Marek Zanker, Vladimír Bureš, Anna Cierniak-Emerych, Martin Nehéz
Individuals and corporations alike are aware of the need for data protection. They undergo training and perform exercises where various types data-jeopardizing techniques or cyberattacks are simulated in order to increase the resilience of society and preparedness for crisis situations (National Cyber and Information Security Agency, 2019a). With the help of the General Data Protection Regulation (GDPR), the European Commission (EC) seeks to draw a line between the personal data security and the free and uncontrolled manipulation of personal data (IT Governance Privacy Team, 2020). Since its advent, the GDPR has put burden on the shoulders of various institutions which have been struggling to share data. Not surprisingly, it brought a flareup of frustration (Bovenberg et al., 2020). The intension was good, as the GDPR would ensure and balance the fragile relationship between the data protection and other regulations, such as competition law, consumer protection or intellectual property (De Hert et al., 2018).