20 May 2022 – Online conversation
The Oxford Debate 2022 – „The Right to Privacy” event is now in its second edition. The main goal of this event was to draw the attention of European citizens to important and relevant topics related to the future of Europe, and Central Europe in particular, and the issue of the right to privacy and its possible drawbacks from a legal point of view is crucial for Europe in the 21st century. The dissemination event received a very positive reception and went to 500 recipients. The debate consisted of two issues concerning the right to privacy, during which two teams – from Poland and Central Europe could present their vision on two main topics:
- sources of the right to privacy and their meaning in the national legal order
- evaluation of the effectiveness of legal protection measures of the right to privacy in the national legal order.
Speaker 1 from Poland took as a point of consideration the constitutional issues of the Polish state to the different branches of law, with particular emphasis on civil law. For this purpose, he presented Article 23 of the Civil Code, which states that the sphere of a person’s private life belongs to his personal goods and is protected in the Polish legal system under the provisions of the Civil Code. According to the doctrine, the sphere of private life is a personal good, which includes everything „that, due to the justified separation of the individual from the general public, serves for his development and psychological personality, as well as for the preservation of the achieved social position.” Despite the fact that Article 23 of the Civil Code does not list privacy among personal goods, the author of the speech points out that the enumeration contained in this provision is open and contains only an exemplary list, and also supports the case law of the Supreme Court, which considers that this does not prevent the right to privacy from being treated as an intrinsic good. At the very end of the first speech, the author stressed that despite the fact that privacy is not directly mentioned among the personal goods, there is no doubt that the right to privacy becomes one of the most important personal goods of a person. During the second panel, the author focused on the right to privacy, which belongs to the category of absolute subjective rights and which imposes on every person the obligation not to interfere with the sphere of rights covered by the right. For this purpose, she enumerated the means of protection in case of violation of this right, introduced on the basis of Article 24 of the Civil Code, which include, among others, the demand to cease action, demand to remove the effects, demand for compensation or demand for money with the intention to use it for a social purpose. She also indicated the division of these measures into pecuniary and non-pecuniary ones. The author also pointed out that the measures indicated in Article 24 of the Civil Code are subject to further specification in other provisions (e.g. Article 448 or Article 445 § 1 of the Civil Code).
Speakers No. 1 from Central Europe spoke about the crucial importance of the right to privacy in the Hungarian legal system. This is evidenced primarily by its presence in the Basic Law, which states that everyone has the right to respect for his or her private and family life, home, communication and good name. It restricts the exercise of freedom of speech and freedom of assembly by imposing the condition of not infringing on the private and family life and home of others. It further stipulates that everyone has the right to the protection of their personal data, as well as the right to access and disseminate information of public interest, and that an independent authority supervises the protection of personal data and the granting of the right of access to data of public interest. The Hungarian government has also approved the National Cyber Security Strategy. The second panel addressed the right to privacy in the field of labor law. The Labour Code requires the employer to inform employees in writing of the manner, conditions and expected duration of the restriction of the right to privacy, which may be restricted only if the restriction is absolutely necessary for reasons directly related to the purpose of the employment relationship and proportionate to achieving that purpose. The author also discusses the significant rights an employer may require of an employee, such as making a statement or disclosing personal information relevant to the establishment, exercise, termination, or enforcement of a right under this Act.
The topic of speaker number 2’s from Poland speech was an analysis of the sources and bases of the right to privacy. It pointed out that this issue is relevant to socio-political issues. The Polish legal system fulfils international standards of the right to privacy. The most important legal act is the Constitution of the Republic of Poland of 1997. It refers to the standards of protection of the right to privacy contained, inter alia, in the legislation of the European Union, the Council of Europe, the United Nations and the Organization for Security and Co-operation in Europe. The source of all rights, including the right to privacy, is Article 2 of the Constitution, which provides for a democratic legal state. Then relevant are Articles 47 to 51, which regulate the regime for the protection of the right to privacy in broad terms. The norms of statutory rank extend the protection of the right to privacy at the level of criminal, civil and administrative law, referring to the Constitution. In the second panel, the subject of the presentation, was an analysis of the effectiveness of the protection of the right to privacy and potential measures of the right to privacy. The Polish legal system also meets international standards in this respect. First, the Constitution of the Republic of Poland of 1997 does not close the way to assert one’s rights before international courts, such as the European Court of Human Rights and the Court of Justice of the European Union. This strengthens the effectiveness of protection of the right to privacy in the Polish legal system. Further, the Constitution provides for the right to a court, which is the best means of protecting rights and freedoms. Moreover, the Constitution provides for a number of institutions that affect the protection of the right to privacy at the level of civil, criminal and administrative law.
