Бібліотечний вісник | bv.nbuv.gov.ua
Лопата О. - Забезпечення безпеки даних користувачів бібліотек у контексті нових правових стандартів Європейського Союзу (2022)

  ARCHIVE (All issues) /     Content (2022, Issue 2)Ukrainian English

Lopata Olena

Ensuring the security of library users’ data in the context of new legal standards of the European Union

Section: Legal grounds for library work

Abstract: The purpose of this research. The piece of writing about basic tendencies in principles and mechanisms of a new order of protection and safety of the personal data in the European legal standards, introduction to the national legislation of universal criterion for the person’s data protection. Modern issues of personal data security and European Union (hereinafter: EU) data security safeguarding mechanisms provided by law. Methodology of the research is based on systemic and structural approaches, on methods of comparative, logical and source analysis, including interdisciplinary approach. Scientific novelty. The main cause of this article is to study the legal norms "On the protection of natural persons with regard to the processing of personal data and on the movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation): Regalement (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016" and "On the protection of natural persons with regard to the processing of personal databy competent authorities for the purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and the free movement of such data and repealing Council Framework Decision 2008/977/JHA: Directive (EU) 2016/680 of the European Parliament and of the Council, of 27 April 2016" in modern conditions and compilation of legal requirements to establish an integrated system of protection of personal data in the library area. This publication analyzes the state of the Ukrainian legislation as related to restriction of the accessto personal information, its compliance with the principles of international law in the European integration of Ukraine and examines the state of European law in this field. The article outlines current issues of processing and protection of personal data in modern conditions, as well as analyses the problematic aspects of privacy in the practical activities of libraries. The classification of database integrity restrictions is given. Conclusions. The organization of the data security system today, needs to be considered and built: based on the essential links, current information regulations and each individual entity. The role of the Vernasky National Library of Ukraine in realization of European standards of data protection – organizational and technical, in the practice of library work is emphasized.

Keywords: transformation, personal data, data security, data protection, information processing, personal data protection system, legal standart.


Author(s) citation:

Cite:
Lopata Olena (2022). Ensuring the security of library users’ data in the context of new legal standards of the European Union. Bibliotechnyi visnyk, (2) 18-34. (In Ukrainan). doi: https://doi.org/10.15407/bv2022.02.018

References:

