Законодательство о защите персональных данных: неопределенность vs конкретности

Abstract

The article is devoted to the peculiarities of the legal regulation of relations connected with the protection of personal data in Russia. With the help of general scientifi c approaches — systemic, genetic; methods of analysis and synthesis, induction and deduction, as well as private-scientifi c one — formal-legal method, the study focuses on the technical and legal tools that are used for normative fi xation of the defi nition of personal data and the requirements imposed on the operator of personal data. Attention is drawn to the correlation between the uncertainty of legislative norms and their specifi cation in local legal acts, as well as the inconsistency of law enforcement practice. Regulatory requirements are outlined, awaiting elaboration and interpretation. They are related to the unifi cation of quantitative characteristics of local acts regulating the personal data processing; systematization of approaches to the interpretation of the personal data as a concept; as well as the interpretation of the characteristics of the personal data subject consent to their processing supplemented by the latest legislative innovations, etc. The conclusion is made about the permanent process of specifying the norms of legislation on the protection of personal data in departmental acts and local rulemaking of non-governmental organizations. It is argued that the effectiveness of legal regulation depends on an integrated approach to ensuring the protection of personal data, considering not only legal instruments, but also technical and organizational factors of public administration in the fi eld of personal data.