Personal Data Protection in Service Providing

Import 11/07/2012Název práce: Ochrana osobních údajů v oblasti poskytování služeb Jméno studenta: Bc. Eva Škanderová Tématem této diplomové práce je ochrana osobních údajů v oblasti poskytování služeb se zaměřením zejména na služby elektronické komunikace. První části jsou věnovány právní úpravě osobních údajů, zejména zákonu o ochraně osobních údajů, základním pojmům (např. data retention, osobní údaj), dalším právním předpisům na úrovni České republiky a Evropské unie. Praktická část posuzuje a analyzuje ochranu osobních údajů. Je zaměřena na funkci ochrany osobních údajů v oblasti poskytování služeb elektronických komunikací s cílem vyjasnění a vytvoření přehlednosti data retention převážně na území České republiky. Cílem této diplomové práce je zjištění právního a faktického stavu ochrany osobních údajů v oblasti poskytování služeb v návaznosti na aktuální problematiku data retention z důvodu neexistence uceleného zpracování problematiky data retention v odborné literatuře. Především je zaměřen na právní regulaci věnovanou ochraně osobních údajů ve spojitosti s elektronickými komunikacemi a následnou praxi na úrovni obzvláště České republiky jako členského státu Evropské unie.Title of thesis: Personal Data Protection of Service Providing Name of student: Bc. Eva Škanderová The theme of this thesis is to protect personal data in the service with a particular focus to electronic communication services. The first part is devot to the regulation of personal data, in particular the Law on Personal Data Protection, basic concepts (such as data retention, personal indication), further legislation on the level of the Czech Republic and European Union. Practical assesses and analyzes the protection of personal data. Is focused to the function of privacy in electronic communications services in order to clarify and create clarity data retention mainly in the Czech Republic. The aim of this thesis is to determine the legal and factual state of privacy in providing services in relation to the current issue of data retention due to the absence of a comprehensive treatment data retention issues in the literature. Mainly focuses on the legal regulation to the protection of personal data in connection with electronic communications and the subsequent practice in the Czech Republic, especially as Member of the EU.119 - Katedra právavýborn

Time to plug the UK security gap: why there is a need to widen surveillance on electronic communications data

This paper examines whether there is a need for the UK to introduce legislation regarding further surveillance powers for the intelligence and policing agencies to conduct surveillance on electronic communications data. Both legally and politically t is a controversial issue. One side of the debate argues the need for such powers in order to assist the intelligence and policing agencies in their investigations, especially in relation to preventing acts of terrorism occurring to keep citizens safe from such attacks. The other side of the debate raises serious concerns of rights to privacy and data protection with the main issue being on the lack of sufficient safeguards against abuses by the agencies in their acquisition and retention of communications data. By looking at the current terrorist threat facing the EU (which includes the UK) focusing mainly on the threat the terrorist group Islamic State pose considerations are given to both sides of the debate. This includes an examination in how Islamic State use electronic communications, especially its social media sources by using the example of their use of Twitter and issues surrounding the difficulty policing agencies are having in monitoring this group’s activities on communications sources. By having such agencies monitoring electronic communications use raises concerns over the surveillance society, a concern that was exacerbated by the former US National Security Agency (NSA), Edward Snowden’s revelations in how, why and what the NSA was monitoring and its relationship with the UK’s intelligence agency, General Communications Headquarters (GCHQ). By looking at what communications is subject to the requests for wider surveillance this paper will examine the current legislative provisions authorising surveillance by the intelligence and policing agencies surveillance of electronic communications. This includes an analysis of the findings of the European Union’s court, the European Court of Justice’s (ECJ) decision in the Digital Rights case where after deciding that the EU’s legislative provisions on data protection were insufficient resulted in the UK introducing the Data Retention and Investigatory Powers Act 2014 that allows intelligence and policing agencies to request from communications providers electronic communications data related to their investigations. With the 2014 Act having a sunset clause expiring in December 2016 and taking into account recent Parliamentary reports, it is examined if there is a need for a new legislation in the UK that codifies al the current legislation governing the surveillance of electronic communications. This looks more likely as the Queen’s Speech in May 2015 revealed an Investigatory Powers Bill will be introduced during the 2015/16 Parliament. The position submitted here is that new legislation is needed as wider powers are required to allow the intelligence and policing agencies the ability to monitor terrorist group’s increasing sophisticated and wide use of electronic communications, provided there are sufficient safeguards related to data protection. Those safeguards can only be truly secured via judicial supervision in granting the respective authorities to the intelligence and policing agencies. Underpinning this submission is that due to the international nature of the terrorist threat facing national states and the use by terrorist groups of communications, we have moved to an era where intelligence in no longer on a ‘need to know’ basis to one where it is a ‘need to share’. This includes obtaining the co-operation of internet and communications service providers