  1. Bryzhko, V. M. (2013). Zakhyst personalnykh danykh: realiyi ta praktyka suchasnosti [Personal data protection: realities and contemporary practice]. Informatsiia i pravo, 3, 31-48. [In Ukrainian]
  2. Yevropeiskyi Parlament (2016). Dyrektyva (EC) 2016/680 Yevropeiskoho Parlamentu ta Rady vid 27 kvitnia 2016 roku "Pro zakhyst fizychnych osib u zviazku z obrobkoiu personalnykh danykh kompetentnymy organamy vlady z metoiu zapobihannia, rozsliduvannia, vyiavlennia chy sudovoho peresliduvannia kryminalnykh pravoporushen, abo vykonannia kryminalnykh pokaran ta pro vilne peremishchennia takykh danykh, i skasuvannia Ramkovogo rishennia Rady 2008/977/JHA" [On the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and the free movement of such data and repealing Council Framework Decision 2008/977/JHA: Directive (EU) 2016/680 of the European Parliament and of the Council, of 27 April 2016]. In Suchasni pravovi standarty Yevropeiskoho Soiuzu u sferi zakhystu personalnykh danykh: zbirnyk dokumentiv [The Current Legal Standards of the European Union in the Field of Personal Data Protection: collection of documents] (Editor Bryzhko, V., translator Maistrenko, I., introduction Pylypchuk, V.,pp. 108-159). Kyiv, Ukraine: TOV "Vydavnychyi dim "ArtEk". [In Ukrainian].
  3. Yevropeiskyi Parlament (1995). Dyrektyva 95/46/IeS Yevropeiskoho Parlamentu i Rady Yevropeiskoho Soiuzu vid 24 zhovtnia 1995 roku "Pro zakhyst osib u zviazku z obrobkoiu personalnykh danykh i vilnym obihom tsykh danykh" [Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data]. Informatsiia i pravo, 2013, 3, 152-171. [In Ukrainian].
  4. Rady Yevropy (2001). Dodatkovyi protokol do Konventsii Rady Yevropy No 108 vid 8 lystopada 2001 roku "Pro zakhyst osib u zviazku z avtomatyzovanoiu obrobkoiu personalnykh danykh shchodo orhaniv nahliadu ta transkordonnykh potokiv danykh" [Additional Protocol to the Convention for the Protection of Individuals with regard to Automatic Processing of Personal data regarding supervisory authorities and transborder data flows]. Informatsiia i pravo, 2013, 3, 150-151. [In Ukrainian].
  5. (2016). DSTU ISO/IEC 38500:2016 (ISO/IEC 38500:2015, IDT) Informatsiini tekhnologii. Upravlinnia IT v organizatsii [web-site]. [Information Technology. IT management in the organization]. [In Ukrainian].
  6. Verkhovna Rada Ukrainy (2014, Lypen 3). Zakonodavche zabezpechennia rozvytku informatsiinoho suspilstva v Ukraini (Rekomendatsii parlamentskykh slukhan): Postanova Verkhovnoi Rady Ukrainy No 1565-VII [web-site]. [On the Zakonodavche zabezpechennia rozvytky informatsiinogo suspilstva v Ukrainy: Resolution of the Verkhovna Rada of Ukraine]. Vidomosti Verkhovnoi Rady Ukrainy, 33, Art.1163. [In Ukrainian].
  7. Baranov, A., Bryzhko, V., and Bazanov, Yu. (Eds). (1998). Zashchita personalnykh dannykh [Personal Data Protection]. Kyiv, Ukraine: VAT KP OTI. [In Ukrainian].
  8. Koval, T. M., and Lopata, O. M. (2018, November). Normatyvno-pravova baza ta systema standartov YeS ta IFLA shchodo zberezhennia personalnykh danykh korystuvachiv bibliotek [Regulatory framework and system of EU and IFLA standards to preserve personal data library users]. In Library. Science. Communication. Proceedings of the International Scientific Conference (pp. 48-55), Vernadsky National Library of Ukraine. Kyiv, Ukraine. [In Ukrainian].
  9. Koval, T. M., and Lopata, O. M. (2019). Osoblyvosti mekhanizmu zakhystu personalnykh danykh korystuvachiv bibliotek v zakonodavstvi YeS ta systemi standartiv IFLA [Singularities of the mechanism to protection of patron data library visitors in the legislation of EU and system of standards IFLA]. Naukovi pratsi Natsionalnoi biblioteky Ukrainy iмeнi V. I. Vernadskogo, 56, 135-157. Kyiv, Ukraine. [In Ukrainian].
  10. Rada Yevropy (1981). Konventsiia Rady Yevropy vid 28 sichnia 1981 roku No 108 "Pro zakhystosib u Zviazku z avtomatyzovanoiu obrobkoiu personalnykh danykh" [Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data. Amendment to Convention ETSNo 108 allowing the European Communities to accede]. Informatsiia i pravo, 2013, 3, 143-149. [In Ukrainian].
  11. Verkhovna Rada Ukrainy (1996, Cherven 28). Konstytutsiia Ukrainy: Zakon Ukrainy No 254k/96-VR [The Constitution of Ukraine: Law of Ukraine No 254 k/96 – BP]. Vidomosti Verkhovnoi Rady Ukrainy, 30, Art. 32. [In Ukrainian].
  12. Melnyk K. S. (2013). Teoretyko-pravovyi zmist terminu "personalni dani" [Theoretical and legal content of the term "personal data"]. Informatsiia i pravo, 3, (pp. 49-63). [In Ukrainian].
  13. Verkhovna Rada Ukrainy (2011, Sichen 13). Pro dostup do publichnoi informatsii: Zakon Ukrainy No 2939-VI [About access to public information: Law of Ukraine]. Vidomosti Verkhovnoi Rady Ukrainy, 32, Art. 314. [In Ukrainian].
