Personal Data Protection in the European Union and Lithuanian Law
##plugins.themes.bootstrap3.article.main##
Abstract
This article is based on the report read at the conference “Actualities of the coordination of Lithuanian Law with European Union Law” held in the Law University of Lithuania in November 2002.
The author sought to succinctly analyze the basic European and Lithuanian legal acts in the sphere of personal data protection and to draw particular attention to the problems of regulation and ensuring of personal data protection.
The article concentrates on such problematic questions as relation between free data movement and basic principles of personal data protection, the concept of personal data, ensuring data management principles, special data protection, data transmission to the third (non-EU) countries, personal data and private life protection in the electronic communication sector, compliance of the legal acts of the Republic of Lithuania with the respective EU legal acts in the sphere of personal data protection.
The EU has adopted a very favourable legal framework designed to ensure a high-level of security and privacy protection. Directive 95/46/EC of 24 October 1995 on he protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter- Data Protection Directive) aims to protect the rights and freedoms of persons by laying down the guidelines determining when such processing is lawful. The guidelines relate to data quality, making data processing legitimate, special categories of processing, information to be given to the data subject, the data subject's rights, confidentiality and security of processing. This Directive has broadly achieved its aim while making it easier for personal data to be circulated around the EU. However, late implementation by Member States and differences in the ways of such implementation at national level have prevented EU from getting the full benefit of the Directive. Only four member States have passed national laws implementing this act within the agreed deadline- October 1998. Germany and Netherlands, along side with Belgium, then implemented the Directive in 2001 and Luxembourg in 2002, after the unfavourable Court decision.
Data Protection Directive is addressed to the Member states and does not apply as such to the Commission or any other Community institutions and bodies.
A Regulation on data protection within EU institutions and bodies was adopted in December 2001.
Competition alone will not suffice to ensure a wide take-up of the Internet. A necessary complement is to ensure a high-level of security and privacy protection. In order to preserve the rights to privacy in relation to the processing of personal data in the electronic communications sector, the EU has adopted a Directive 2002/58/EC of 12 July 2002 on privacy and electronic communications. This Directive touches up on a number of topics of various degrees of sensitivity, such as the preservation of connection data by the Member States for police surveillance purposes, the sending of unsolicited e-mail, the use of cookies and the inclusion of personal data in public directories.
The limits of the guidelines mentioned in the Data Protection Directive and the conditions under which the processing of personal data is lawful have also been determined in the Lithuanian Law on Legal Protection of Personal Data (actual wording since 01/07/2003). This Law requires the State Data Protection Inspectorate to ensure the compatibility of Personal Data Protection in Lithuania with the requirements of the European Union. However, its application in practice sometimes is problematic.
The author sought to succinctly analyze the basic European and Lithuanian legal acts in the sphere of personal data protection and to draw particular attention to the problems of regulation and ensuring of personal data protection.
The article concentrates on such problematic questions as relation between free data movement and basic principles of personal data protection, the concept of personal data, ensuring data management principles, special data protection, data transmission to the third (non-EU) countries, personal data and private life protection in the electronic communication sector, compliance of the legal acts of the Republic of Lithuania with the respective EU legal acts in the sphere of personal data protection.
The EU has adopted a very favourable legal framework designed to ensure a high-level of security and privacy protection. Directive 95/46/EC of 24 October 1995 on he protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter- Data Protection Directive) aims to protect the rights and freedoms of persons by laying down the guidelines determining when such processing is lawful. The guidelines relate to data quality, making data processing legitimate, special categories of processing, information to be given to the data subject, the data subject's rights, confidentiality and security of processing. This Directive has broadly achieved its aim while making it easier for personal data to be circulated around the EU. However, late implementation by Member States and differences in the ways of such implementation at national level have prevented EU from getting the full benefit of the Directive. Only four member States have passed national laws implementing this act within the agreed deadline- October 1998. Germany and Netherlands, along side with Belgium, then implemented the Directive in 2001 and Luxembourg in 2002, after the unfavourable Court decision.
Data Protection Directive is addressed to the Member states and does not apply as such to the Commission or any other Community institutions and bodies.
A Regulation on data protection within EU institutions and bodies was adopted in December 2001.
Competition alone will not suffice to ensure a wide take-up of the Internet. A necessary complement is to ensure a high-level of security and privacy protection. In order to preserve the rights to privacy in relation to the processing of personal data in the electronic communications sector, the EU has adopted a Directive 2002/58/EC of 12 July 2002 on privacy and electronic communications. This Directive touches up on a number of topics of various degrees of sensitivity, such as the preservation of connection data by the Member States for police surveillance purposes, the sending of unsolicited e-mail, the use of cookies and the inclusion of personal data in public directories.
The limits of the guidelines mentioned in the Data Protection Directive and the conditions under which the processing of personal data is lawful have also been determined in the Lithuanian Law on Legal Protection of Personal Data (actual wording since 01/07/2003). This Law requires the State Data Protection Inspectorate to ensure the compatibility of Personal Data Protection in Lithuania with the requirements of the European Union. However, its application in practice sometimes is problematic.
##plugins.themes.bootstrap3.article.details##
Section
Articles
Authors contributing to Jurisprudence agree to publish their articles under a Creative Commons Attribution-NoDerivatives 4.0 International Public (CC BY-NC-ND) License, allowing third parties to share their work (copy, distribute, transmit) and to adapt it, under the condition that the authors are given credit, and that in the event of reuse or distribution, the terms of this licence are made clear.
Authors retain copyright of their work, with first publication rights granted to the Association for Learning Technology.
Please see Copyright and Licence Agreement for further details.
Authors retain copyright of their work, with first publication rights granted to the Association for Learning Technology.
Please see Copyright and Licence Agreement for further details.
