Abstract [eng] |
The right to private life is a novelty in Lithuania. In rapid development of technologies it is significantly relevant to provide favourable conditions for the development of information technologies and create safe legal environment, which would protect human rights towards privacy. However, it seems that the development of technologies poses danger to the integrity of personal data and illegal use of information. The protection of human rights and lack of protection for personal data endangers personal privacy. It therefore becomes relevant to examine Lithuanian system of data protection as it is currently in the stage of infancy. The object of this project is the system of personal data protection and related problematic phenomena. The aim of the project is to examine current Lithuanian data protection system and to compare it to the one that functions in Norway. The first objective was to identify the elements of data protection system. Therefore, the first part of the thesis describes the main principles of personal data management. Main conceptions of personal data system are as follows: personal data, data subject and data controller. In order to give effect to the second objective of this project, the paper provides analysis of the system used for the regulation of data protection both in Lithuania and the European Union. The second part of the project analyses main legal acts regulating the protection of personal data, identifies general institutions as well as its functions at the level of the entire European Union. The paper provides the examination of the provisions of the main legal document the Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Other legal acts that regulate the protection of personal data in the European Union are also analysed. The provisions and amendments of the new directive, which came into effect in 2016, are also discussed. Key areas with possible future changes are highlighted. The third part of this thesis includes the case of Lithuania. Lithuanian personal data system and legal regulation are being assessed. Case analysis is carried out in comparison to the Norwegian data protection system. General similarities and differences of the implementation of data protection applicable in both these countries are highlighted. According to the results of the project, personal data protection system functions insufficiently in Lithuania. The comparison of Lithuanian and Norwegian systems shows that the society of Lithuania lacks knowledge on personal data protection. When processing personal data, Lithuanian data processors not always follow the general aim set. As per the results of the thesis, Lithuania should follow the Norwegian personal data management practice – after data are deleted, anonymized or the goal of the process is reached. In addition, data processing should be bound with more strict rules, whereas data controllers should be obliged to provide data subjects with the information related to their personal data. A number of analyses show that the representatives of Lithuanian business and public institutions lack knowledge on the protection of personal data. In order to improve the implementation of Lithuania’s personal data policy, technologies should be used to provide more information about problems in the system of personal data, about protections tools. Besides, it could also be useful to organise conferences, to publish research data in various means of media. Project data should be used as guidance. The identified problems should form basis for the action plan needed to improve the system of data protection in Lithuania. |