State systems illegally passing around personal data on massive scale ({{commentsTotal}})

Automatic queries accessed personal data of thousands. If committed by an individual or a company, the same act would mean whopping fines.
Automatic queries accessed personal data of thousands. If committed by an individual or a company, the same act would mean whopping fines. Source: (PA Wire/Scanpix)

In March a service was added to the Eesti.ee online portal that allows users to see which government institutions have accessed their personal data. According to daily Eesti Päevaleht, there are plenty of illegal queries.

As the paper wrote on Tuesday, the Unemployment Insurance Fund, the E-Health System, notaries, and plenty of others regularly break the law by accessing people’s personal data without a legally valid reason.

What happens is that every time e.g. someone’s general practitioner accesses their data, the system automatically also displays their immediate relatives and their personal ID codes. This data represents a series of illegal queries by the system.

In practice, this means that anyone checking on the state systems’ use of their data may see a history of queries they have no explanation for, e.g. doctors accessing their personal data though they haven’t had an appointment in some time.

These automatic queries will have to be dealt with, as any similar passing-on of personal data done by a physical person would bring along with it a €1,200 fine by the Data Protection Inspectorate.

If a legal person, i.e. a company or a similar institution, hands on the same kind of information illegally, the fine is €32,000.

The situation is also problematic because hundreds of companies and institutions and thousands of state system accounts have this kind of access. “Thanks to the data tracker it has become clear that the information systems of plenty of institutions apply only the broader query also for their services that don’t require the data of connected persons. Those institutions where the problem has come up are already improving their systems,” the Data Protection Inspectorate’s press spokeswoman, Maire Iro, said.

According to Iro the inspectorate does not have a complete overview of all the institutions affected, but that local government, liquidators, and notaries had already begun to check their queries.

Editor: Dario Cavegn



10 years since bronze night riots
Monument of contention

In late April 2007, the Estonian authorities removed the Bronze Soldier monument from Tallinn’s Tõnismägi. The unrest that accompanied the relocation have since become known as the Bronze Night riots.

Opinion
Easter Monday a public holiday? But you're forgetting productionEaster Monday a public holiday? But you're forgetting production
Estonia’s Easter Monday time loop: Discussing an additional day off

Every year, Estonia reliably asks itself the question whether or not Easter Monday should be made a public holiday. Opinions differ. While one side emphasizes the importance of family time, the other thinks an additional day off would threaten economic growth.

Minister of Social Protection Kaia Iva (IRL).Minister of Social Protection Kaia Iva (IRL).
Samost: Kaia Iva’s charisma could help IRL out of long-term low

In Sunday’s “Samost ja Rumm” radio debate show, editor-in-chief of ERR’s online news, Anvar Samost, and journalist and former politician Hannes Rumm discussed the potential and actual candidates for the chairmanship of the Pro Patria and Res Publica Union (IRL). At the time of the broadcast, Helir-Valdor Seeder had not yet made his intention to run public.