The Data Protection Inspectorate (AKI) has expressed concerns over a bill which would increase comprehensive data collection on individuals in Estonia, daily Eesti Päevaleht (EPL) writes.
The AKI says that risks include the compromise of personal data in the event of a data leak. Data held anonymously is preferable, the authority says, adding that the information held on individuals would go far beyond their coronavirus status, ostensibly the motivation for the legislation change.
Data may be stored only as long as the purposes of using that database are met, the AKI says, and not beyond that; the authority says that it is concerned about the large volume of accurate data being held, non-anonymously, on the bulk of the populace.
EPL wrote Monday (link in Estonian) that the state, via the bill drafted by the Ministry of Social Affairs, would collect very comprehensive data on the entire Estonian population at the same time, which may be associated with the individual later.
The ministry says that the bill will consolidate data which is currently disbursed across different databases into one unified national system.
However, the AKI says that it is concerned with the scope of the data being held, noting that it would mean that personal data on more-or-less every citizen and resident in the country would be held on file.
AKI: Data held would go way beyond COVID-19 statuses
Pille Lehis, AKI director, said that: "This data collection is wide-ranging and includes nationality, socio-economic situation, job/occupation information, as well as data related to [COVID-19] infection.
Another worry is that if all this data on infections, close contacts and negative test results is incorporated, this means the entire Estonian populace [will be included in the proposed database,]" she added.
Questions as to why a negative, as opposed to positive, test result would need to be retained against a person's name in the proposed data bank are also addressed in the bill's explanatory memorandum, which says that this is important data in noting who is quarantine-exempt, as well as in relation to the phenomenon of false-positive results.
The draft bill also does not put an expiry date on when the coronavirus-related information will be held, ERR reports.
AKI: Risks inherent in keeping all data in one place
Added arguments in favor of the bill include the need state agency the Health Board (Terviseamet) has in determining whether close contacts have been tested, which helps map the viral spread.
Pille Lehis said that as a rule-of-thumb, less is more in terms of data storage, particularly in terms of centralized databases, while data stored anonymously is preferable as well.
"From a data protection and data security point of view, risks are always better managed if the data is not in the one place but held across diverse databases," she said.
"If something happens to one single database, the larger the data set, the greater the damage done. Should there be a technical failure that prevents the use of data, where there is a lot of vital data in this database, the probability that there will be more services related to the data will be higher, while the suspension of services will be more widespread," Lehis went on.
Ministry draft provides that data not be fully anonymous
So far as analyzing data on the current pandemic, this can be stored anonymously, which would also mean it would not be subject to the same data protection requirements, ERR reports.
Pille Lehis drew the distinction between fully-anonymous data and pseudonymous data, with the latter provided for in the bill. Pseudonymous data can later be "reunited" with its owners at a later date where necessary, whereas anonymous data cannot. A database of the size the ministry is proposing should be anonymous, in the AKI's opinion.
Other related changes under the bill include vaccination data, all of which together is supposed to aid in the Health Board and family doctors' work.
The draft, if it passes a Riigikogu vote, could become law by Jaanipäev (June 24) ERR adds.
Editor: Andrew Whyte