Riigikogu adopts Personal Data Protection Act ({{commentsTotal}})

The new law will bring Estonian legislation in line with EU regulations.
The new law will bring Estonian legislation in line with EU regulations. Source: ERR

The Riigikogu on Wednesday adopted a law regulating the use and processing of personal data as well as supervision thereof.

The General Data Protection Regulation (GDPR) entered into effect across the EU on 25 May, regulating the protection of personal data, and national legislation had to be brought into conformity with it, Riigikogu spokespeople said on Wednesday. The general principles of the protection of personal data will not change, however.

The protection of personal data is regulated by the general regulation, which grants people greater control over the processing of their personal data. Access to data regarding an individual will become simpler for them, and individuals must be more comprehensively and clearly informed regarding how their data is processed.

Should an individual no longer wish to allow their data to be processed and there are no other legal grounds for the preservation of their data, said data must be deleted.

Estonia's Personal Data Protection Act establishes, in conformity with the EU's general regulation, a few exceptions to the general principle of the processing of personal data in the processing thereof for journalistic purposes as well as for the purpose of scientific and historical research.

Personal data may be processed and published in the media for journalistic purposes without the individual's consent if public interest in it exists and its publication is consistent with the principles of the ethics of journalism.

Personal data may also be processed without an individual's consent for the purpose of scientific and historical research, using either a fictitious name or in some other form granting data protection to an equal degree.

The law also establishes the general principles on which law enforcement agencies must base their actions in processing personal data. Parties processing personal data are obliged to notify individuals of breaches related to their personal data; they must likewise notify the Data Protection Inspectorate.

Initiated by the Estonian government, the law was passed 78-13 with one abstention in the 101-seat Riigikogu.

-

Download the ERR News app for Android and iOS now and never miss an update!

Editor: Aili Vahtla



ERR kasutab oma veebilehtedel http küpsiseid. Kasutame küpsiseid, et meelde jätta kasutajate eelistused meie sisu lehitsemisel ning kohandada ERRi veebilehti kasutaja huvidele vastavaks. Kolmandad osapooled, nagu sotsiaalmeedia veebilehed, võivad samuti lisada küpsiseid kasutaja brauserisse, kui meie lehtedele on manustatud sisu otse sotsiaalmeediast. Kui jätkate ilma oma lehitsemise seadeid muutmata, tähendab see, et nõustute kõikide ERRi internetilehekülgede küpsiste seadetega.
Hea lugeja, näeme et kasutate vanemat brauseri versiooni või vähelevinud brauserit.

Parema ja terviklikuma kasutajakogemuse tagamiseks soovitame alla laadida uusim versioon mõnest meie toetatud brauserist: