PERSONAL DATA CONCEPT IN THE ELECTRONIC ENVIRONMENT ; ASMENS DUOMENŲ SAMPRATA ELEKTRONINĖJE ERDVĖJE
This paper asserts that the notion of personal data, as enshrined by the Directive, has failed to be harmonised with realities of the global electronic era. The question of information's links with individual person highlights essential uncertainty brought about the concept – in online environment, using the internet search engine or other communication mediums, virtually any personal information can be associated with a specific person or at least group of individuals. In virtual environment the individual's name and surname have lost their customary meaning. Many other categories of information have assumed the qualities unique to personal identity: frequency of login to virtual accounts, goods purchased online, online ads clicked on, websites visited and etc. Broad concept of personal data, as proposed in the initial version of draft Regulation proposed by the European Commission presumably, could have opened the gates for more vigorous personal data protection regime in cyberspace. However, after the first reading in the European Parliament, the draft Regulation has been advertently reverted back to the original notion laid down in the Directive. This shift might signal acknowledgement that the expectations to target the personal information stretching online by means of statutory regulation of one specific jurisdiction (even as wides as EU is) are somewhat unrealistic. Finally, even the recent ECJ case-law has not yet provided any more coherent guidance on the future concept of personal data in the EU. The paper focuses on the analysis of Directive, national legislation in the Republic of Lithuania as well as the case law of Court of Justice and national courts, whereas limited attention is also paid to the new Regulation for personal data protectionThis paper asserts that the notion of personal data, as enshrined by the Directive, has failed to be harmonised with realities of the global electronic era. The question of information's links with individual person highlights essential uncertainty brought about the concept – in online environment, using the internet search engine or other communication mediums, virtually any personal information can be associated with a specific person or at least group of individuals. In virtual environment the individual's name and surname have lost their customary meaning. Many other categories of information have assumed the qualities unique to personal identity: frequency of login to virtual accounts, goods purchased online, online ads clicked on, websites visited and etc. Broad concept of personal data, as proposed in the initial version of draft Regulation proposed by the European Commission presumably, could have opened the gates for more vigorous personal data protection regime in cyberspace. However, after the first reading in the European Parliament, the draft Regulation has been advertently reverted back to the original notion laid down in the Directive. This shift might signal acknowledgement that the expectations to target the personal information stretching online by means of statutory regulation of one specific jurisdiction (even as wides as EU is) are somewhat unrealistic. Finally, even the recent ECJ case-law has not yet provided any more coherent guidance on the future concept of personal data in the EU. The paper focuses on the analysis of Directive, national legislation in the Republic of Lithuania as well as the case law of Court of Justice and national courts, whereas limited attention is also paid to the new Regulation for personal data protection. ; Straipsnyje siekiama atskleisti nuolat kintamą asmens duomenų sampratą elektroninėje erdvėje (ją suprantant plačiausiai, kaip apimančią internetą, išmaniųjų telefonų ir kitų prietaisų, sujungtų į tinklinę aplinką, visumą, taip pat visas kitas elektroninio bendravimo formas ir priemones)1. Analizuojant esminius asmens duomenų sąvokos komponentus, straipsnyje kritikuojama Europos Parlamento ir Tarybos direktyvoje 1995/46/EB dėl asmenų apsaugos tvarkant asmens duomenis ir dėl laisvo tokių duomenų judėjimo įtvirtinta samprata, kritiškai analizuojama direktyvos 29 straipsnio darbo grupės 2007 m. birželio 20 d. rekomendacija dėl asmens duomenų sąvokos, vertinami esminiai naujojo 2012 m. sausio 27 d. Komisijos pasiūlymo dėl Europos Parlamento ir Tarybos reglamento dėl fizinių asmenų apsaugos tvarkant asmens duomenis ir dėl laisvo tokių duomenų judėjimo bruožai, išryškinamas Europos Sąjungos Teisingumo Teismo (toliau – Teisingumo Teismas, arba TT) jurisprudencijos nenuoseklumas.