Local Self-Government and Personal Data Protection: Regulatory Standards and Digital Risks
Keywords:
local self-government, personal data protection, digital risks, regulatory standardsAbstract
The contemporary digital era poses significant challenges for local self-governments, where, alongside ensuring the efficient delivery of services to citizens, the protection of personal data has become a central concern. The implementation of information systems, electronic services, and “smart city” technologies by local authorities increases both the volume of data processed and the exposure to cybersecurity risks. Consequently, personal data protection is not merely a legal obligation but also a political, technological, and ethical issue. This article aims to examine the relationship between local self-governance and personal data protection standards, identify digital risks, and explore the legal frameworks in place. Special emphasis is placed on the legislative amendments introduced in 2024, which have significantly updated both Georgian legislation and EU data protection practices. The study analyzes how these changes impact local governance, their alignment with GDPR principles, and the challenges arising from technological resources, institutional coordination, and citizen trust. The article demonstrates that enhancing data protection policies requires not only legislative harmonization but also the strengthening of local authorities’ capacities, the training of specialists, and the development of an information security culture. The conclusion offers concrete recommendations, including the formulation of local personal data protection strategies, the implementation of digital risk prevention mechanisms, and the promotion of citizen engagement. In doing so, the article provides both theoretical insights and practical approaches that support the protection of citizens’ rights and strengthen democratic governance in a digital environment.References
საქართველოს კანონი. (2011). პერსონალური მონაცემთა დაცვის შესახებ. თბილისი: საქართველოს პარლამენტი.
საქართველოს კანონპროექტი. (2024). პერსონალური მონაცემთა დაცვის შესახებ – ცვლილებები. თბილისი: საქართველოს პარლამენტი.
Digital Governance Agency. (2023). Cybersecurity awareness and phishing simulation report. Tbilisi: DGA.
Digital Governance Agency. (2024). Annual report on local government digitalization. Tbilisi: DGA.
Dunleavy, P. (2006). Digital era governance: IT corporations, the state, and e-government. Oxford University Press.
ENISA. (2023). Threat landscape report 2023. European Union Agency for Cybersecurity.
European Data Protection Board. (2023). Guidelines on data protection impact assessments and local administration practices. Brussels: EDPB Publications.
European Union. (2016). General Data Protection Regulation (GDPR): Regulation (EU) 2016/679. Official Journal of the European Union, L119.
Floridi, L., & Taddeo, M. (2018). Ethics of AI in public administration. Government Information Quarterly.
Kuner, C. (2020). EU data protection law: GDPR and beyond. Oxford University Press.
Levi, M., & Stoker, L. (2000). Political trust and trustworthiness. Annual Review of Political Science.
Mayer, R. C., Davis, J. H., & Schoorman, F. D. (1995). An integrative model of organizational trust. Academy of Management Review.
OECD. (2020). Digital government and local authorities: Best practices and challenges. Paris: OECD Publishing.
OECD. (2021). Digital Government Index. Paris: OECD Publishing.
Personal Data Protection Service. (2023). Annual report on data protection incidents in municipalities. Tbilisi: PDPS.
State Audit Office of Georgia. (2023). Performance audit report on information security in municipalities. Tbilisi: State Audit Office.
UN DESA. (2022). United Nations e-government survey 2022. New York: United Nations.
