The Estonian Data Protection Inspectorate identified last year dozens of misuses of the population register that resulted in fines of 20-400 euros for the offenders.
Presenting the agency's 2012 report to the parliamentary Constitutional Committee, director Viljar Peep stated that unlawful population register queries must be treated with zero tolerance. Last year 34 misdemeanor proceedings were initiated over illegal use of the register. Bigbank AS stood out as a problematic company where six employees were punished and in the public sector the payment order pision of the Parnu regional court was a headache with punishments meted out to 17 employees.
Personal relationships, curiosity about other people's relationships and also the wish to trace one's family history remain the most common reasons for unlawful use of the population register, the report of the data watchdog says.
The data protection authority said there are problems also with the publication of private inpiduals' debt information by collecting companies. Monitoring by the agency showed that only two out of 66 debt collecting companies were publishing private debt data on their websites in full agreement with the Personal Data Protection Act.
The agency ordered five debt collecting and credit companies to remove lists of private inpiduals from their websites.
The inspectorate served as an advisory body to the electricity database project prior to the full opening of the Estonian electricity market at the beginning of this year and kept an eye on the e-population census as the largest state data processing undertaking. In international cooperation cloud data processing represents the biggest challenge. "Cloud data processing is present-day reality, but the information about who, where and how processes the data is insufficient," the agency said.
Peep said the number of complaints filed with the agency has stabilized through years. The number of supervision proceedings, averaging 600 annually, was 595 last year and precepts were issued on 48 occasions. Complaints mostly concern employment relations, use of CCTV cameras and publication of data on social networking sites.
The Data Protection Inspectorate gives the Constitutional Committee and the chancellor of justice an overview of how the Personal Data Protection Act and the Public Information Act are complied with on an annual basis.