Law change to stop personal legal information remaining open data

Justice minster Raivo Aeg (Isamaa) has signed amendments which will enhance the public's control over personal data entered into Estonia's court system.
While court information will continue to be publicly available both on the Riigi Teataja official law gazette, as well as in the criminal records database, it will not be possible to process this as open data, once the changes come it effect.
"Let's stress that all public data in the courts information system will continue to be public as it was before, and it will still be viewable on Riigi Teataja," said Viljar Peep, deputy secretary general of the Ministry of Justice.
"Court decisions which have entered into force can be found on Riigi Teataja replete with all the personal data contained therein, which under Estonian law remain public and which have not been removed from the public domain following a court decision," Peep added.
"Under the regulations, it will simply be not possible to use personal data as open data - meaning that it will not be possible to mass-copy personal data and download it for personal use."
"The changes are being made in order to protect the inviolability of the private life of an individual. The justice ministry is often approached by people whose rights in private life have been curtailed, due to data being made available from court decisions," Peep added.
The ministry will also take measures to enable private databases to use court data containing personal data for work-related analysis, without the need to mass-download personal data.
The justice ministry is working in conjunction with the Ministry of Economic Affairs and Communications to find a solution to putting the amends into practice from a tech perspective.
Current law both in Estonia and the EU in any case makes the move necessary.
The use of data contained in court decisions as open data is restricted by the Public Information Act, the Criminal Records Database Act, and well as the EU's General Data Protection Regulations (GDPR).
Persons reusing publicly accessible personal information from the courts information system, both for commercial and non-commercial purposes, must ensure that they process personal data originating from Riigi Teataja and the criminal records database for their intended purpose, in conformity with GDPR requirements, and that a legal basis arising from the GDPR preexists physical persons' data being processed.
--
Follow ERR News on Facebook and Twitter and never miss an update!
Editor: Andrew Whyte