Author: Katarzyna Żukowska

What is the right to personal data?

When seeking inspiration for the future legal status of data, it is worth taking a closer look at how the right to personal data has been shaped. In particular, we could consider whether it is a property right and whether the current legal framework for the right to personal data corresponds to reality and meets our needs.

The attempt to define an absolute right to personal data is mainly driven by Art. 1(2) of the EU’s General Data Protection Regulation, which states that one of the objectives of the regulation is to protect the “right to the protection of personal data.” The right to protection of personal data is also enshrined in the Charter of Fundamental Rights of the European Union and the Treaty on the Functioning of the European Union.

The source of this right is found in European legislation. For this reason, an attempt to determine the substance of the right to data protection is difficult, as we cannot simply and directly refer to structures known from the different legal systems of the member states.

The essence of the right to data protection seems to be indicated in recital 7 of the GDPR preamble, which states, “Natural persons should have control of their own personal data.” Thus, the right to protection of personal data is primarily intended to give data subjects control over their data. The specific content of this right is defined by the protective instruments provided for in the GDPR. Among other things, these instruments consist of a guaranteed right to information about processed data, the right of control, but also the right to object to data processing. Many of these rights are similar to the bundle of rights also found in classical property law structures. However, important differences also exist.

Continue reading

New Council of Europe recommendation on processing of employee’s personal data in light of new technologies

The new recommendation on processing of da­ta for purposes of employment is designed to meet challenges posed by greater digitisation.

On 1 April 2015 the Council of Europe adopted Rec­ommendation CM/Rec(20l5)5 of the Committee of Ministers to member States on the processing of personal data in the context of employment. The previous recommendation was issued before the growth of the internet and new technologies, and did not reflect contemporary realities. Aware of the increased use of new technologies and electronic communications in dealings between employers and employees, the Council of Europe decided to modify the recom­mendation to ensure adequate protection of personal data in employment.

Continue reading