Personal data protection in the energy services market – selected issues
More details
Hide details
University of Szczecin
Submission date: 2023-05-03
Acceptance date: 2023-06-14
Publication date: 2023-07-29
Corresponding author
Aleksandra Klich   

University of Szczecin
JoMS 2023;51(2):645-668
The purpose of the study is to determine whether data from metering equipment can qualify as personal data. An intermediate goal was to discuss administrative fines imposed in EU countries in the energy sector.

Material and methods:
The study uses methods applied in legal sciences: 1) the dogmatic method, relating to the determination of the currently applicable legal provisions governing the principles of personal data processing, as well as the amount of administrative fines imposed; it has a dominant character in the study due to the fact that the author focuses on the analysis of current legal regulations, as well as on their practical use and application in EU and other European countries. 2) An analytical method was used in relation to the current state of knowledge in the subject area in the achievements of legal science. 3) Comparative legal method is of supplementary importance and concerns the analysis of legal and organizational solutions in the area of personal data protection and the level of compliance with EU regulations at the national level, with particular emphasis on the energy services sector. 4) Historical method is related to the evolution of the development of legal regulations on the protection of personal data in the perspective of development and popularization of the use of modern technological solutions by entities in the energy sector.

The activities of the entities on which the administrative fine was imposed were related to the processing of personal data. The analysis covered 1,480 fines imposed in the indicated period, of which only 28 fines were imposed on entities from the energy services sector, which is only 1.89%.

Entities in the energy sector process personal data on a large scale. The precision with which they should process personal data is special.

Antonów D. (2020), „Administracyjne kary pieniężne za naruszenia ochrony danych osobowych”, Prawo Budżetowe Państwa i Samorządu, vol. 8,, Google Scholar:
Barichella A. (2019), “The US-EU Rivalry for Data Protection: Energy Sector Implications”, Édito Énergie, Ifri, 19 February 2019, Google Scholar:
Barta J., Fajgielski P., Markiewicz R. (2004), Ochrona danych osobowych. Komentarz, Cracow, Google Scholar:
Dammann U., Simitis S. (1999), EG-Datenschutzrichtlinie, Cologne, Google Scholar:
Desarn-Luksaud G. (2017), “Cyber Attacks and Energy Infrastructures: Anticipating Risks”, Études de l’Ifri, Ifri, January, p. 32, (accessed on 26 December 2022).
Drozd A. (2007), Ustawa o ochronie danych osobowych. Komentarz. Wzory pism i przepisy, Warsaw.
Eriksson J., Giacomello G. (2007), International Relations and Security in the Digital Age, Routledge, Google Scholar:
Goldthau A., Westphal K., Bazilian M., Bradshaw M. (2019), “Model and Manage the Changing Geopolitics of Energy”, Nature, vol. 569, no. 7754, Google Scholar:
Hoppe T., de Vries G. (2019), “Social innovation and the energy transition”, Sustainability, vol. 11, No. 141,
Huhta K. (2020), “Smartening up while keeping safe? Advances in smart metering and data protection under EU law”, Journal of Energy & Natural Resources Law, vol. 38,, Google Scholar:
Knyrim R., Trieb G. (2011), “Smart metering under EU data protection law”, International Data Privacy Law, vol. 1,, Google Scholar:
Lavrijssen S., Espinosa Apráez B., ten Caten T. (2022), “The Legal Complexities of Processing and Protecting Personal Data in the Electricity Sector”, Energies, vol. 15, No. 1088, en15031088, Google Scholar:
Litwiński P. (ed.) (2021), Ogólne rozporządzenie o ochronie danych osobowych. Ustawa o ochronie danych osobowych. Wybrane przepisy sektorowe. Komentarz, Warsaw, Google Scholar:
Łuczak J. (2018), [w:] E. Bielak-Jomaa, D. Lubasz (red.), RODO. Ogólne rozporządzenie o ochronie danych. Komentarz, Warszawa, s. 1059; Google Scholar:
Mednis A. (2020), Ochrona danych osobowych w systemie ochrony zdrowia. Zasady prowadzenia, udostępniania i archiwizowania dokumentacji medycznej [in:] Organizacja systemu ochrony zdrowia. System Prawa Medycznego. Vol. 3, D. Bach-Golecka, R. Stankiewicz (eds.), Warsaw;.
Rajavuori M., Huhta K. (2020), Digitalization of security in the energy sector: evolution of EU law and policy, The Journal of World Energy Law & Business, Volume 13, Issue 4, August,, Google Scholar:
Sakowska-Baryła M. (ed.) (2018), Ogólne rozporządzenie o ochronie danych osobowych. Komentarz, Warsaw.
Schneier B. (2015), Secrets and Lies: Digital Security in a Networked World, John Wiley & Sons; Google Scholar:
Sibiga G. (2003), Postępowanie w sprawach ochrony danych osobowych, Warsaw, Google Scholar:
Sun CC., Hahn A., Liu CC. (2018), “Cyber Security of a Power Grid: State-of-the-Art”, International Journal of Electrical Power and Energy Systems, vol. 45,, Google Scholar:
Tonyali S., Akkaya K., Saputro N., Selcuk Uluagac A., Nojoumian M. (2018), “Privacy-preserving protocols for secure and reliable data aggregation in IoT-enabled Smart Metering systems”, Future Generation Computer Systems, Volume 78, Part 2,
Véliz C., Grunewald P., (2018) “Protecting Data Privacy Is Key to a Smart Energy Future”, Nature Energy, vol. 702,, Google Scholar:
Zborowski A. (2010), Systemy bezpieczeństwa technicznego w polityce zrównoważonego rozwoju, „Bezpieczeństwo i Technika Pożarnicza”, No. 3, Google Scholar:
Journals System - logo
Scroll to top