A MARKETING VIEW OVER THE ROLE OF THE PUBLIC AUTHORITIES IN THE PROTECTION OF THE CONSUMERS' PRIVATE SPACE

The concept of privacy, seen in connection with the consumer\'s private space, and defined in terms of the rights the consumer have to disclose or not, respectively to have protected their personal data has gained an increasing importance, as a result of the organizations' extended and more and more aggressive attempts, within their marketing efforts, to capture, process and use the consumers' personal data. Privacy protection has become an important but, in the same time, extremely sensitive and challenging topic to be taken into consideration by all the stakeholders involved in the processing and employment of the consumers' personal data. A key role in this respect is played by the public authorities acting as data controllers - the Data Protection Authorities, that have to adopt a more proactive and efficient attitude in adopting and implementing policies and processes aiming to ensure a more effective protection of the personal data and private space, conduct privacy impact assessments and continuously improve the specific activities. Paper presents the opinions of the consumers through the results of an exploratory study regarding the importance given to the protection of the personal data, the area of protection of the specific laws, the need for laws regulating the personal data protection, the balance between the public and private entities in providing a proper protection of the personal data, and the relationship between the domestic, European, and international levels in ensuring the protection of the consumers' personal data. Results regarding the role of the public authorities in the protection of the consumers' personal data and private space- in terms of the most appropriate institution to act as a data controller, the rights consumers consider important in relationship with the protection of their personal data and the risks faced in the context of a less effective protection - are also presented.consumer, public authorities, personal data, consumer private space, Romania

Personal data protection

Zaštita osobnih podataka u Republici Hrvatskoj ustavna je kategorija zajamčena svakoj fizičkoj osobi bez obzira na državljanstvo i prebivalište te neovisno o rasi, boji kože, spolu, jeziku, vjeri, političkom ili drugom uvjerenju, nacionalnom ili socijalnom podrijetlu, imovini, rođenju, naobrazbi, društvenom položaju ili drugim osobinama. Ista se u Republici Hrvatskoj uređuje Zakonom o zaštiti osobnih podataka sa svrhom zaštite privatnog života i ostalih ljudskih prava i temeljnih sloboda u prikupljanju, obradi i korištenju osobnih podataka. Zakon o zaštiti osobnih podataka veže se na pravne tekovine Ujedinjenih naroda te Europsku konvenciju za zaštitu ljudskih prava i temeljnih sloboda. Na temelju navedenog zakona u Republici Hrvatskoj osnovana je Agencija za zaštitu osobnih podataka koja se, oslanjajući se na Direktivu 95/46 Europskog parlamenta, brine za nadzor nad obradom osobnih podataka kao samostalno i neovisno tijelo. Ovaj rad donosi pregled temeljnih pojmova vezanih uz zaštitu osobnih podataka prvenstveno vezanih uz identitet osobe te pregled organizacije zaštite osobnih podataka u Republici Hrvatskoj sa usporedbom u odnosu na međunarodno zakonodavstvo te primjerom iz sudske prakse.Protection of personal data in the Republic of Croatia is guaranteed as a constitutional category to every person regardless of nationality and place of residence and regardless of race, color, sex, language, religion, political or other opinion, national or social origin, property, birth, education, social status or other characteristics. In the Republic of Croatia protection of personal data is regulated by the Law on Protection of Personal Data in order to protect privacy and other human rights and fundamental freedoms during collection, processing and use of personal data. The Law on Protection of Personal Data binds on the legal heritage of the United Nations and the European Convention for the Protection of Human Rights and Fundamental Freedoms. Based on this law, an Agency for protection of personal data was established which controls the processing of personal data (relying on Directive 95/46 of the European Parliament) as an autonomous and independent body. This paper presents an overview of basic concepts related to the protection of personal data primarily related to the identity of the person and the organization of the protection of personal data in the Republic of Croatia, with a comparison in relation to international legislation and case law

An Examination of Privacy Policies of Global University Web Sites

Due to demand in online services, universities throughout the world are increasing the content of their Web sites and adding features, such as online applications and e-learning. However, adding online services requires that personal data is kept within computerized systems, thus putting personal private information at risk. Online consumers express concern about the risk of their personal private data and demand to know how organizations will protect their records. It is imperative that firms have mechanisms to guard their data and publish protection information within online privacy policies to mitigate user distrust. However, although industry privacy groups may recommend better protection and some countries may legislate its use; this is not universal in all university sites. This study analyzes 90 universities site throughout the world to determine the use of privacy protection. The results show a lack of use of certain privacy mechanisms. The research suggests methods for improving protection

