USE OF PASSENGER LOCATION CARDS IN THE ERA OF THE COVID-19 PANDEMIC, AND THE PROCESSING OF PERSONAL DATA OF AIR PASSENGERS

2021 ◽  
Vol 57 ◽  
pp. 2-2
Author(s):  
Katarzyna Biczysko-Pudełko
Keyword(s):  
Personal Data ◽  
The State ◽  
General Data Protection Regulation ◽  
The Public ◽  
General Data ◽  
The Subject ◽  
The Republic ◽  
Questionnaire Method ◽  
General Regulation

Purpose. The aim of the article is to analyse the processing of personal data of air passengers during the SARS-CoV-2 pandemic in the context of doubts that have arisen in connection with the need for these passengers to provide their personal data as part of filling out the Passenger Location Card questionnaire. Method. The research method used in this study is case study. Findings. In the study, it was showed that firstly, the data of air passengers processed in relation to the application of the Passenger Location Card by the State Border Sanitary Inspectorate in Warsaw should be protected under the provisions of the General Regulation on the protection of personal data. Furthermore, their controller, i.e. the State Border Sanitary Inspectorate in Warsaw, did not fulfil its obligations in this regard. This, in effect, justifies the conclusion that the processing process not in accordance with the law on the protection of personal data. Research and conclusions limitations. The analysis concerned only passengers of aircrafts arriving and/or departing from airports located on the territory of the Republic of Poland. Practical implications. The analysis carried out in this study may provide a solution to the issues that have arisen in the public sector with regard to the processing of personal data collected from air passengers on the basis of the Passenger Location Card questionnaire and thus, the conclusions may prove useful for data controllers who should be aware of such problems, but also for air travellers as data subjects who should be protected by the General Data Protection Regulation and their rights in this regard. Originality. This analysis, if only for the reason that it is an analysis of a problem that has come to light relatively recently (March 2020), has so far, only been the subject of consideration in press articles.

Regulatory Challenges of Data Mining Practices: The Case of the Never-ending Lifecycles of ‘Health Data’

2018 ◽  
Vol 25 (3) ◽  
pp. 284-307
Author(s):  
Giovanni Comandè ◽  
Giulia Schneider
Keyword(s):  
Data Mining ◽  
Data Protection ◽  
Personal Data ◽  
Health Data ◽  
General Level ◽  
General Data Protection Regulation ◽  
The Face ◽  
General Data ◽  
Level Of Analysis

Abstract Health data are the most special of the ‘special categories’ of data under Art. 9 of the General Data Protection Regulation (GDPR). The same Art. 9 GDPR prohibits, with broad exceptions, the processing of ‘data concerning health’. Our thesis is that, through data mining technologies, health data have progressively undergone a process of distancing from the healthcare sphere as far as the generation, the processing and the uses are concerned. The case study aims thus to test the endurance of the ‘special category’ of health data in the face of data mining technologies and the never-ending lifecycles of health data they feed. At a more general level of analysis, the case of health data shows that data mining techniques challenge core data protection notions, such as the distinction between sensitive and non-sensitive personal data, requiring a shift in terms of systemic perspectives that the GDPR only partly addresses.

scholarly journals The State Archives of the Republic of Macedonia: Use of Archival Material and Data Protection Pursuant to the Law on Personal Data Protection and the General Data Protection Regulation

Atlanti ◽  
2018 ◽  
Vol 28 (2) ◽  
pp. 91-98
Author(s):  
Svetlana Usprcova
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
The State ◽  
General Data Protection Regulation ◽  
Archival Material ◽  
Personal Data Protection ◽  
Republic Of Macedonia ◽  
Other Information ◽  
The Republic ◽  
State Archives

The aim of this paper is to explain the position of the State Archives of the Republic of Macedonia as guardian of the archival material, which is a subject of use for scientific, academic, administrative, public, publishing, exhibition and other purposes. In the process of use of the archival material, the archivists must be very careful in order to protect confidential, sensitive, legal and other information contained in the archival material, and take some measures in relation to the personal data protection. Herein, the author, also talks about the current Law on personal data protection and the harmonisation of the national law with the European legislation.

scholarly journals La responsabilidad proactiva de las Administraciones Públicas en la protección de datos personales.

