Professional Documents
Culture Documents
Privacy or Not - That Is The Question: Ivan Cirković Algebra College Icirkov@racunarstvo - HR
Privacy or Not - That Is The Question: Ivan Cirković Algebra College Icirkov@racunarstvo - HR
Privacy or Not - That Is The Question: Ivan Cirković Algebra College Icirkov@racunarstvo - HR
Ivan Cirković
Algebra College
icirkov@racunarstvo.hr
This paper analyses the personal data protection which has led to numerous changes in data protection,
measures identified by the European Union and adopted and has updated the issue of personal data protection
the General Data Protection Regulation (GDPR), which and has encouraged public debate on the topic globally
entered into force on 25 May 2018. The changes that the
[1].
GDPR brings should give greater control to EU citizens
over the personal data that organizations collect and II. PII AND PROTECTION
process to provide them with specific services. In today's
information society, whose development is based on the Personal identifiable information (PII) is
processing of a multitude of data, regulation of the information that can identify an individual. PII may
collection and processing of personal data is needed to contain direct identifiers that can identify a person
protect the rights of individuals and to prevent the misuse uniquely, or quasi-identifiers that can be combined
of their data. with other quasi-identifiers to successfully recognize
Key words – GDPR, PII, personal data, regulative, an individual. Data that can be included is IP address,
data protection, data processing, data collection, login data, social media posts, digital images,
information society geolocation, behavioural data or biometric data [4].
III. GDPR
I. INTRODUCTION
The development of information technology in A major step forward in the area of personal data
recent years has been rapid and extensive. Most protection and information security is the adoption of
production processes are automated and streamlined the new General Regulation on the protection of
and partly brought to the level of artificial intelligence individuals with regard to the processing of personal
management. The market is globalized and its data and on the free movement of such data 2016/679
functioning has been brought to the highest level. It is (General Data Protection Regulation - GDPR) and its
obvious that because of the rapid development of entry into force on 25 May 2018, which repeals current
modern information and communication technology Directive 95/46 / EC [1].
and new ways of automated data processing, there was
One of the first steps for organizations on the
a need to create a detailed legislative framework to
journey to GDPR compliance is to find out what
control and ensure the protection of data and
'personal data' (i.e. any information relating to an
information and the fundamental freedom of individuals
identified or identifiable natural person) are stored
involved in the information process whose data is
where. In image 1, there can be seen 5 recommended
processed [1].
steps for discovering data. First step is to create all of
Data disseminated and processed into information data stores by recording their name, purpose and
through knowledge sharing, communication and other physical location. Second step is to select data stores
processing methods and data processing techniques that are already know to contain personal data. Third
must be accurate, consistent and true, which of course is step is to capture or reverse the physical model of the
difficult to control. What has been controversial in these selected data stores. Fourth step is to identify metadata
theories is data partiality and inconsistency despite the of personal data and of objects that are related to
truth of their theses. One of the biggest problems that personal data for each selected data store. Last, fifth
arises with the development of information technology step is to create or enrich logical data model using the
and data processing is human rights and their threat [1]. business data dictionary [8].
As data protection is greatly influenced by
legislation, it will be shown how certain regulations
have had an impact on the flow of data on the market
and on their protection. The protection of personal data
in different countries of the world will be compared to
the level of protection in Croatia and the EU, given that
the European Union has been most concerned with the
issue of the flow, protection and automatic processing
of personal data. The paper will particularly highlight
the General Data Protection Regulation (GDPR),
The aim of the GDPR regulation is to harmonize all
laws regarding the protection of personal data
throughout the European Union. The introduction of the
regulation gave individuals more control over the
management and sharing of personal information with
third parties [7].