The Right to Privacy and the Obligation to Transfer and Authenticate Personal Data through the Internet: Conflicting Issues

Jabłoński, Mariusz

doi:10.15290/bsp.2025.30.04.10

Abstract

Contemporary legal and commercial solutions practised by various types of businesses are associated with a definition of precisely specified obligations imposed on the actors of the indicated activities (natural persons, legal persons and other legal entities). This also includes an obligation to perform specific actions only (or in parallel) electronically, including the implementation and application of top-down (authoritative) authentication processes, defined by legislation and by commercial entities. In practice, there is a lot of controversy concerning both the necessity of such solutions and the definition of the nature and scope of protection of the rights of individuals who are obliged to transfer certain information in this way. This is not only about minimizing the possible liability of the specific actor who obtains this type of data (the administrative body, institution or entity, e.g. an entrepreneur) for its loss and/or improper use, but in general about justifying the necessity of this type of obligation. Analysis of these issues will be presented as part of a substantive study considered in the light of limits for protecting the right to privacy.

References

Avgerou, C., & Madon, S. (2005). Information society and the digital divide problem in developing countries. In J. Berleur & C. Avgerou (Eds.), Perspectives and policies on ICT in society (pp. 205–218). Springer. http://eprints.lse.ac.uk/2576/1/Information_society_and_the_digital_divide_problem_in_developing_countries_(LSERO).pdf
Search in Google Scholar Back to article
de Andrade, N. N. G. (2011). Data protection, privacy and identity: Distinguishing concepts and articulating rights. In S. Fischer-Hübner, P. Duquenoy, M. Hansen, R. Leenes, & G. Zhang (Eds.), Privacy and identity management for life (pp. 90–107). Springer. https://doi.org/10.1007/978–3-642–20769-3_8
Search in Google Scholar Back to article
de Gregorio, G. (2022). Digital constitutionalism in Europe: Reframing rights and powers in the algorithmic society. Cambridge University Press.
Search in Google Scholar Back to article
Dunaj, K. (2023). Unijne standardy ochrony prawa do prywatności w obszarze cyberbezpieczeństwa, Kwartalnik Prawa Międzynarodowego, 3, pp. 17–19.
Search in Google Scholar Back to article
Eskens, S. (2020). The personal information sphere: An integral approach to privacy and related information and communication rights. Journal of the Association for Information Science and Technology, 71(9), 1116. https://doi.org/10.1002/asi.24354
Search in Google Scholar Back to article
ETSI. (2023). Group report. Securing artificial intelligence (SAI): Automated manipulation of multimedia identity representations (ETSI GR SAI 011 V1.1.1 (2023–06)). ETSI. https://www.etsi.org/deliver/etsi_gr/SAI/001_099/011/01.01.01_60/gr_SAI011v010101p.pdf
Search in Google Scholar Back to article
European Commission. (2021, 21 April). Proposal for a Regulation of the European Parliament and of the Council Laying Down Harmonised Rules on Artificial Intelligence (Artificial Intelligence Act) and Amending Certain Union Legislative Acts, COM(2021)206 final. https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:52021PC0206
Search in Google Scholar Back to article
European Data Protection Supervisor. (2024, 24 January). Opinion 8/2024 on the proposal for a regulation amending Regulation (EU) 2021/1232 on a temporary derogation from certain eprivacy provisions for combating CSAM. https://www.edps.europa.eu/system/files/2024–01/2023–1261_d0219_opinion_en.pdf
Search in Google Scholar Back to article
European Parliament and European Council. (2016, 27 April). Regulation (EU) 2016/679 on the Protection of Natural Persons with Regard to the Processing of Personal Data and on the Free Movement of Such Data and Repealing Directive 95/46/EC (O. J. L 119, 2016).
Search in Google Scholar Back to article
European Parliament and European Council. (2016, 6 July). Directive EU 2016/1148 on Measures for a High Common Level of Security of Networks and Information Systems within the Union (O. J. L. 194, 2016).
Search in Google Scholar Back to article
