1 / 30

Data Protection in the New European Union Member States Czech Republic

This article provides an overview of data protection laws and regulations in the Czech Republic, including legislation, supervision, sanctions, and harmonization with EU directives.

wendyn
Download Presentation

Data Protection in the New European Union Member States Czech Republic

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Data Protection in the NewEuropean Union Member StatesCzech Republic Karel Neuwirt The Office for Personal Data Protection BIICL, London, 15 February 2005

  2. Historical Landscape BIICL, London, 15 February 2005

  3. The Czech Republic • 10,2 million population • 78 866 sq. km • Borders with Germany, Poland, Austria, Slovakia • President (Vaclav Klaus) • Two chambers’ Parliament • Government – Prime Minister StanislavGross, 16 Ministers BIICL, London, 15 February 2005

  4. Legislation • Czechoslovak Constitution (1920) • Czech Constitution + Charter of Fundamental Rights and Freedoms(1993) • Specific laws (regulate PD processing in specific areas) • Ratification of Human Rights Convention • Ratification of the Convention 108 (2001) • Ratification of the Additional Protocol to C108 (2003) BIICL, London, 15 February 2005

  5. Data protection • 1992 – Act no.256 - on Protection of Personal Data in Information Systems • 2000 - Act no.101 - on Personal Data Protection (adopted April 4) • Harmonization with C108 and GeneralEU Directive – positions of CoE and EC BIICL, London, 15 February 2005

  6. DP Act 1992 • First DP law in the CR (former Federal Czech and Slovak Republic Law) • Not harmonized with Convention 108 • Especially – no sanctions, no supervision • Art.24 – expected supervision body BIICL, London, 15 February 2005

  7. Convention No.108 • The 1st legally binding international data protection instrument Ratification – „old“EU countries + Bulgaria,Estonia, Hungary, Poland, Romania, Slovenia,Slovakia, Lithuania, Latvia, Malta • Czech Republic – signature Sept. 8, 2000 ratification July 9, 2001 entry into force Nov.1, 2001 BIICL, London, 15 February 2005

  8. Additional ProtocolNo. 181 • Additional Protocol to the Convention 108 regarding supervisory authorities and transborder data flows ETS no.181 – 8.11.2001(open for signature) • Signature – 28 countries Slovakia, Lithuania, Czech Republic (Apr.10, 2002), Poland • Ratification – 7 countries Slovakia, Lithuania, Czech Republic (Sept.24, 2003) BIICL, London, 15 February 2005

  9. Czech DP activities in Europe • Council of Europe CJ-PD (till the end 2003) T-PD (1st vice-chair since 2003) member of the CoE’s expert missions (Russia, Bosnia & Herzegovina, Cyprus) • EuropeanCommission WP 29 Committee 31, Joint Supervisory Bodies (vice-chair of JSB Europol, Berlin Group (DP in telecommunication) • OECD BIICL, London, 15 February 2005

  10. EU Directive Transposition BIICL, London, 15 February 2005

  11. DP Act no.101 of 2000 • Application of the Law • Applies to any PD processing (unless special law otherwise specifies) • Applies to both public and private sectors • Applies to automatic and non-automatic processing • Exemptions (partly) for Third pillar processing BIICL, London, 15 February 2005

  12. Competences of the Office • Act no. 101/2000 Coll., - data protection • Act no. 133/2000 Coll., - birth date certificate (identity number) • Act no. 480/2004 Coll., - unsolicited messages • CR cooperate in combat “spam” – see: European countries launch joint drive to combat “spam” EU Press release IP/05/146 BIICL, London, 15 February 2005

  13. Supervision • Independent supervisory body – The Office for Personal Data Protection • Independence on the Government • Separate budget (independent on ministries) • Tasks given by law only, not by the Cabinet BIICL, London, 15 February 2005

  14. Sanctions • The Office competence to give fines and sanctions • Fines up to EUR 312 000 (EUR 630 000 resp) • Sanctions to natural person up to EUR 1 500 Chapter VII of the Law BIICL, London, 15 February 2005

  15. Amendment 2004 • Full harmonization with the General Directive • Solve problem with: definitions, exemptions, forms of consent, transborder data flows, notification to data subject • Biometric data as sensitive data BIICL, London, 15 February 2005

  16. Harmonization issues • Processing of National identifier is not regulate by DP Law (but by Law on Population register and Date of birth – Act no. 133/1999 Coll.) • National identifier (Rodne cislo) is not under regime of special categories of data – article 8 • Codes of conduct (art.27) • Notification – art.20(1) as problem (prior examination) BIICL, London, 15 February 2005

  17. DPA Approach BIICL, London, 15 February 2005

  18. Activities Notification exemptions by DP law (low risks processing – small societies, processing by special laws) 21 700 controllers notified 25 000 processing of data (databases) BIICL, London, 15 February 2005

  19. Legislation • The Office is responsible for DP legislation - common DP law - special sectorial legislation : according legislative rules it is obligation to submit bills to OPDP for comments BIICL, London, 15 February 2005

  20. Specific problems • Application DP principles into practice • Conflicts with old legislation • Change meaningful of citizens, controllers, processors, low willingness change till today practices • Historical “stones” BIICL, London, 15 February 2005

  21. Application DP principles • Consultations • Popularization • Written answers to questions • Web sites • Annual Report Position papers, opinions – regularly issued; no guidelines till now BIICL, London, 15 February 2005

  22. Mass media Contacts with mass media - 354 in 2004 agencies newspapers TV Broadcasting BIICL, London, 15 February 2005

  23. Publications • The Office Official Journal (36 issues) • Bulletin (quarterly) • Articles in magazines • Books (2) BIICL, London, 15 February 2005

  24. Inquiries Year 2004 – 6 539 inquiries 975 by e-mail 5 207 by phone 357 by post • Complaints 641 (incl. 306 for unsolicited messages) BIICL, London, 15 February 2005

  25. Changes ahead BIICL, London, 15 February 2005

  26. DP and accession to EU • DP legislation – harmonized with Directive • EC Peer Review evaluation • Regular Reports on the CR progress toward accession … • International Conference Accreditation • European DP Commissioners Conference • EC Phare projects – co-operation with Spain (DP authority) BIICL, London, 15 February 2005

  27. Changes • DP Act no.101 amended in 2004 • Directive 2002/58/EC implemented by - Act no. 480/2004 Coll., on some services in the information society ; - new law on electronic communications (Bill in the Parliament) BIICL, London, 15 February 2005

  28. Changes cont. • Changes of special laws (sectorial) – permanent task • Need to change legislation on public registers • Need to change medical law (on care on people health) BIICL, London, 15 February 2005

  29. The rights of men must be held sacred, however much sacrifice it may cost the ruling power. Immanuel Kant Perpetual Peace, 1795 BIICL, London, 15 February 2005

  30. Contacts • The Office for Personal Data Protection Pplk. Sochora 27, CZ-170 00 Prague 7 Czech Republic tel.: +420 234 665 442 fax: +420 234 665 512 info@uoou.cz http://www.uoou.cz BIICL, London, 15 February 2005

More Related