Renewed Cooperation Between Personal Data Protection Supervisory Authorities of the Baltic States

Meeting of the supervisory authorities of the Baltic States (Andmekaitse Inspektsioon, Datu valsts inspekcija, Valstybinė duomenų apsaugos inspekcija) took place September 2 and 3, 2021 , renewing the annual meeting tradition. Closer cooperation between supervisory authorities contributes to a more effective and consistent supervision of personal data processing in the Baltics.

Workload of authorities and resources available were compared with a general conclusion that all Baltic supervisory authorities have insufficient resources (manpower and financial) to carry out obligations set out in the legal framework in a satisfactory manner. Supervisory authorities exchanged information on prioritization of work and innovative approaches for a better task achievement. During the meeting supervisory authorities also exchanged views on the best practices in resolving most common types of complaints.

A common feature in assessing complaints received since May 25, 2018 remains the actual issue of personal data processing in social networks by private individuals and the performance of video surveillance for private and domestic purposes. During the meeting, supervisory authorities shared their experience and practice on how to deal with issues related to video surveillance carried out by a natural person.

Supervisory authorities discussed on possibilities to provide mutual support to ensure maximal use of resources available. It was agreed to coordinate and communicate with each issues related to international cooperation, including participation in Schengen evaluation visits and other international cooperations where employees of authorities are indicated as experts.

To promote consistent application of the GDPR in all Baltic states, during the meeting all of the institutions agreed that in year 2022 a sectoral monitoring will be organized in Estonia, Latvia and Lithuania to monitor data processing operation on previously agreed sector with the aim to develop recommendations on better personal data protection approaches.

As a result of the meeting, supervisory authorities jointly agreed that in many cases a systemic approach and joint cooperation to ensure a pro-active problem solving is a preferable solution.