European Parliament and European Council. (2016, 26 October). Directive (EU) 2016/2102 on the Accessibility of Websites and Mobile Applications of Public Sector Bodies (O. J. L 327, 2016).
Search in Google Scholar Back to article
European Parliament and European Council. (2022, 14 December). Directive (EU) 2022/2555 on Measures to Promote a High Common Level of Cyber-Security within the Union, Amending Regulation (EU) no. 910/2014 and Directive (EU) 2018/1972 and Repealing Directive (EU) 2016/1148 (NIS Directive 2) (O. J. L. 333, 2022).
Search in Google Scholar Back to article
European Parliament and European Council. (2022, 14 December). Regulation (EU) 2022/2554 on Operational Digital Resilience of the Financial Sector and Amending Regulations (EC) no. 1060/2009, (EU) no. 648/2012, (EU) no. 600/2014, (EU) no. 909/2014 and (EU) 2016/1011.
Search in Google Scholar Back to article
European Parliament and European Council. (2023, 31 May). Regulation (EU) 2023/1114 on Crypto-currency Markets and Amending Regulations (EU) no. 1093/2010 and (EU) no. 1095/2010 and Directives 2013/36/EU and (EU) 2019/1937.
Search in Google Scholar Back to article
European Parliament. (2021, April 22). Shaping the digital transformation: EU strategy explained. https://www.europarl.europa.eu/topics/en/article/20210414STO02010/shaping-the-digital-transformation-eu-strategy-explained
Search in Google Scholar Back to article
European Union Agency for Fundamental Rights. (2015). Surveillance by intelligence services: Fundamental rights safeguards and remedies in the European Union. https://fra.europa.eu/sites/default/files/fra_uploads/fra-2015-surveillance-intelligence-services-summary_en.pdf
Search in Google Scholar Back to article
Grzelak, A., & Zielińska, K. S. (2021). Między prawem do prywatności i ochrony danych osobowych a zapewnieniem bezpieczeństwa publicznego i walką z przestępczością. Problemu retencji danych ciąg dalszy – glosa do wyroków Trybunału Sprawiedliwości z 06.10.2020 r.: C 623/17, Privacy International, oraz w sprawach połączonych C-511/18, C-512/18, C-520/18, La Quadrature du Net i in. Europejski Przegląd Sadowy, 7, 26–36.
Search in Google Scholar Back to article
Hill, K. (2023). Your face belongs to us: The secretive startup dismantling your privacy. Simon & Schuster.
Search in Google Scholar Back to article
Jabłonowska, A., & Tagiuri, G. (2023). Rescuing transparency in the digital economy: In search of a common notion in EU consumer and data protection law. Yearbook of European Law, 42, 347–387.
Search in Google Scholar Back to article
Jabłoński, M., & Węgrzyn, J. (2023). Consumer protection in the EU law and the constitution of the Republic of Poland: General comments. In J. Cremades & C. Hermida (Eds.), Encyclopedia of contemporary constitutionalism (pp 2–14). Springer.
Search in Google Scholar Back to article
Judgment of the CJEU of 9 November 2010 on the case of Volker und Markus Schecke, C 92/09.
Search in Google Scholar Back to article
Judgment of the CJEU of 4 April 2014 on the joined cases of Digital Rights Ireland Ltd v. Minister for Communications, Marine and Natural Resources, Minister for Justice, Equality and Law Reform, Commissioner of the Garda Síochána, Ireland, the Attorney General, C 293/12, and Kärntner Landesregierung, Michael Seitlinger, Christof Tschohl and Others, C 594/12.
Search in Google Scholar Back to article
Judgment of the CJEU of 21 December 2016 on the joined cases of Tele2 Sverige AB v. Post – och telestyrelsen and Secretary of State for the Home Department v. Tom Watson, Peter Brice, Geoffrey Lewis, C 203/15 and C 698/15.
Search in Google Scholar Back to article
Judgment of the CJEU of 6 October 2020 on the joined cases of La Quadrature du Net, French Data Network, Fédération des fournisseurs d’accès à internet associatifs, Igwan.net v. Premier ministre, Garde des Sceaux, Ministre de la Justice, Ministre de l’Intérieur, Ministre des Armées oraz Ordre des barreaux francophones et germanophone, Académie Fiscale ASBL, UA, Liga voor Mensenrechten ASBL, Ligue des Droits de l’Homme ASBL, VZ, WY, XX v. Conseil des ministers, C 511/18, C 512/18 and C 520/18.
Search in Google Scholar Back to article
Judgment of the Polish Constitutional Tribunal of 9 July 2009, no. SK 48/05.
Search in Google Scholar Back to article
Judgment of the Polish Constitutional Tribunal of 26 February 2014, no. K 22/10.
Search in Google Scholar Back to article
