Ar Lietuvos bankai, tvarkydami asmens duomenis ir teikdami juos tretiesiems asmenims, nepažeidžia asmens teisės į duomenų apsaugą?
Gintvainytė, Laura |
Žmogus turi teisę į privataus gyvenimo neliečiamumą, tačiau komerciniams bankams renkant ir tvarkant asmens duomenis, privatumas yra mažinamas. Finansų rinkos dalyviai piktinasi, jog yra renkami ir tvarkomi jų privatūs duomenys, o dažnais atvejais privati informacija apie asmenį yra perduodama ir tretiesiems asmenims. Asmens duomenų tvarkymo, rinkimo ir perdavimo problema tarp visuomenės narių sąlygojo magistro darbo temos pasirinkimą. Taigi, šiuo magistro darbu norima ištirti, ar nepažeidžiama asmens teisė į asmens duomenų apsaugą bankams renkant ir tvarkant asmens duomenis. Pirmajame skyriuje nustatyta, jog tarptautiniais ir nacionaliniais teisės aktais įtvirtinta asmens duomenų apsauga yra glaudžiai susijusi su žmogaus prigimtine teise į privataus gyvenimo neliečiamumą. Antrajame skyriuje išnagrinėti pagrindiniai Lietuvos bankų veiklą reglamentuojantys teisės aktai, nustatyti banko klientų asmens duomenų tvarkymo tikslai ‒ saugoti viešąjį interesą, sudaryti vienodas sąlygas fiziniams ir juridiniams asmenims, taipogi apibrėžta duomenų apimtis ir saugojimas. Trečiajame skyriuje ištirtas bankų klientų teisių į asmens duomenų apsaugą užtikrinimas bei nustatyta, jog asmens duomenų teisinės apsaugos įstatymas reikalauja duomenis apie žmones rinkti tik teisėtais ir apibrėžtais tikslais, tik tokios apimties, kuri būtina. Kiekvienas bankas ar kita finansų įstaiga turi būti įsiregistravęs valstybinėje asmens duomenų apsaugos inspekcijoje kaip privačių asmenų duomenų valdytojas, taip pat įregistravęs duomenų rinkimo bei konkrečią šiuo tikslu renkamą duomenų apimtį. Taip pat šiame skyriuje identifikuota banko teisės rinkti duomenis ir asmens teisės į duomenų apsaugą santykio problema, kuri pasireiškia tuo, kad didinant asmens duomenų apsaugą yra mažinamas žmogaus privatumas. Ištyrus, ar bankai nepažeidžia asmens teisės į duomenų apsaugą ir teisės į privatumą, pasiektas magistro darbo tikslas bei pateiktos rekomendacijos dėl sugriežtinto duomenų saugojimo bankų sistemose, taip pat rekomendacijos dėl labiau apibrėžto duomenų perdavimo tretiesiems asmenims.
There problem have been analyzed in this Master paper if the human right to the security of personal data for Lithuanian banks is being infringed by selecting and controlling personal data and proposing annual information to Third Parties by banks. Human has right to the immunity of private life but by selecting and controlling individual‘s data by banks, privacy is being diminished. The participants of the Finance Market are getting angry that their private information is selected and regulated, and frequently private information of individual is being reported to the Third Parties as well. The problem of individual‘s data regulation, selection and report between Society members determined the choice of topic for this Master‘s paper. Hence, by this Master paper is seeking to analyze if the human right to the security of personal data for Lithuanian banks is being infringed by selecting and controlling the data of individual and proposing annual information to Third Parties by banks for such Parties as Lawyers, Bailiffs, notaries, State Tax Inspection etc. It is identified in the first chapter of this paper that security of personal data consolidated by International and National Laws is closely related to natural human‘s right to the immunity of private life. One of the first guidelines, that adjusted the security of personal data, was the Lead of European Parliament and Council 95/46/GDPR. The purpose of this Lead – to create closer relationship among the members of European States, to raise economy, to encourage the improvement of human nation life‘s conditions, to develop democracy etc. It is indicated in the Master paper what is considered to be the protection of individual‘s information. Personal data‘s protection is the whole of legal, technical and organisational means, dedicated to secure personal data from illegal or incidental regulation of information. In the Second chapter the main analyzed Laws that are regulating the activity of Lithuanian banks, indicated the purposes of data regulation of the bank client‘s personal data – to protect public interest, to create the equal conditions to physical and juridical individuals, the extent of data and protection is specified similarly. In this part of Master paper the LR Law of the Banks was analyzed, in which is indicated that banks have right to information, including personal data, and information of one or several individuals are possibly preparing to make or the activity that is already made, related with provision of financial services by seeking to occupy the property of banks or other individuals, to make material or not material harm for them or by bearing the other danger to the system of Banks, provide the data for managers, that regulating the incorporate risk data files about individuals, which alone or with the other ones possibly were preparing to make or already made illegal financial act and for who banks are planning to provide, are providing or provided financial services. In the Third chapter security of bank clients‘ rights to individual data protection have been analyzed and it was indicated that the Law of Human data legal security require to select the data about the individuals by legal and specified purposes only for necessary extent. Every bank or the other financial institution should be registered in the State Human Data Protection‘s Inspection as the manager of private individual data, entered data selection and concrete extent of information by this purpose. The other important Law is LR money-laundering and prevention Law of terrorists funding. This article 9 of Law act obligate the banks to control personal data, to select information of bank‘s clients, to pursue permanent monitoring of client‘s objective terms, including the deal which was made during that relationship, investigation by seeking to ensure that deals would correspond the financial institutions or other subjects having information about the client, his business, the format of risk and the source of fund. Similarly the problem of bank‘s right to select data and human‘s right relation to data protection is identified in this chapter, which comes through that by expanding the protection of personal data, the privacy of individual is being diminished. It is important that according to Master paper author‘s point of view, banks are selecting too much information about personal data to reach the aim of desirable amount of data regulation. Banks could select way less personal data and by that the bigger privacy would be ensured for individuals. Commercial banks of Lithuania in their internal general principles of service offering indicate, that they are following the Laws but not all banks accurately indicate by what principles exactly. In the general bank rules of service offer accurate legal principle is not indicated by meaning to regulate personal data. Commercial banks in the general rules point that personal data is being controlled following by Laws such as LR Constitution, LR Bank‘s Law etc. After the analysis do banks not infringe human right to data protection and the right to privacy, the aim of Master paper and indicated recommendations for strengthen data protection in the systems of banks have been achieved, as well as the recommendations for more specified data transfer for the Third Parties.