The annual meeting of the Baltic Data Protection Authorities concluded in Riga on September 12 and 13, bringing together key representatives from Estonia, Latvia, and Lithuania to reflect on the past year’s developments and chart the future course of data protection practices in the region. This gathering provided a crucial opportunity for these neighboring countries to deepen their collaboration and exchange best practices in an era when data privacy has never been more critical.
Over the two days, participants explored significant topics reshaping the data protection landscape. The meeting began with each authority's director reviewing major changes and activities from the past year, highlighting both progress and the key challenges that each country faced.
The Latvian authority shared insights about a free e-learning course, "About Personal Data – EASY," tailored specifically for small and medium-sized enterprises and available to everyone. This initiative garnered significant interest from colleagues across the Baltic region.
One of the most anticipated sessions was the presentation of findings from a joint investigation into data processing practices in the car-sharing industry, where the authorities shared key conclusions. The meeting also featured an in-depth discussion on the Digital Services Package, particularly its implications for national authorities tasked with carrying out new delegated functions and responsibilities. This led to rich conversations on how these obligations could impact the regulatory landscape.
Pille Lehis, the Director of the Estonian Data Protection Authority said:
"The meeting of the Baltic States is always an awaited event for us. As a small country, strong cooperation partners are essential. This year, we focused on how we can fine-tune our domestic practices by learning from each other’s successes and challenges. This exchange allows us to build a more resilient approach to data protection enforcement."
One of the key themes of the event was the effectiveness of the One-Stop-Shop mechanism, a cornerstone of the GDPR, which has created both opportunities and challenges for small authorities in these countries. The members discussed that new regulation on the implementation of the GDPR will create additional challenges for the small authorities due to the lack of resources to handle all the requirements of the new regulation.
In a session focused on social media, the delegations discussed the practices implemented by global platforms in processing users’ data. This provided a platform for authorities to reflect on the growing influence of social media in everyday life, and the pressing need to safeguard individuals' rights.
Dijana Šinkūnienė, Head of the State Data Protection Inspectorate of Lithuania, emphasized the importance of continued cooperation in her remarks:
"This year’s meeting was a powerful reflection of our shared commitment to improving data protection across the region. We exchanged valuable insights, particularly in investigating personal data breaches, which are crucial for protecting our citizens' privacy. The discussions on the Digital Services Package were particularly enlightening, as they will guide us in strengthening our approaches moving forward."
Jekaterina Macuka, Director of the Latvian Data State Inspectorate, added:
"This year, we are especially pleased to host not only the Spring Conference but also the Baltic Data Protection Authorities meeting. As our discussions have shown, we face many of the same obstacles in the realm of data protection. By sharing our experiences and strategies, we can strengthen our collective efforts to tackle these challenges and protect the privacy of our citizens across the region."
The meeting concluded with a review of supervisory and investigative processes, giving each authority the chance to showcase how they handle data protection violations.
As the meeting wrapped up, the Baltic authorities reaffirmed their shared commitment to enhancing data protection, working together to build a stronger regulatory framework that serves both their citizens and businesses. With discussions ranging from the implementation of GDPR mechanisms to the unique challenges posed by social media and digital services, the two-day event proved once again that cooperation between the Baltic States is a key pillar in safeguarding data privacy in an increasingly interconnected world.
Next year’s meeting will be held in Lithuania!