Abstract

Because of its initially restricted use, the Internet – the global communication network – was not designed in a way guaranteeing protection of privacy. The growing popularity of that communication method was accompanied by a growth of the transfer of personal data of users, who frequently unawares consented for using (apparently) free services. In reality, they paid and continue to pay for them with their data, in a large measure losing control thereof. Ensuring privacy of Internet users is now impossible without legal changes which would guarantee observance of information autonomy of the data subject. An opportunity to introduce such real guarantees is provided by work on the reform of personal data protection in the European Union. However, for those guarantees to be effective the new personal data protection regulation needs to introduce the requirement to obtain a clear, concrete and informed consent of the data subject as well as unambiguous rules for the application of profiling and the media based thereon. It is particularly important since it allows for generating new personal data without the awareness and participation of data subjects themselves.