2020 ◽  
pp. 138-153
Author(s):  
Aritz ROMEO RUIZ
Keyword(s):  
Public Administration ◽  
Data Protection ◽  
Main Idea ◽  
Personal Data ◽  
Practical Implementation ◽  
Organizational Changes ◽  
General Data Protection Regulation ◽  
The Public ◽  
General Terms ◽  
General Data

Laburpena: Lan honen helburua da administrazio publikoak datu pertsonalen tratamenduan duen erantzukizun proaktiboaren printzipioaren analisia eskaintzea, eta ikuspegi juridikoa ematea praktikan errazago aplikatzeko. Lana lau ataletan egituratuta dago. Lehenengoan, datu pertsonalen babesa arautzen duen esparru berriaren aurkezpen orokorra egiten da; hau da, Datuak Babesteko Erregelamendu Orokorrak (EB) ezartzen duen araudi berria aurkezten da. Bigarren atala erantzukizun proaktiboari buruzkoa da, administrazio publikoek datu pertsonalak tratatzeko oinarrizko printzipio gisa. Hirugarrenak proposatzen ditu administrazio publikoek praktikan erantzukizun proaktiboaren printzipioa betetzeko kontuan har ditzaketen hainbat neurri. Azkenik, laugarren atalak gogoeta egiten du antolamendu-aldaketak egiteko beharrari buruz, Erregelamendu Orokorraren printzipioak betetzen dituztela ziurtatzeko eta herritarrek eskubideak balia ditzaten ziurtatzeko; horrez gain, aipamen berezia egiten dio datuak babesteko ordezkariaren figurari. Ondorioztatzen den ideia nagusia da garrantzitsua dela administrazio publikoek datuak babesteko politika bat diseinatzea, lehenetsita aplikatuko dena, eta ez bakarrik erantzukizun politikoak dituztenei, baizik eta sektore publikoan lan egiten duten pertsona guztiei eragingo diena. Resumen: El presente trabajo tiene como objetivo ofrecer un análisis del principio de responsabilidad proactiva en el tratamiento de datos personales por parte de la administración pública, y pretende aportar una visión jurídica para facilitar su aplicación en la práctica. El trabajo está estructurado en cuatro apartados. En el primero de ellos se presenta, en términos generales, el nuevo marco regulador de la protección de datos personales, que es consecuencia del Reglamento (UE) General de Protección de Datos. El segundo apartado está dedicado a la responsabilidad proactiva como principio básico del tratamiento de datos personales por las administraciones públicas. El tercero propone una serie de medidas que las administraciones públicas pueden tener en cuenta para cumplir con el principio de responsabilidad proactiva en la práctica. Finalmente, el apartado cuarto aporta una reflexión sobre la necesidad de introducir cambios organizacionales para asegurar el cumplimiento de los principios del Reglamento General de Protección de datos y del ejercicio de derechos por la ciudadanía, con una especial mención a la figura del delegado o delegada de protección de datos. La principal idea que se concluye es la importancia de que las administraciones públicas diseñen una política de protección de datos que se aplique por defecto, e implique, no sólo a quienes ejercen responsabilidades políticas, sino a todas las personas que trabajan en el sector público. Abstract: The present work aims to offer an analysis of the principle of proactive responsibility in the treatment of personal data by the public administration, and aims to provide a legal vision to facilitate its practical implementation. The work is structured in four sections. The first of these presents, in general terms, the new regulatory framework for the protection of personal data, which is a consequence of the General Data Protection Regulation (EU). The second section is dedicated to proactive responsibility as a basic principle of the processing of personal data by public administrations. The third proposes a series of measures that public administrations can take into account to comply with the principle of proactive responsibility in practice. Finally, the fourth section provides a reflection on the need to introduce organizational changes to ensure compliance with the principles of the General Data Protection Regulation and the exercise of rights by citizens, with special reference to the figure of the Data Protection Officer. The main idea that is concluded is the importance for public administrations to design a data protection policy that is applied by default, and involves not only those who exercise political responsibilities, but also all those who work in the public sector.

Access to Information in the Republic of Macedonia

2019 ◽  
pp. 714-732
Author(s):  
Stojan Slaveski ◽  
Biljana Popovska
Keyword(s):  
Public Information ◽  
Personal Data ◽  
The State ◽  
The Other ◽  
Free Access ◽  
The Public ◽  
Republic Of Macedonia ◽  
The Republic ◽  
The Government ◽  
And Storage

Certain information and personal data, held by the government, needs to be kept secret because its disclosure to the general public could jeopardize the operation of the state. On the other hand, the state should allow the public to have free access to all other state-held information. To ensure a balance between these two claims of modern democratic societies, there is a need to legally regulate this matter. The state should have a law on access to public information and a law that will regulate the classification, access to and storage of information which should be kept secret. This chapter analyzes the global experiences in regulating this matter, with a particular emphasis on the practice in the Republic of Macedonia.