The starting point for the author’s consideration of speech 2 from Central Europe was the 2011 Law on the Right to Informational Self-Determination and Freedom of Information. In her speech, the author discussed successive chapters of the Act, pointing out its most important issues in protecting the right to privacy. Thus, Chapter I of the Act contains general provisions, such as the scope and definitions of basic terms. Chapter II sets out the principles of data processing: according to Section 4.1, personal data may only be processed for specified and explicit purposes where this is necessary for the exercise of certain rights and the fulfilment of obligations. Furthermore, Chapter III deals with access to information of public interest and Chapter IV regulates the publication of such information. The last two chapters contain provisions on the National Data Protection Authority and its work. The law established the National Data Protection and Freedom of Information Authority as an autonomous administrative body that is responsible for overseeing and promoting the enforcement of the rights to protection of personal data and access to public information and information of public interest, as well as promoting the free flow of personal data in the European Union. The Office’s rights and duties include, among others, conducting investigations on the basis of a notice, conducting administrative proceedings ex officio. In addition, being an administrative authority, the DPA has the power to impose fines under the administrative procedure.
The previous speaker No. 3 from Poland spoke about the right to privacy, presenting the criminal law aspect, and more specifically about the connections between the Polish and Hungarian legal systems. Both Poland and Hungary are parties to the Council of Europe Cyber Convention. And exactly on these aspects the author focuses in his two speeches. This convention (also called the Budapest Convention) is very interesting, because it is not directly applicable in the national legal order, but – according to the author – it should be implemented. The author points out that from the point of view of criminal law there are many provisions, norms concerning cybercrime. However, it should be remembered that cybercrimes included in the Cyber Convention can be directed against many goods, rights and freedoms. For example, against the right to health or fair trade. This means that the cyber crimes contained in the cyber convention may be against the right to privacy. In the following paragraphs of the speech, the author discusses the cyber convention of the Council of Europe, which relates to substantive criminal law, obviously from the point of view of the right to privacy. The second panel of the speech was devoted to assessing the effectiveness of legal measures protecting the right to privacy. The author again focused on cybercrime and the law of new technologies, referring to the articles of the Cyber Convention, the provisions of which were also introduced into the Polish legal order – in the Code of Criminal Procedure. Concluding his speech, the author presented a number of measures to respond in case a cyber crime against privacy occurs. In this regard, he also focused on a special law – the Act of 14 December 2018 on the protection of personal data processed in connection with preventing and combating crime. This law sets out the principles and conditions for the protection of personal data processed by relevant authorities for the purpose of identifying, preventing, detecting and combating criminal acts. The author emphasized that this law, together with the relevant provisions of the Polish Code of Criminal Procedure, creates a logical set of tools for our authorities.
The topic of speaker 3 from Central Europe was the Civil Code of Hungary, which guarantees the right to respect for privacy. It stipulates that violation of personal rights means, in particular, violation of personal freedom, privacy and private dwelling. In chapter 2:43 (b), the Civil Code elevates an indefinite legal concept to the status of a right, so the application of the law plays a special role. An important novelty in Hungarian law is LIII. Privacy Act of 2018. The preamble of the Privacy Act states that the right to privacy is essential to the realization of human life, as it delineates the inviolable sphere of human personality. The Act also states that privacy protection should extend to harassment both in the physical world and online. Therefore, the dignity of the individual and the right to a private life should be protected both in the real world and online. It can be said that the Privacy Act repeats and in some points complements the provisions of the Basic Law, the Civil Code and the Law on Information Self-Determination and Freedom of Information. In summary, it can be said that its most important novelty is that it explicitly declares the protection of privacy against violations on the Internet. Further interpretation of these provisions, however, is the responsibility of the court.
Speaker 4 from Poland turned to the sources of the right to privacy under Polish administrative law. The key regulations is the press law and the General Data Protection Regulation. General Data Protection Regulation has significantly affected the issue of personal data protection in the Polish legal order. Until 2016, the Polish Personal Data Protection Act was based on a system of criminal-law sanctions for processing personal data in violation of the rules of law. The provisions of the act are mandatory in nature, and their application cannot be limited or excluded by the will of the parties. The tools used to tame threats and risks include risk analysis and assessment of the effects of processing on the protection of personal data and the data protection impact assessment, also called DPIA. As a result, the impact assessment is to determine the measures that will be taken to manage the possible danger. In evaluating the effectiveness of legal protections for the right to privacy in the context of administrative protections, speaker focused on what the future of these protections is and said about the bill of the Ministry of Justice. This legislation that effectively implements the constitutional right to freedom of speech and serves to protect alongside false information on the Internet. More and more fake news appears on the Internet and when someone wants to defend against it, they cannot claim their rights. Therefore, the need to introduce procedures adequate to the changing reality.
The right to privacy in the context of criminal law protection was the main topic of the presentations in both panels by participant #4 from Central Europe. He pointed out that the right to privacy enjoys significant criminal law protection in the Hungarian legal system. The most important piece of legislation in this area is Act C of 2012, the Criminal Code. Chapter XXI, entitled „Crimes against human dignity and certain fundamental rights,” contains most of the criminal provisions related to our topic.
The author discusses in turn Article 219, Article 221 and Article 222 of the Penal Code, which include crimes against the right to privacy. The author also draws attention to another important privacy protection provided by Article 422 entitled Illegal Access to Data.