Sun, Jun
67 New Articles

Privacy Trends in the Czech Republic

Privacy Trends in the Czech Republic

Czech Republic
  • Smaller Small Medium Big Bigger
  • Default Helvetica Segoe Georgia Times

Privacy pros are now celebrating the three-year anniversary of the GDPR, even as we are living through the current pandemic. It is, in fact, almost impossible to talk about privacy trends without touching on the COVID-19 crisis.

Seemingly overnight, the world turned digital. What first appeared as novel technology used by geeks became the norm in 2020, bringing forth a plethora of issues for companies to tackle. Although those issues are not new, their volume and severity in the current circumstances are breathtaking. Let us look at some of the most important ones, eventually merging them into a single interconnected topic.

What does it mean to be online? The world as we knew it before the crisis relied heavily on personal contacts – customers could verify that a service provider was real and the provider communicated with known customers (presenting his/her ID, and a real face). Although many businesses used electronic communications to further customer relationships in the past, today many of them do not even see their customers in person at all. This creates extreme pressure on the trustworthiness of modern communication, identification, and authentication tools.

The use of digital IDs in the Czech Republic by citizens has been limited. What could be a game-changing experience is the introduction of the “BankID” – an initiative of Czech banks that provides identification and allows other governmental authorities or certification entities to authenticate and conclude agreements within the eIDAS regulatory framework. (We are glad to say that our law firm advised the banks on the implementation of the BankID system, as well as contributing to the drafting of legislation underpinning it). And who else is in a better position to guarantee the security of the whole process than banks, which are the traditional guardians of secrecy and discretion, with strong internal compliance mechanisms?

On the other hand, banks are just a part of the wider economy, and the use of digital tools has expanded across all sectors during the pandemic. And here comes the twist – every technology has its weaknesses, and as Murphy’s law puts it, “Anything that can go wrong will go wrong.” Cybersecurity experts will add that it is not a question of “if,” things will go wrong, but “when.” Not one week passes without the world media reporting news about cyber-attacks, whether it’s hackers causing malfunctions in vital infrastructure systems or just ordinary businesses unable to operate for a few days. It’s like a continuous earthquake and rising flood moving around, never stopping. And statistics from the Czech Data Protection Office (DPA), which receives personal data breach notifications, show that this trend is not staying away from the Czech Republic. What is, however, more alarming (and possibly also promising), are the causes of these data breaches. Most of them happened because of human error, technical misconfigurations, and a failure to audit security measures regularly. In other words, those data breaches were probably not inevitable and could have been avoided if an internal level of compliance had been sufficiently maintained.

Another risk of going digital without properly assessing the legal constraints involves direct marketing, which can of course be a very effective method of reaching out to customers – almost the only one if you cannot meet people in brick-and-mortar shops. In 2020, in a groundbreaking case, the DPA imposed the previously inconceivable penalty of CZK 6 million on a company for sending unsolicited commercial communication. The DPA’s message was clear – disobeying the rules will not pay off, and penalties will be set to diminish any profits the sender may have obtained. And the takeaway for any business is that any department, whether responsible for marketing or customer care, must be aware of the risks that even well-intentioned actions can have.

This brings us back to the inter-connecting theme: a workable compliance system with regular audits, preventive checks, systematic training, and independent oversight. Only this will contribute to promoting the security and trust of the online world we have all suddenly learned to live in. Anything else is just sitting and waiting for the next disaster to strike.

By Robert Nespurek, Partner, and Richard Otevrel, Counsel, Havel & Partners

This Article was originally published in Issue 8.6 of the CEE Legal Matters Magazine. If you would like to receive a hard copy of the magazine, you can subscribe here.

Czech Republic Knowledge Partner

PRK Partners, one of the leading Central European law firms, has been helping clients achieve their business objectives almost 30 years. Our team of lawyers, based in our Prague, Ostrava, and Bratislava offices, has a unique knowledge of Czech and Slovak law and of the business environment. Our lawyers studied at top law schools in the United States, United Kingdom, Switzerland and elsewhere. They also have experience working for leading international and domestic law firms in a number of jurisdictions. We speak your language, too. Our legal team is fluent in more than 15 languages, including all the key languages of the region.

PRK Partners has one of the most experienced legal teams on the market. We are consistently rated as one of the leading law firms in the region. We have received many significant honours and awards for our work. We represent the interests of international clients operating in the Czech Republic in an efficient way, combining local knowledge with an understanding of their global requirements in a business-friendly approach. We are one of the largest law firms in the Czech Republic and Slovakia. Our specialised teams of lawyers and tax advisors advise major global corporations as well as local companies. We provide comprehensive legal advice drawing on our profound knowledge of local law and markets.

Our legal advice delivers tangible results – as proven by our strong track record. We are the only Czech member firm of Lex Mundi, the world's leading network of independent law firms. As one of the leading law firms in the region, we have received many national and international awards, in some cases several years in a row. Honours include the Chambers Europe Award for Excellence, The Lawyer and Czech and Slovak Law Firm of the Year. Thanks to our close cooperation with leading international law firms and strong local players, we can serve clients in multiple jurisdictions around the globe. Our strong network means that we can meet your needs, wherever you do business.

PRK Partners has been repeatedly voted among the most socially responsible firms in the category of small and mid-sized firms and was awarded the bronze certificate at the annual TOP Responsible Firm of the Year Awards.

Our work is not only “business”: we have participated on a longstanding basis in a wide variety of pro bono projects and supported our partners from the non-profit sector (Kaplicky Centre Endowment Fund, Tereza Maxová Foundation, Czech Donors Forum, etc.).

Firm's website: www.prkpartners.com

Our Latest Issue