Why in Widening Surveillance Powers of Electronic Communications, Co-Operation is needed with Internet and Communications Service Providers

There is no denying that the current international terrorist threat faced by many states around the world is real. The actions witnessed just in 2015 provides sufficient evidence of that as seen from the terrorist attacks in Paris in January 2015, to attacks seen in June 2015 in Kuwait, Tunisia and France and of late in Turkey and again in France in August 2015 where an attack was prevented by the courage of travellers on a train travelling from Holland to France. One common thread through these attacks are that the terrorists are known to be in various states’ intelligence systems and yet their intended actions were not picked up by intelligence analysts. One of the reasons for this has been the widespread and sophisticated use of electronic communications systems by terrorist groups, especially the group Islamic State (also referred to as ISIL or Daesh). Another problem facing security and counter-terrorism policing agencies is in gaining access to communications data held by Internet Service Providers (ISP) and Communications Service Providers (CSP). By examining the current terrorist threat facing many states and terrorist groups’ use of electronic communications, as well as the concerns over the surveillance society, this article looks at the proposed and recently passed legislation regarding surveillance of electronic communications in a number of states. One key issue why some of the legislative provisions will fail to achieve its intended outcome will be in the failure to secure the co-operation of ISP and CSP’s. This article proposes that as privacy rights and data protection is deeply embedded within its law, the European Union (EU) has the opportunity to become a major international actor on the world stage in seeking that co-operation with ISP and CSP’s in securing access to communications data and its retention

Regulating Search Warrant Execution Procedure for Stored Electronic Communications

Electronic communication services, from email, to social media, tomessaging applications, have not only dramatically changed daily life but have also had a profound impact on criminal investigations and procedure.The often large volume of electronically stored information has led to a two-step process for search warrant execution, codified in Federal Criminal Procedure Rule 41. When conducting a search pursuant to Rule 41, law enforcement often retains both responsive items—materials that fall within the scope of the warrant—and nonresponsive materials—intermingled items that can be searched, but ultimately exceed the scope of the warrant. This possession of nonresponsive material creates a tension between the account holder’s privacy interests and the government’s ability to conduct an effective search.Courts and scholars have implemented and proposed a range of approaches for search warrant execution inlight of concerns about sweeping general searches and the practicalities of searching electronically stored information. This Note examines these approaches to regulate search warrant execution procedure in the context of stored electronic communications. This Note also discusses the strengths and shortcomings of these various mechanisms and concludes that Rule 41 should be amended to provide standards for the retention and use of nonresponsive material

Plan Now for Managing Electronic Data and Avoid Tomorrow’s Legal Risks

[Excerpt] In a world where the use of electronic data is rapidly increasing, companies must find ways to manage data now so that they effectively control compliance risks. The proliferation of electronic data is both astonishing and overwhelming. Given the storage power of average computers today, even the most modest mom-and-pop business may have electronic storage capacity equivalent to 2,000 four-drawer file cabinets. The task of managing electronic data is further compounded by the fact that the data is no longer just tangible pieces of paper, but rather are bytes of information that are constantly being edited, changed, and updated from different people and sources. Proper archiving, retention, monitoring, filtering, and encryption of electronic data are no longer optional: they are imperative

FISA Reform

Congress and the Executive Branch are poised to take up the issue of FISA reform in 2014. What has been missing from the discussion is a comprehensive view of ways in which reform could be given effect—i.e., a taxonomy of potential options. This article seeks to fill the gap. The aim is to deepen the conversation about abeyant approaches to foreign intelligence gathering, to allow fuller discussion of what a comprehensive package could contain, and to place initiatives that are currently under consideration within a broader, over-arching framework. The article begins by considering the legal underpinnings and challenges to the President\u27s Surveillance Program. It then examines how technology has altered the types of information available, as well as methods of transmission and storage. The article builds on this to develop a taxonomy for how a statutory approach to foreign intelligence gathering could be given force. It divides foreign intelligence gathering into two categories: front-end collection and back-end analysis and use. Each category contains a counterpoise structured to ensure the appropriate exercise of Congressionally-mandated authorities. For the front-end, this means balancing the manner of collection with requirements for approval. For the back-end, this means offsetting implementation with transparency and oversight. The article then considers the constituent parts of each category