Access to Information in the Republic of Macedonia

2016 ◽  
pp. 162-179
Author(s):  
Stojan Slaveski ◽  
Biljana Popovska
Keyword(s):  
Public Information ◽  
Personal Data ◽  
The State ◽  
The Other ◽  
Free Access ◽  
The Public ◽  
Republic Of Macedonia ◽  
The Republic ◽  
The Government ◽  
And Storage

Certain information and personal data, held by the government, needs to be kept secret because its disclosure to the general public could jeopardize the operation of the state. On the other hand, the state should allow the public to have free access to all other state-held information. To ensure a balance between these two claims of modern democratic societies, there is a need to legally regulate this matter. The state should have a law on access to public information and a law that will regulate the classification, access to and storage of information which should be kept secret. This chapter analyzes the global experiences in regulating this matter, with a particular emphasis on the practice in the Republic of Macedonia.

SEVERAL QUESTIONS REGARDING THE RULES FOR THE PROTECTION OF PERSONAL DATA IN KINDERGARTEN

2021 ◽  
Vol 12 (1) ◽  
pp. 261-268
Author(s):  
Angel Manchev ◽  
Keyword(s):  
Data Protection ◽  
Technological Progress ◽  
Data Exchange ◽  
Personal Data ◽  
The European Union ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
The Core ◽  
General Data ◽  
The Republic

The protection of personal data is one of the core values of modern European societies. This protection is provided by the law of the European Union and by the national legislations of the Member States, to which the Republic of Bulgaria also belongs. As of May 25, 2018, the protection of personal data is being expanded and updated in response to technological progress and the increasingly accelerated data exchange. The reason for this is the entry into force of Regulation (EU ) 2016/679 (General Data Protection Regulation, GDPR) and the changes in our national law that it imposes. In the sense of what has been said so far, the issues of personal data protection in children’s institutions are especially relevant, because these organizations actively handle personal data at any level of children, parents, teachers and staff. In this article, we will try to give short answers to some of the most important questions regarding personal data and the rules for their protection, according to European and Bulgarian legislation.

An Ontology based Framework for E-Government Regulatory Requirements Compliance

2019 ◽  
Vol 11 (2) ◽  
pp. 22-42 ◽  
Author(s):  
M. Mahmudul Hasan ◽  
Dimosthenis Anagnostopoulos ◽  
George Kousiouris ◽  
Teta Stamati ◽  
Peri Loucopoulos ◽  
...  
Keyword(s):  
Personal Data ◽  
Service Development ◽  
Government Service ◽  
Regulatory Requirements ◽  
Regulatory Requirement ◽  
General Data Protection Regulation ◽  
The Public ◽  
Enormous Amount ◽  
General Data ◽  
Government Legislation

E-Government has gained an enormous amount of attention by researchers and practitioners interested in digitizing the public sector through enacting policies and regulations. Compliance of regulatory requirements from these policies and regulations is an important requirement in e-Government service development projects. However, the concepts of regulatory requirements compliance are still scattered around in developing e-Government services. This article presents an e-Government regulatory requirement compliance (eGRRC) ontology framework that describes the interrelated concepts of regulatory requirements compliance in e-Government service development. The proposed eGRRC ontology is then applied on the recently introduced general data protection regulation (GDPR) for personal data processing across European Union (EU) countries, in order to indicate how the concepts can be mapped to the defined entities. The contribution of this article is on introducing a framework for researchers and practitioners to explore regulatory requirements compliance and their interrelationships in e-Government service development. Furthermore, e-Government legislation can accordingly be modeled using on the eGRRC ontology, that serves as basis for queries to infer knowledge about the source of regulatory requirements, objectives of the regulation, various types of requirements, the services affected, orientation of regulatory rules in requirements, priorities, and amendments of regulations in e-Government service development.

scholarly journals Designing a Distributed Ledger Technology System for Interoperable and General Data Protection Regulation–Compliant Health Data Exchange: A Use Case in Blood Glucose Data (Preprint)

