Content (topics): The course topics 1. The development of information technologies, their use and impact on society, including possible risks, the pitfalls of digitalization. The phenomenon of big data and its possible use, examples, open questions. Artificial intelligence and related ethical issues. The concept of ethical responsibility in relation to information technology. 2. Reasons for the emergence of privacy and personal data protection legislation, the development of the European data protection system in time, the importance of individual international documents starting with the OECD Recommendation on privacy protection, the importance of Council of Europe Convention 108 and Directive 95/46/EC on the protection of personal data, the emergence of the first data protection authorities. 3. The value of privacy and personal data, the right to privacy and personal data protection as fundamental rights, the right to privacy under the Convention, the right to informational self-determination, clarification of concepts. Results of privacy research. Differences between the concept of privacy and personal data protection in Europe and the USA. 4. The Regulation 2019/679 on personal data (GDPR), reasons and process of its creation, comparison with Directive 95/46/EC, system, concepts, processing of personal data, sensitive data, etc.). The role of the data protection officer. GDPR specifics and its nature. 5. Clarification of the GDPR principles (principle of lawfulness, purpose limitation, data minimisation, accuracy, storage limitation, integrity in the form of technical and organisational security), explanation of the GDPR institutes (e. g. data protection impact assessment). 6. The concept of personal data from the perspective of GDPR, definition, Court of Justice of the EU (CJEU) case law. Example of biometric data as a special category of personal data, processing of biometric data from the perspective of the GDPR. Analysis of dynamic biometric signature as a topic from data protection perspective. 7. Method of the GDPR implementation and application. The Digital Content Directive from a data protection perspective as an example of the European law transposition into national law. The role of independent supervisory authorities, their tasks, the role of the European Data Protection Board (EDPB). EDPB guidelines, their nature, examples of some guidelines, the manner how to work with them. 8. Rights of data subjects, the interpretation and application of individual rights, the meaning of the right of access, the structure and substantive issues addressed in the guidelines on the right of access, the right to be forgotten in the case law of the CJEU, its application in practice. 9. The CJEU case law in the field of data protection, an overview of the most important relevant case law, preliminary questions raised so far and answers to them. Transfer of personal data abroad, especially to the USA, relevant case law, search for solutions. 10. The right to privacy and personal data protection as fundamental rights. Analysis of the issue of monetisation and commoditisation of personal data. The principle of proportionality in the CJEU case law and in the Constitutional Court of the CR case law, its significance in the context of the GDPR. 11. The CJEU case law in the area of privacy and personal data protection, right to self-determination, overview of case law. The case law of the Constitutional Court of the CR in the field of European law, basic approaches. 12. Data retention as a personal data protection issue addressed in the light of the CJEU case law since the Digital Rights Ireland judgment, analysis of individual preliminary questions. Assessment of the concept of data retention in the CJEU case law in the light of the assessment of the CJEE case law requirements.
|
The course "GDPR - Legal Issues in the Context of Information Technology" is based on the compulsory course Constitutional Foundations of the EU and serves to deepening of students' knowledge of European law, with an emphasis on the interdisciplinary nature of the study subject, ethical aspects and controversial issues. The aim of the course is to provide a comprehensive introduction to European data protection and privacy issues in relation to the current development of information technology having the potential to address many of the problems of contemporary society and to contribute to the common good. On the other hand, the complexity of technology and its constant surveillance over individual can pose a number of risks to citizens' rights, in particular the right to privacy and data protection, and possibly for human dignity. The right to data protection is not an absolute right, therefore it must be considered in the context of its function in society and in line with the principle of proportionality, it must be balanced against other fundamental rights. The individual lectures will highlight the openness and dynamism of the abovementioned issues, including the role of data protection rules and principles to be applied to individual processing. The course will not be taught only in theory but it will be closely linked to practical examples. Students will learn about issues of implementation, interpretation and application of European law.
Students completing this course will gain the knowledge and skills needed to master this issue
|
-
FRA. Handbook on Data Protection Law. Vydání 2018.
-
Nařízení Evropského parlamentu a Rady (EU) 2016/679 ze dne 27. dubna 2016 o ochraně fyzických osob v souvislosti se zpracováním osobních údajů a o volném pohybu těchto údajů a o zrušení směrnice 95/46/ES (obecné nařízení o ochraně osobních údajů)..
-
Gloria Gonzáles Fuster. (2014). The Emergence of Personal Data Protection as a Fundamental Right of the EU.. Springer.
-
Kuner, Christopher. (2020). The EU General Data Protection Regulation (GDPR)..
-
Marc Rotenberg. (2015). Privacy in the Modern Age. The Search for Solutions. The New Press.
-
Matejka, Jan, Matochová, Soňa, Prokeš, Josef. (2019). Analýza biometrických údajů v kontextu obecného nařízení o ochraně osobních údajů.. Acta Informatica Pragensia.
-
Michal Nulíček. (2018). GDPR - obecné nařízení o ochraně osobních údajů. 2. vydání. Praha. Wolters Kluwer.
-
Naděžda Šišková. Soňa Matochová. (2010). Evropské a české právo, jejich vzájemný poměr v judikatuře Ústavního soudu ČR. Linde Praha.
-
Orla Lynskey. (2016). The Foundations of Data Protection Law. Oxford University Press.
-
Radim Polčák a kolektiv. Právo informačních technologií.
-
S. D. Warren, L. D. Brandeis. The Right to Privacy. Harvard Law Review. 1890, Vol. IV, č. 5.
-
Viktor Mayer - Schönberger, Kenneth Cukier. (2019). Big Data. Computer Press.
-
Warren, S. D., Brandeis L. D. (1890). The Right to Privacy. Harvard Law Review. 1890, Vol. IV, č. 5.
|