Ochrona danych osobowych klientów jako element działania etycznego przedsiębiorcy

Abstract

The Personal Data Protection Act was enacted in 1997; it imposed some obligations on all the administrators of personal data regardless if acting as private or public establishments. The Act was intended to guarantee the safety of personal data and to ensure the right to controlling the data processing. However, since the enacting of the Act, there have been reported instances of its infringement, especially by private entrepreneurs. The numerous appealed complaints show that the entrepreneurs neglect their duty of ensuring the safety of personal data (e.g. documents or media with such personal data), which results in unauthorised revealing the data to third parties. An especially serious case of the infringements of the Act and the rights of the persons concerned is selling the data without a person’s consent. In many cases the administrator only seemingly informs about the purposes of processing the data and then, in this or any other insidious way (among them an inacceptable presumption of consent), beguiles the necessary acceptance. The occurrences of neglecting duties imposed by the Act are to be considered not only as infringement of law, but also as unethical actions resulting in undermining customers’ confidence in entrepreneurs. For example: The unprotected data can be viewed and used by unauthorised parties to the detriment of the persons concerned (e. g. identity theft). The selling of the data is also a source of an unjustifiable profit for an entrepreneur and makes controlling of the processing of personal data impossible. Even if there are no negative consequences for the customer, the cases of infringement the Personal Data Protection Act bring about to undermine confidence not only in the entrepreneur (the source of personal data) but also in private establishments in general.