate self. The newly revealed potentialities of human genetic engineering, has put forth the weakness and inefficiencies of outdated legal and normative texts which, because of their inadequacy to societal evolution, lead to rigid divisions of principles before genetic technologies who aspire to take advantage of the understanding of genomes in order to improve the well being of people. It is necessary, today, to remove any passionate feeling to temper emotional debates by redefining, as soon as possible, the legal status of genetic data and the information that their exploitation can deliver.

Vie privée

Données personnelles

Criminalistique

Private life

Personal data

Forensic sciences

Ochrana soukromí na internetu pohledem práva a ekonomie / The Protection of Privacy on the Internet: a Law and Economics Perspective

Blatt, Patrik

January 2020

The Protection of Privacy on the Internet: a Law and Economics Perspective Abstract The topic of this thesis is protection of privacy on the Internet, further narrowed down to the matter of granting consent to store and process cookies and looking at it specifically from the perspective of law and economics. The aim of this paper is to answer the question of whether the current legislation of granting permission to process cookies is sufficient and user-friendly. To answer this question, the thesis was based on interpretation of the results of a survey about using cookies, conducted on selected Czech websites, namely those of central authorities of the Czech Republic, Czech news portals and Czech online shopping stores. Furthermore, the thesis proposes specific changes within current legislation of processing cookies. Because of the transposition of Directive on privacy and electronic communications into the legal order of the Czech Republic, the policy of granting consent to the storing and processing of personal data has changed from the original opt-out policy to the current opt-in policy. The current opt-in policy requires a preceding user's consent. In this thesis, I conclude that applying this opt-in policy has lowered the user-friendly settings and that it did not lead to any improvement of...

Fotografie osob z pohledu zaměstnavatele / Photographs of People from Employer's Point of View

Hendrychová, Jitka

January 2020

Photographs of People from Employer's Point of View Abstract This thesis deals with capturing the image of employees and other people on photographs and use of these photographs by an employer. The aim is to address possibilities of using image of people, from its creation, publishing it or using it in different ways, to its erasure or destruction, all of that in labour law context. This thesis is divided into three main chapters. The first part deals with protection of personality of an individual in Civil Code and Labour Code. It describes capturing the image of an employee and using the image with and without their consent. Second chapter focuses on photographs in context of data protection, mainly with respect to processing photographs as personal data using legal titles in Art. 6 of Regulation (EU) 2016/679 of the European Parliament and Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). The findings from previous chapters are applied on practical situations in all stages of employment in the third chapter. Part of this chapter is dedicated to the responsibility of an employee to abide the creation of portrait and to the questions of...

Ochrana osobních údajů při vzniku pracovního poměru / Protection of Personal Data Prior to Employment

Nová, Karolína

January 2020

Protection of Personal Data Prior to Employment Abstract The development of new technologies has completely changed the view on how personal data is being processed in labor relations. Screening job seekers on social networks or using artificial intelligence to analyze a candidate's predispositions are, at first sight, much less intense and conspicuous forms of invasion of privacy than traditional surveillance methods such as the use of security cameras. Employees and job seekers are therefore in a very disadvantageous position, which has not yet been reflected on the level of EU legislation. The legal regulation of personal data protection is very specific in its abstraction. When processing personal data, it is necessary to keep in mind the basic principles of data handling, and each processing should therefore be (among other things) purposefully limited, minimized, transparent and correct. However, these concepts are so abstract that their interpretation is the subject to countless debates even among personal data protection experts. In view of the above, it is understandable that it may be very difficult for many employers to know what specific measures of data protection are to be applied. For this reason, in practice, there is considerable formalism in the application of some institutes which stems...