EUROPEAN UNION CONSUMERS’ VIEWS ON THE PROTECTION OF THEIR PERSONAL DATA: AN EXPLORATORY ASSESSMENT

The increasing marketing efforts of the organizations based on the acquiring,processing, storage and employment of the consumers’ personal data have imposed thereconsideration, both from the theoretical and practical perspectives, of the concepts describing theprivacy, consumer’s private space and personalization. Paper intends to assess, based on secondary data and in an exploratory manner, the viewsof the consumers from the European Union countries regarding the ways the different organizationspresent in the market handle their personal data, the degree of awareness associated with theexistence and functioning of the personal data protection in their home countries and theirperception related to the effectiveness of the personal data protection.privacy, personal data protection, personalization, European Union

European Court of Human Rights : Satakunnan Markkinapörssi Oy and Satamedia Oy v. Finland

The Grand Chamber judgment of European Court of Human Rights (ECtHR) finds that a prohibition issued by the Finnish Data Protection Board that prohibited two media companies from publishing personal taxation data in the manner and to the extent they had published these data before, is to be considered as a legal, legitimate and necessary interference with the applicants’ right to freedom of expression and information. The ECtHR approves the approach of the Finnish authorities denying the applicants’ claim to rely on the exception of journalistic activities within the law of protection of personal data

Privacy CURE: Consent Comprehension Made Easy

Although the General Data Protection Regulation (GDPR) defines several potential legal bases for personal data processing, in many cases data controllers, even when they are located outside the European Union (EU), will need to obtain consent from EU citizens for the processing of their personal data. Unfortunately, existing approaches for obtaining consent, such as pages of text followed by an agreement/disagreement mechanism, are neither specific nor informed. In order to address this challenge, we introduce our Consent reqUest useR intErface (CURE) prototype, which is based on the GDPR requirements and the interpretation of those requirements by the Article 29 Working Party (i.e., the predecessor of the European Data Protection Board). The CURE prototype provides transparency regarding personal data processing, more control via a customization, and, based on the results of our usability evaluation, improves user comprehension with respect to what data subjects actually consent to. Although the CURE prototype is based on the GDPR requirements, it could potentially be used in other jurisdictions also

Legal aspects of Big Data - GDPR

The use of Big Data presents significant legal problems, especially in terms of data protection. The existing legal framework of the European Union based in particular on the Directive no. 46/95/EC and the General Regulation on the Protection of Personal Data provide adequate protection. But for Big Data, a comprehensive and global strategy is needed. The evolution over time was from the right to exclude others to the right to control their own data and, at present, to the rethinking of the right to (digital) identity. The General Data Protection Regulation, "GDPR" (Regulation EU 2016/679) deals with data protection and privacy of persons in the European Union and the European Economic Area. DOI: 10.13140/RG.2.2.29614.4640

Data protection and the legitimate interest of data controllers: much ado about nothing or the winter of rights?

EU data protection law is in a process of reform to meet the challenges of the modern economy and rapid technological developments. This study analyses the legitimate interest of data controllers as a legal basis for processing personal data under both the current data protection legislation and its proposed reform. The relevant provision expands the scope of lawful processing, but is formulated ambiguously, creating legal uncertainty and loopholes in the law. The new proposed regime does not resolve the problem.Taking a“rights” perspective, the paper aims to show that the provision should be narrowly interpreted in light of the ECJ case law, and to give effect to the Charter of Fundamental Rights; a rephrasing of the norm is desirable. The provision on the legitimate interest of data controllers weakens the legal protection of data subjects

Protection of Personal Data in Information System

Pojmy osobní údaje a ochrana osobních údajů doprovázejí běžný společenský život v České republice teprve pár let. V oblasti ochrany osobních údajů je nutné přijímat opatření k zamezení zneužití osobních údajů a tím se vyvarovat následnému postihu. Problematika ochrany osobních údajů je složitá, diskuse a polemiky jsou vedeny i ve sdělovacích prostředcích.The terms personal data and personal data protection have accopmanied ordinary social life of people in the Czech Republic only for several years. In the area of personal data protection it is necessary to receive measures to prevent misuse of personal data and thereby to avoid resulting sanction. Problems of personal data protection is complicated, discussion and polemics are held even in media.