Financial Crime World

Here is the rewritten article in markdown format:

Estonia Takes a Step Forward in Data Privacy with New Amendment to Personal Data Protection Act

TALLINN - The Estonian government has made significant strides in enhancing data privacy in the financial services sector by amending its Personal Data Protection Act (PDPA) to align with the European Union’s General Data Protection Regulation (GDPR). The new amendment aims to provide citizens with greater control over their personal data and ensure that organizations handling such information comply with strict regulations.

Key Amendments

  • Individuals have the right to be informed about how their personal data is collected and processed.
  • They also have the right of access to their data, as well as the right to:
    • Rectification
    • Erasure
    • Object or opt-out
    • Not be subject to automated decision-making

Enforcement

The Data Protection Inspectorate (DPI) has been empowered with the authority to enforce the provisions of the law. This includes:

  • Imposing fines of up to €20 million or 4% of a company’s global annual turnover for non-compliance.
  • Demanding restrictions on data collection and processing, including erasure or rectification of improperly collected data.

Data Retention Regulations

The new amendment introduces some differences in data retention regulations compared to the EU’s GDPR law. For example:

  • Personal data collected from public spaces must be preserved for a period of ten years after making the respective entry, unless otherwise provided by law.
  • Consent is required for audio or visual recordings made in public places intended for future disclosure, unless otherwise provided by law.

Impact

The revised PDPA provides Estonian citizens with a robust framework to protect their personal data, aligning with international standards and ensuring that financial institutions operating in the country adhere to strict regulations.

“We are committed to providing our citizens with a high level of data protection,” said [Name], Estonia’s Minister of Justice. “This new amendment demonstrates our commitment to ensuring that individuals have control over their personal data and can trust that it is being handled securely.”

Effective Date

The revised PDPA comes into effect immediately, marking an important milestone in Estonia’s journey towards enhancing data privacy in the financial services sector.