The Office for Personal Data Protection of the Czech Republic
- The legal ground for the protection of personal data in the Czech Republic
- The legal position of the Office for Personal Data Protection
- The legal rights of the Office for Personal Data Protection
- Limitations of the Office for Personal Data Protection
1. The legal grounds for the protection of personal data
Personal data protection is involved into the legislation of the Czech Republic as integral part of protection of human rights. Since 1992, the Act No.256 on the Protection of Personal Data in Information Systems was forced. This law was replaced by the Act No.101 of 4 April 2000 on the protection of personal data and on Amendment to Some Related Laws. This new law came into force on 1 June 2000. They are many other laws partly regulate processing of personal data and also the Civil Code (the Act No. 40/1994 Coll. as amended) has some articles for protection human dignity and another individual's rights (articles 11 to 16). Other legal instruments are the Constitution of the Czech Republic and the Charter of Fundamental Rights and Freedoms - according to the article 3 of the Constitution the Charter of Fundamental Rights and Freedoms is its integral component. Some violations of data protection principles may break of the constitutional principles, the Criminal Code (Act No.140/1961 Coll.) or international treaties binding the Czech Republic. In accordance of Article 10 of the Constitution of the Czech Republic the ratified treaties on human rights have priority in the legislative power (precedence over the law).
The Constitution of the Czech Republic of 16 December 1992
An integral component of the constitutional system of the Czech Republic is the Charter of Fundamental Rights and Freedoms.
Ratified and promulgated international treaties on human rights and fundamental freedoms, whereby the Czech Republic is obligated, shall be directly binding and shall have precedence over the law.
The Czech Republic is the High Contracting Party of the Convention for the Protection of Human Rights and Fundamental Freedoms (ratification on 18 March 1992).
The Act No. 140 of 29 November 1961 as amended
the Criminal Code
||A person who, without authorization, even by negligence, discloses, makes accessible, otherwise processes or appropriates personal data on another person that have been collected in connection with execution of public administration, shall be punished by imprisonment of up to three years or by prohibition of activities or by a fine.
The Czech Republic signed the Convention for the Protection of Individuals with regards to Automatic Processing of Personal Data (ETS No. 108) on 8th September 2000 and ratified it on 9th July 2001. On 10 April 2002 the Czech Republic signed the Additional Protocol to the Convention No. 108 (ETS No.181).
2. The legal position of the Office for Personal Data Protection
The Office for Personal Data Protection is established with a seat in Prague (hereinafter the "Office") with the competence of a central administrative authority in the area of personal data protection in the scope stipulated by the Act No. 101 on the Protection of Personal Data and on Amendments to Some Related Acts, as amended by the Act No. 227 on June 29, 2000 and in the area of electronic signature in the scope stipulated by a special regulation (Act No. 227/2000 Coll., on Electronic Signature and on Amendment to Some Related Acts (the Electronic Signature Act)).
Employees of the Office shall consist of the President, inspectors and other employees. The Office is directed by the President who shall be appointed and recalled by the President of the Czech Republic on the basis of a proposal of the Senate of the Parliament of the Czech Republic. The President of the Office shall be appointed for a period of 5 years. The President may be appointed for the maximum of two successive periods.
The President of the Office may be only a citizen of the Czech Republic who enjoys legal capacity; has no criminal record, meets the conditions provide by a special regulations and for whom it can be assumed in relation to his knowledge, experience and moral qualities that he will serve his position properly; and has completed university education.
Inspectors of the Office shall be appointed and recalled by the President of the Czech Republic on the basis of a proposal of the Senate of the Parliament of the Czech Republic. An inspector shall be appointed for a period of 10 years. He/she may be appointed repeatedly. An inspector shall carry out inspections, direct inspections, prepare the inspection report and perform other laws related to tasks of the Office. The activities pursuant to paragraph 3 shall be carried out by 7 inspectors of the Office.
3. The legal rights of the Office for Personal Data Protection
The Office is an independent authority, supervises the observance of legally mandated responsibilities in the processing of personal data, which
- maintains a register of instances of permitted personal data processing,
- deals with notifications and grievances from citizens concerning infringements of the law,
- provides consultations in the area of personal data protection,
- participates in the legislative process at the level of government legislation and in the process of adoption of bills by the Parliament, and is also involved in the legislative process on the basis of requirements of the individual Deputies and Senators.
Articles 28 and 29 of the Act establish the legal rights, position and competencies of the Office. The activities of the Office shall act independently, may be subject only to special laws or other legal regulations and may be intervened with only the basis of the law. The activities of the Office shall be paid for from a special chapter of the state budget of the Czech Republic.
4. Limitations of the Office for Personal Data Protection
The Office has competences of a central administrative authority in the area of personal data protection. It has competency to supervise both public and private sectors. Its competency does not cover supervision of the intelligence services of the Czech Republic (supervision is made by the Parliament in accordance a special law).
The Office for Personal Data Protection
Pplk. Sochora 27
CZ - 170 00 Praha 7