Zadania i decyzje Prezesa Urzędu Ochrony Danych Osobowych
Loading...
Date
2022
Journal Title
Journal ISSN
Volume Title
Publisher
Towarzystwo Naukowe KUL, Katolicki Uniwersytet Lubelski Jana Pawła II
Abstract
Zmiany w zakresie problematyki ochrony danych osobowych związane z wejściem w życie przepisów RODO oraz ustawy o ochronie danych osobowych spowodowały nałożenie na Prezesa UODO szeregu różnorodnych zadań. Wiele z nich organ ten wykonuje, korzystając z podstawowej prawnej formy działania administracji, jaką jest decyzja administracyjna, która w tym przypadku podejmowana jest w jednoinstancyjnym postępowaniu. Na tym tle podjęto kolejno analizę: statusu i zakresu zadań, w tym uprawnień nadzorczych Prezesa UODO oraz ram proceduralnych, w których są one podejmowane – w tym z wykorzystaniem formy decyzji administracyjnej. Za zasadne uznano też zbadanie, czy w konkretnych przypadkach forma decyzji administracyjnej stanowi adekwatny środek realizacji zadań powierzonych przez przepisy RODO Prezesowi UODO. W konkluzji autorki uznały za konieczne rekomendowanie, aby ustawodawca ściśle określił formę prawną, w jakiej powinny być wykonywane zadania Prezesa UODO. Nadto wskazały one, że ustawodawca zdaje się nie dostrzegać, że charakter powierzonych Prezesowi UODO zadań wskazuje, iż forma decyzji administracyjnej nie zawsze wydaje się być nie tylko najlepszą, ale wręcz odpowiednią. Szczególnie gdy chodzi o działania tego organu związane z koniecznością wydania ostrzeżenia czy udzielenia upomnienia – forma decyzji administracyjnej nie wydaje się być zasadną.
Changes in the field of personal data protection related to the entry into force of the provisions of the GDPR and the Act on the protection of personal data resulted in the imposition of a number of different tasks on the President of the Personal Data Protection Office. Many of them are implemented by this authority using the fundamental legal form of administrative action – i.e. an administrative decision, which in this case is adopted in one-instance proceedings. On this basis, the following analysis was carried out: the status and scope of tasks, including the supervisory powers of the President of the Personal Data Protection Office, and the procedural framework in which they are undertaken – including the form of an administrative decision. It was also considered worth to examine whether, in specific cases, the form of an administrative decision constitutes an adequate means of implementing the tasks entrusted by the provisions of the GDPR to the President of the Personal Data Protection Office. In the conclusion, the authors considered it justified to recommend that the legislator should precisely define the legal form in which the tasks of the President of the Personal Data Protection Office should be performed. Moreover, they indicated that the legislator does not seem to notice that the nature of the tasks entrusted to the President of UODO indicates that the form of an administrative decision does not always seem to be not only the best, but even appropriate. Especially when it comes to the actions of this authority related to the need to issue a warning or issue a reminder – the form of an administrative decision does not seem to be justified.
Changes in the field of personal data protection related to the entry into force of the provisions of the GDPR and the Act on the protection of personal data resulted in the imposition of a number of different tasks on the President of the Personal Data Protection Office. Many of them are implemented by this authority using the fundamental legal form of administrative action – i.e. an administrative decision, which in this case is adopted in one-instance proceedings. On this basis, the following analysis was carried out: the status and scope of tasks, including the supervisory powers of the President of the Personal Data Protection Office, and the procedural framework in which they are undertaken – including the form of an administrative decision. It was also considered worth to examine whether, in specific cases, the form of an administrative decision constitutes an adequate means of implementing the tasks entrusted by the provisions of the GDPR to the President of the Personal Data Protection Office. In the conclusion, the authors considered it justified to recommend that the legislator should precisely define the legal form in which the tasks of the President of the Personal Data Protection Office should be performed. Moreover, they indicated that the legislator does not seem to notice that the nature of the tasks entrusted to the President of UODO indicates that the form of an administrative decision does not always seem to be not only the best, but even appropriate. Especially when it comes to the actions of this authority related to the need to issue a warning or issue a reminder – the form of an administrative decision does not seem to be justified.
Description
Keywords
organ nadzorczy, RODO, ochrona danych osobowych, decyzje administracyjne, supervisory authority, GDPR, personal data protection, administrative decisions
Citation
"Roczniki Nauk Prawnych", 2022, Vol. 32, nr 1, s. 61-82