Judgment of the European Court of Human Rights of 2 August 1984 on the case of Malone v. UK, application no. 8691/79.
Search in Google Scholar Back to article
Judgment of the European Court of Human Rights of 16 December 1992 on the case of Niemietz v. Germany, application no. 13710/88.
Search in Google Scholar Back to article
Judgment of the European Court of Human Rights of 16 February 2000 on the case of Amann v. Switzerland, application no. 27798/95.
Search in Google Scholar Back to article
Judgment of the European Court of Human Rights of 4 May 2000 on the case of Rotaru v. Romania, application no. 28341/95.
Search in Google Scholar Back to article
Judgment of the European Court of Human Rights of 16 April 2002 on the case of Société Colas Est et al. v. France, application no. 37971/97.
Search in Google Scholar Back to article
Judgment of the European Court of Human Rights of 28 January 2003 on the case of Peck v. United Kingdom, application no. 44647/98.
Search in Google Scholar Back to article
Judgment of the European Court of Human Rights of 20 March 2007 on the case of Tysiąc v. Poland, application no. 5410/03.
Search in Google Scholar Back to article
Judgment of the European Court of Human Rights of 4 December 2015 on the case of Zakharov v. Russia, application no. 47413/06.
Search in Google Scholar Back to article
Judgment of the Polish Constitutional Tribunal of 19 February 2002, no. U 3/01.
Search in Google Scholar Back to article
Judgment of the Polish Constitutional Tribunal of 23 june 2009, no. K 54/07.
Search in Google Scholar Back to article
Judgment of the Polish Constitutional Tribunal of 22 july 2014 r., no. K 25/13.
Search in Google Scholar Back to article
Kuźnicka, D. (2017). Dyskryminacja w zakresie dostępu do informacji publicznej a widzialność stron internetowych administracji. Przegląd Prawa Konstytucyjnego, 38(4), 175–194. https://doi.org/10.15804/ppk.2017.04.09
Search in Google Scholar Back to article
Milczarek, E. (2020). Prywatność wirtualna. Unijne standardy ochrony prawa do prywatności w internecine. Beck.
Search in Google Scholar Back to article
Rise, M. (2018, May). Human rights and artificial intelligence: An urgently needed agenda [HKS faculty research working paper series RWP18–015], https://www.google.com/url?sa=t&-source=web&rct=j&opi=89978449&url=https://appext.hks.harvard.edu/publications/getFile.aspx%3FId%3D1664&ved=2ahUKEwiPteSAj7CQAxXyc_EDHSVmE8kQFnoECBYQAQ&usg=AOvVaw2Xau_yNlWokYm7Pjk7WqLq
Search in Google Scholar Back to article
Roagna, I. (2012). Protecting the right to respect for private and family life under the European Convention on Human Rights. Council of Europe, Strasbourg.
Search in Google Scholar Back to article
Safjan, M. (2014). O różnych metodach oddziaływania horyzontalnego praw podstawowych na prawo prywatne. Pańtwo i Prawo, 2, 3–33.
Search in Google Scholar Back to article
Supreme Court of the United States. (2018). Brief of Privacy International, human and digital rights organizations and international legal scholars as amici curie in support of respondent – United States v. Microsoft Corp., 584 US, no. 17–12. https://www.supremecourt.gov/Docket-PDF/17/17–2/28354/20180118170547648_17–2%20USA%20v%20Microsoft%20Brief%20of%20Privacy%20International%20Human%20and%20Digital%20Rights%20Organizations%20and%20International%20Legal%20Scholars%20as%20Amici%20Curiae%20in%20Support%20of%20Respondent.pdf
Search in Google Scholar Back to article
Szurdi, J. (2020). Measuring and analysing typosquatting toward fighting abusive domain registrations [Doctoral dissertation, Carnegie Mellon University]. https://janos.szurdi.com/content/thesis/jszurdi-phd-thesis.pdf
Search in Google Scholar Back to article
van Dijk, J. (2005). The deepening divide: Inequality in the information society. Sage.
Search in Google Scholar Back to article
Webster, F. (2014). Theories of the information society (4th ed.). Routledge.
Search in Google Scholar Back to article
Yang, L., Li, J., Pricket, T., & Chao, F. (2019). Towards big data governance in cybersecurity. Data-Enabled Discovery and Applications, 3, 10. https://www.researchgate.net/publication/337692258_Towards_Big_data_Governance_in_Cybersecurity
Search in Google Scholar Back to article

The Right to Privacy and the Obligation to Transfer and Authenticate Personal Data through the Internet: Conflicting Issues

Abstract

Paradigm

My account