Regulatory Frameworks for Personal Data Protection in the Digital Era: Global and Domestic Perspectives

Lidiia Мoskvych; Khrystyna Kmetyk-Podubinska; Oleksandr Dyakovskiy; Maksym Terela; Viktoriia Sydorenko

doi:10.63931/ijchr.v7iSI1.2.516

Authors

Lidiia Мoskvych Yaroslav Mudryi National Law University, Kharkiv, Ukraine https://orcid.org/0000-0001-7339-3982
Khrystyna Kmetyk-Podubinska Ivan Franko National University of Lviv, Lviv, Ukraine. https://orcid.org/0000-0002-6572-7134
Oleksandr Dyakovskiy National Technical University of Ukraine "Ihor Sikorsky Kyiv Polytechnic Institute", Kyiv, Ukraine https://orcid.org/0000-0003-3412-9278
Maksym Terela Zaporizhzhia National University, Zaporizhzhia, Ukraine https://orcid.org/0000-0002-7033-4765
Viktoriia Sydorenko National Technical University of Ukraine "Ihor Sikorsky Kyiv Polytechnic Institute", Kyiv, Ukraine https://orcid.org/0000-0002-2787-9102

DOI:

https://doi.org/10.63931/ijchr.v7iSI1.2.516

Keywords:

Law of Ukraine, personal data, confidentiality, privacy protection, consumer privacy, trends, court decisions

Abstract

In today's society, the number of companies collecting and processing personal data is growing, which poses a threat to the security of confidentiality and the security of the human right to privacy. That is why the role of legislative regulation of data privacy protection is growing. The study aimed to compare domestic legislative documents with European and American norms in personal data protection and to identify trends in the country's legal regulation of data privacy. It used bibliographic, induction-deduction, quantitative-comparative, trend, comparative-logical and graphical methods to achieve this goal. The results revealed the need to improve regulatory documents on personal data protection, especially for users of Internet resources. The problem of regulations exists in both Ukrainian and international law. The study has revealed similarities between the basic principles of the Law of Ukraine and the GDPR, but the liability in Ukraine is less than in Europe. A growing trend has been identified: in recent years, the number of court decisions on violations of personal data protection has increased significantly, and according to statistical forecasts, it will continue to grow. At the same time, the structure of court decisions showed that administrative, civil and criminal decisions predominate among the decisions. Hence, most cases relate to disseminating and processing data by public services.

References

[1] Aljeraisy, A., Barati, M., Rana, O., & Perera, C. (2021). Privacy laws and privacy by design schemes for the Internet of things: A developer's perspective. ACM Computing Surveys (CSUR), 54(5), 1–38. https://doi.org/10.1145/3450965 DOI: https://doi.org/10.1145/3450965

[2] Anant, V., Donchak, L., Kaplan, J., & Soller, H. (2020). The consumer-data opportunity and the privacy imperative. McKinsey & Company. https://www.mckinsey.com/...privacy-imperative.pdf

[3] Andrew, J., & Baker, M. (2021). The General Data Protection Regulation in the age of surveillance capitalism. Journal of Business Ethics, 168, 565–578. https://doi.org/10.1007/s10551-019-04239-z DOI: https://doi.org/10.1007/s10551-019-04239-z

[4] Arora, C. (2019). Digital health fiduciaries: Protecting user privacy when sharing health data. Ethics and Information Technology, 21(3), 181–196. https://doi.org/10.1007/s10676-019-09499-x DOI: https://doi.org/10.1007/s10676-019-09499-x

[5] Balai, N., & Hordopolov, V. (2024). Digital analysis in the company's information security system. Journal of the Balkan Tribological Association, 30(5).

[6] Baranovska, T., Ihnatiuk, O., Sokha, S., Moskvych, L., & Dragan, O. (2024). Theoretical and practical dimensions of legal responsibility in criminal justice. Multidisciplinary Science Journal, 6. https://doi.org/10.31893/multiscience.2024ss0737 DOI: https://doi.org/10.31893/multiscience.2024ss0737

[7] Bulgakova, D., & Bulgakova, V. (2023). The compliance of facial processing in France with Article 9 Paragraph 2 (a)(g) of the GDPR. NaUKMA Research Papers. Law, 11, 64–76. https://doi.org/10.18523/2617-2607.2023.11.64-76 DOI: https://doi.org/10.18523/2617-2607.2023.11.64-76

[8] Chander, A., Kaminski, M. E., & McGeveran, W. (2020). Catalysing privacy law. Minnesota Law Review, 105, 1733. DOI: https://doi.org/10.2139/ssrn.3433922

[9] Citron, D. K., & Solove, D. J. (2022). Privacy harms. Boston University Law Review, 102, 793. DOI: https://doi.org/10.2139/ssrn.3782222

[10] Docksey, C., & Hijmans, H. (2019). The Court of Justice as a key player in privacy and data protection. European Data Protection Law Review, 5, 300. https://doi.org/10.21552/edpl/2019/3/6 DOI: https://doi.org/10.21552/edpl/2019/3/6

[11] Habib, H., Zou, Y., Yao, Y., Acquisti, A., Cranor, L., Reidenberg, J., ... & Schaub, F. (2021). Toggles, dollar signs, and triangles: How to (in)effectively convey privacy choices. CHI Conference on Human Factors in Computing Systems, 1–25. https://doi.org/10.1145/3411764.3445387 DOI: https://doi.org/10.1145/3411764.3445387

[12] Hartzog, W., & Richards, N. (2020). Privacy's constitutional moment and the limits of data protection. Boston College Law Review, 61, 1687.