  14. Verkhovna Rada Ukrainy (2010, Lypen 13). Pro zakhyst personalnykh danykh: Zakon Ukrainy No 2939-VI [On the protection of personal data: Law of Ukraine]. Vidomosti Verkhovnoi Rady Ukrainy,34, Art. 481. [In Ukrainian].
  15. Verkhovna Rada Ukrainy (1992, Zhovten 2). Pro informatsiiu: Zakon Ukrainy No 2657-XII [Aboutthe information: Law of Ukraine]. Vidomosti Verkhovnoi Rady Ukrainy, 48, Art. 650. [In Ukrainian].
  16. Verkhovna Rada Ukrainy (2017, Traven 24). Pro ratyfikatsiiu Administratyvnykh domovlenostei shchodo okhorony informatsii z obmezhenym dostupom mizh uriadom Ukrainy ta Orhanizatsieiu Pivnichnoatlantychnoho dohovoru: Zakon Ukrainy No 2068-VIII [On the Ratification of the Administrative Arrangements for the Protection of Restricted Information Between the Government of Ukraine and the North Atlantic Treaty Organization: Law of Ukraine]. Vidomosti Verkhovnoi Rady Ukrainy, 26, Art. 299.[In Ukrainian].
  17. Protsenko V. A. (2012). Osoblyvosti mekhanizmiv zakhystu personalnykh danykh v zakonodavstvi YeS [Peculiarities of mechanisms for protection of personal data in the EU legislation EU]. Pravova informatyka, 2, 45-50. [In Ukrainian].
  18. Yevropeiskyi Parlament (2016). Reglament (EC) 2016/679 Yevropeiskoho Parlamentu ta Radyvid 27 kvitnia 2016 roku "Pro zakhyst osib u zviazku z obrobkoiu personalnykh danykh ta pro vilne peremishchennia tsykh danykh, a takozh pro skasuvannia Dyrektyvy 95/46/IeS (Zagalnyi Reglament shchodo zakhystu danykh)" [On the protection of natural persons with regard to the processing of personaldata and on the movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation): Regalement (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016]. In Suchasni pravovi standarty Yevropeiskoho Soiuzu u sferi zakhystu personalnykh danykh: zbirnyk dokumentiv [The Current Legal Standards of the European Union in the Field of Personal Data Protection: collection of documents] (Editor Bryzhko, V., translator Maistrenko, I., introduction Pylypchuk, V.,pp. 7-107). Kyiv, Ukraine: TOV "Vydavnychyi dim "ArtEk". [In Ukrainian].
  19. (2013). Standart ISO/IEC 27001: 2013 "Informatsiini tekhnologii. Metody zakhystu. Systemy menedzhmentu informatsiinoi bezpeky" [web-site]. [Information Technology. Methods of protection. Information security management. [In Ukrainian].
  20. Maistrenko, I., Bryzhko, V., and Pylypchuk, V. (Translator, Editor and Introduction). (2018). Suchasni pravovi standarty Yevropeiskoho Soiuzu u sferi zakhystu personalnykh danykh: zbirnyk dokumentiv [The Current Legal Standards of the European Union in the Field of Personal Data Protection: collection of documents]. Kyiv, Ukraine: TOV "Vydavnychyi dim "ArtEk", Ukraine. [In Ukrainian].
  21. (2014). Typovyi poriadok obrobky personalnykh danykh, zatverdzhenyi Nakazom Upovnovazhenoho Verkhovnoi Rady Ukrainy z prav liudyny V. V. Lutkovskoiu vid 8 sichnia 2014 r.No 1/02-14. [web-site]. [Standard procedure for processing personal data, approved by the Order of the Commissioner of the Verkhovna Rada of Ukraine for Human Rights V. V. Lutkovska dated 08.01.2014N 1 / 02-14]. [In Ukrainian].
  22. (2011). Typovyi poriadok obrobky personalnykh danykh u bazakh personalnykh danykh, zatverdzhenyi nakazom Ministerstva yustytsii Ukrainy vid 30 grudnia 2011 r. No 3659/5 [web-site]. [Standard procedure for processing personal data in personal databases, approved by the order of the Ministry of Justice of Ukraine dated 30.12.2011 No 3659/5]. [In Ukrainian].
  23. (2001). 2001/497/EC: Commission Decision of 15 June 2001 on standard contractual clauses for the transfer of personal data to third countries, under Directive 95/46/EC. [In English].
  24. Ayala Daniel. Security and Privacy for Libraries in 2017. [In English].
  25. European Parliament (2002). Directive 2002/58/EC of the European Parliament and of the Councilof 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications). [In English].
  26. (2012). IFLA Code of Ethics for Librarians and other Information Workers. [In English].
  27. (2013) IFLA Trend Report. [In English].
  28. (2012) Protection of personal data. [In English].
  29. (1999). The Working Party on the Protection of Individuals with regard to Processing of Personal Data (1999, September 7). Recommendation 4/99 on the inclusion of the fundamental right to data protection in the European catalogue of fundamental rights. Brussels. [In English].
  30. European Parliament (2000). Regulation (EC) No 45/2001 of the European Parliament and of the Council of 18 December 2000 on the protection of individuals wish regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data. [In English].
  31. (2013, 2014) Right to Privacy in the Digital Age. [In English].
  32. (2015). Statement on Privacy in the Library Environment. [In English].