Data Protection in Estonia Reflected in the Case-Law of the Court of Justice
The Court of Justice has interpreted the Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (data protection directive) in seven decisions made on the basis of references for preliminary ruling and applied the directive in three cases that reached the Court as a result of complaints.
According to the authors, two conclusions of fundamental importance to Estonia can be made on the basis of the case-law of the Court of Justice. For Member States, the flexibility of data protection directive involves an obligation to complement it with concrete legal basis by single cases that would correspond to the principle of adequate definition. Secondly, the Estonian Data Protection Inspectorate as an independent supervisory agency in the system of state agencies must not be under the control of any ministries in the sense of economic, organisational and personal independence, in order to preclude the dependence of the level of the fundamental rights of persons on political will. In practice these two conclusions mean first, that social scientists and jurists, IT professionals and the specialists of many other fields have to co-operate effectively to increase the coherence of the legal framework of data protection. Second, taking into account the growing importance of data protection sphere in information society, the strengthening of institutional structure requires state initiative to remove this area outside the sphere that can be influenced politically.