[13] Hrytsak, N., Bartish, S., Kuchma, N., Liubinetska, M., & Nehodiayeva, S. (2025). Intermediality and literary reception in the digital age. International Journal on Culture, History, and Religion, 7(SI1), 225–241. https://doi.org/10.63931/ijchr.v7iSI1.163 DOI: https://doi.org/10.63931/ijchr.v7iSI1.163

[14] Ilychok, B., Karkovska, V., Dziurakh, Y., & Marmulyak, A. (2023). Changing trends in Ukraine's demographic security. Financial and Credit Activity, 2(49), 350–360. https://doi.org/10.55643/fcaptp.2.49.2023.4183 DOI: https://doi.org/10.55643/fcaptp.2.49.2023.4020

[15] Karale, A. (2021). The challenges of IoT addressing security, ethics, privacy, and laws. Internet of Things, 15. https://doi.org/10.1016/j.iot.2021.100420 DOI: https://doi.org/10.1016/j.iot.2021.100420

[16] Klosowski, T. (2021). The state of consumer data privacy laws in the US. New York Times. https://www.confidentialitycoalition.org/

[17] Law of Ukraine on Protection of Personal Data (2010, No. 2297-VI). https://zakon.rada.gov.ua/laws/show/2297-17#Text

[18] Lloyd, I. J. (2020). Information technology law. Oxford University Press. DOI: https://doi.org/10.1093/he/9780198830559.001.0001

[19] Makedon, V., Budko, O., Salyga, K., Myachin, V., & Fisunenko, N. (2024). Improving strategic planning. TPREF, 15(4), 798–811. https://doi.org/10.14505/tpref.v15.4(32).02 DOI: https://doi.org/10.14505/tpref.v15.4(32).02

[20] Makedon, V., Myachin, V., Aloshyna, T., Cherniavska, I., & Karavan, N. (2025). Sustainable innovation strategies via fuzzy logic. Economic Studies, 34(5), 165–179.

[21] Makedon, V., Zaikina, H., Slusareva, L., Shumkova, O., & Zhmaylova, O. (2020). Rebranding in international entrepreneurship. International Journal of Entrepreneurship, 24(1S).

[22] Małagocka, K. (2024). Navigating digital privacy and surveillance. Politics and Governance, 12. https://doi.org/10.17645/pag.8572 DOI: https://doi.org/10.17645/pag.8572

[23] Mannan, M. A. (2024). Data privacy in e-commerce. In Analysing Privacy and Security Difficulties in Social Media (pp. 415–440). IGI Global. DOI: https://doi.org/10.4018/979-8-3693-9491-5.ch017

[24] Nurgalieva, L., O'Callaghan, D., & Doherty, G. (2020). Security and privacy of mHealth applications. IEEE Access, 8, 104247–104268. https://doi.org/10.1109/ACCESS.2020.2999934 DOI: https://doi.org/10.1109/ACCESS.2020.2999934

[25] Padden, M., & Öjehag-Pettersson, A. (2024). Digitalisation, democracy and the GDPR. Big Data & Society, 11(4). https://doi.org/10.1177/20539517241291815 DOI: https://doi.org/10.1177/20539517241291815

[26] Petrovich, V., Moskvych, L., Shcherbakova, N., Doroshenko, L., & Aloshyn, O. (2025). Regulatory framework for e-documentation. Salud, Ciencia y Tecnología, 4. https://doi.org/10.56294/sctconf20251336 DOI: https://doi.org/10.56294/sctconf20251336

[27] Rodrigues, R. (2020). Legal and human rights issues of AI. Journal of Responsible Technology, 4. https://doi.org/10.1016/j.jrt.2020.100005 DOI: https://doi.org/10.1016/j.jrt.2020.100005

[28] Rosales, R. J. (2025). The Filipino idea of the “sacred.” International Journal on Culture, History, and Religion, 7(1), 38–54. https://doi.org/10.63931/ijchr.v7i1.93 DOI: https://doi.org/10.63931/ijchr.v7i1.93

[29] Solove, D. J., & Schwartz, P. M. (2020). Information privacy law. Aspen Publishing.

[30] Steffen, B. (2024). Consumer Health Data Privacy & Security. https://mhcc.maryland.gov/

[31] Stoilova, M., Nandagiri, R., & Livingstone, S. (2021). Children’s understanding of personal data. Information, Communication & Society, 24(4), 557–575. https://doi.org/10.1080/1369118X.2019.1657164 DOI: https://doi.org/10.1080/1369118X.2019.1657164

[32] Varenia, N., Moskvych, L., Olkhovskyi, O., Lykhoshapko, D., & Aloshyn, O. (2024). Handling digital evidence in Ukraine’s justice system. Journal of Lifestyle and SDGs Review, 5(2). https://doi.org/10.47172/ DOI: https://doi.org/10.47172/2965-730X.SDGsReview.v5.n02.pe03390

...

[33] Yermachenko, V., Bondarenko, D., Akimova, L., Karpa, M., Akimov, O., & Kalashnyk, N. (2023). Public management of smart infrastructure. Economic Affairs, 68(1), 617–633. https://doi.org/10.46852/ DOI: https://doi.org/10.46852/0424-2513.1.2023.29

...

[34] Zhukevych, I., Moskvych, L., Manhora, T., Melnyk, A., & Mykolaiets, V. (2024). Legalization of AI in legal systems. LSD Journal, 27, 1–38. http://www.lsd-journal.net/

...

[35] Zuraw, R., & Sklar, T. (2020). Digital health privacy and age. Indiana Health Law Review, 17, 85. DOI: https://doi.org/10.18060/25040