On 9 November 2012 the President vetoed Data Protection Law Amendments (the "Amendments") by introducing his proposals to the Parliament.

The proposals are aimed to reduce certain regulator's (State Service on Personal Data Protection) powers to avoid overlapping competence of other executive bodies, in particular:

  • technical regulation and assessment of information security systems compliance;
  • development of personal data protection regulations (in the area of state informational resources of telecommunication systems).

This notwithstanding, the President's proposals did not affect such important provisions of the Amendments, as:

  • conclusion of an agreement by individual or for his/her benefit is a ground for the personal data processing (no additional written consent from the individual to process his/her personal data is required in this case);
  • abolishment of requirement to register employees' personal databases;
  • specific qualification of EU countries and members of the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data as countries with "sufficient level of data protection" (thus facilitating cross-border data transfers).

Currently, the Law with proposals is submitted to the Parliament for re-voting.



For further information please contact partner Oleksandr Padalka
and senior associate Illya Onyschenko