Responsibility of the data controllers in data protection law and the practice of the authorities in imposing administrative fine

Abstract

The European Union’s general data protection regulation ensures a high level of protection of personal data. The data controllers, during their data processing practice, must take into account not only the provisions of the Regulation but also national regulations and evolving data protection practice. Regulatory fragmentation makes it more difficult to comply with data processing standards. The responsibility of the data controller can arise in several directions, first of all, we can separate civil and public liability. The subject of this study is the examination of administrative liability within the scope of the latter, in the framework of which it analyses the theoretical and practical issues of imposing a data protection fine. For the practice of imposing fines, the decisions taken by each European Data Protection Supervisor are presented and conclusions are drawn from them.