The National Audit Office conducted an audit in state institutions and has determined that there are flaws in the protection of personal data, reports ELTA. The Office aimed to assess whether personal data processed by automatic means is effectively protected and overseen.
The audit concluded that individual rights to personal privacy are insufficiently ensured in Lithuania. Not all legislation or personal data protection requirements are implemented in the public sector. And the regulation in this area is falling behind progress in information and communications technologies.
Even though the Law on Legal Protection of Personal Data and its implementing legislation was amended several times from 2008-2012, rapid progress in information and communications technologies raises new issues which are not addressed by today’s legal acts.
The audit showed that insufficient attention was devoted towards reducing administrative loads on data managers - they have to fill in a very complicated notification form when processing an individual’s personal data. It is also proposed to improve data sharing in the electronic space, as a personal code is still the sole most widely used item of data to identify a person. In addition, only a natural person is punished for violations in this area, while the sanctions compared to other Baltic countries are very small - a fine in Lithuania is up to 2,000 litas (580 euros); meanwhile, in Latvia it is up to 1,450 euros and in Estonia up to 31,800 euros.