2019 ◽  
Author(s):  
David Hawig ◽  
Chao Zhou ◽  
Sebastian Fuhrhop ◽  
Andre S Fialho ◽  
Navin Ramachandran
Keyword(s):  
Blood Glucose ◽  
Data Privacy ◽  
Data Exchange ◽  
Personal Data ◽  
Use Case ◽  
Concept System ◽  
General Data Protection Regulation ◽  
The Public ◽  
Distributed Ledger ◽  
General Data

BACKGROUND Distributed ledger technology (DLT) holds great potential to improve health information exchange. However, the immutable and transparent character of this technology may conflict with data privacy regulations and data processing best practices. OBJECTIVE The aim of this paper is to develop a proof-of-concept system for immutable, interoperable, and General Data Protection Regulation (GDPR)–compliant exchange of blood glucose data. METHODS Given that there is no ideal design for a DLT-based patient-provider data exchange solution, we proposed two different variations for our proof-of-concept system. One design was based purely on the public IOTA distributed ledger (a directed acyclic graph-based DLT) and the second used the same public IOTA ledger in combination with a private InterPlanetary File System (IPFS) cluster. Both designs were assessed according to (1) data reversal risk, (2) data linkability risks, (3) processing time, (4) file size compatibility, and (5) overall system complexity. RESULTS The public IOTA design slightly increased the risk of personal data linkability, had an overall low processing time (requiring mean 6.1, SD 1.9 seconds to upload one blood glucose data sample into the DLT), and was relatively simple to implement. The combination of the public IOTA with a private IPFS cluster minimized both reversal and linkability risks, allowed for the exchange of large files (3 months of blood glucose data were uploaded into the DLT in mean 38.1, SD 13.4 seconds), but involved a relatively higher setup complexity. CONCLUSIONS For the specific use case of blood glucose explored in this study, both designs presented a suitable performance in enabling the interoperable exchange of data between patients and providers. Additionally, both systems were designed considering the latest guidelines on personal data processing, thereby maximizing the alignment with recent GDPR requirements. For future works, these results suggest that the conflict between DLT and data privacy regulations can be addressed if careful considerations are made regarding the use case and the design of the data exchange system.

scholarly journals Regulating the European Data-Driven Economy. A Case Study on the General Data Protection Regulation

2020 ◽  
Author(s):  
Moritz Laurer ◽  
Timo Seidl
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
Policy Formulation ◽  
Data Driven ◽  
The Political ◽  
General Data Protection Regulation ◽  
General Data ◽  
Institutional Legacies ◽  
The Eu

In recent years, data have become part and parcel of contemporary capitalism. This created tensions between the growing demand for personal data and the fundamental right to data protection. Against this background, the EU’s adoption of the general data protection regulation (GDPR) poses a puzzle. Why did the EU adopt a regulation that strengthens data protection despite intensive lobbying by powerful business groups? We make two arguments to explain this outcome. First, we use process tracing to show how institutional legacies triggered and structured the policy-formulation process by strengthening the position of data protection advocates within the Commission. Second, we use discourse network analysis to show that the Snowden revelations fundamentally changed the discursive and coalitional dynamics during the decision-making stage, ‘saving’ the GDPR from being watered down. Our paper contributes to the literature on the political economy of data protection while also offering a comprehensive explanationof the GDPR.

Glosa do Wyroku Naczelnego Sądu Administracyjnego z dnia 25 sierpnia 2020 r., sygn. akt I OSK 3325/19

2021 ◽  
Vol 4(165) ◽  
pp. 137-146
Author(s):  
Paweł Fajgielski
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
Eu Law ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
General Data ◽  
General Regulation

The commented judgment concerns the issues of protection of personal data in the activities of the Institute of National Remembrance. In the judgment of 25 August 2020, the Supreme Administrative Court decided that the information contained in the files of the Institute of National Remembrance shall be governed by the provisions of the General Data Protection Regulation, and the President of the Personal Data Protection Office supervises the processing of this data. When interpreting Article 71 of the Act on the Institute of National Remembrance – Commission for the Prosecution of Crimes against the Polish Nation, the Supreme Administrative Court stated that this provision extends the application of the general regulation on data protection to data on deceased persons. The author does not agree with the interpretation presented in the judgment, considers it incorrect and presents arguments justifying a different interpretation of EU law on the protection of personal data.

Sign in / Sign up

Export Citation Format

Share Document