After the political changes in 1989 in the Czech Republic, two Acts of Parliament were adopted concerning personal data protection. Firstly, there was Act no. 256/1992 Coli., on Personal Data Protection in Information Systems. Then this was replaced by the Act no. 10112000 Coll., on Personal Data Protection (hereinafter ‘Data Protection Act’). The last mentioned Act is still in force, and has been amended four times by Acts no. 227/2000 Coll., no. 177/2001 Coll., no. 450/2001 Coli. and no. 107/2002 Coli. When talking about the Data Protection Act, we mean the last version of the Act after the amendments. 1