Personal data protection, case DOLiS/DEC-1013/10 concerning DOLiS-440-276/10

September 27th, 2010, Tomasz Rychlicki

The Inspector General for Personal Data Protection (GIODO) in its decision of 13 September 2010 case file DOLiS/DEC-1013/10 concerning DOLiS-440-276/10 ruled that according to the wording of Article 18(1) pt 2 of the Polish Act of 29 August 1997 on the Protection of Personal Data – PPD – (in Polish: Ustawa o ochronie danych osobowych), unified text published in Journal of Laws (Dziennik Ustaw) of 6 July 2002, No. 101, item 926, with subsequent amendments, in the event of the breach of provisions on personal data protection, the GIODO ex officio or at the request of the person concerned, by an administrative decision, shall order the restoration of the situation in accordance with the law and, in particular, to complete, update correct, disclose or not to disclose of personal data.

Article 18
1. In case of any breach of the provisions on personal data protection, the Inspector General ex officio or upon a motion of a person concerned, by means of an administrative decision, shall order to restore the proper legal state, and in particular:
1) to remedy the negligence,
2) to complete, update, correct, disclose, or not to disclose personal data,
3) to apply additional measures protecting the collected personal data,
4) to suspend the flow of personal data to a third country,
5) to safeguard the data or to transfer them to other subjects,
6) to erase the personal data.
2. The Inspector General’s decisions referred

Given the circumstances of the case, the GIODO considered that he is authorized – by the established rules – to order the Company to disclose to the applicant information about a person who, on in 2010, at 20:29 had registered on web portal using the nickname “anonymous”, i.e. information about IP address of a computer used to post the questioned entry.

See also “Polish regulations on personal data protection” and “Polish case law on personal data protection“.