The overwhelming majority of Maltese citizens are unaware of the existence of a data protection commissioner in Malta, let alone of their data protection rights, a new report has shown.

A comparative report of the situation of data protection authorities in the EU's 27 member states found that Malta has sound legislation to protect its citizens, although more needs to be done particularly where data concerning employees is involved.

The report, issued by the EU's Fundamental Rights Agency (FRA), shows that when compared with other EU member states, particularly those of central and eastern Europe, Malta's data protection commissioner has the right tools to perform a good job, particularly when it comes to independence and resources.

However, few people know the office exists. Therefore, the report recommends that more effort should be made to make citizens more aware of their fundamental right to data protection and privacy.

FRA says that people in Malta and Poland are the least aware of their data protection rights.

Quoting a Eurobarometer survey, the study shows that almost 80 per cent of Maltese respondents said they had never heard of the data protection commissioner and had no idea this institution even existed in Malta.

The Data Protection Act was enacted in 2001 and Joseph Ebejer was sworn in as data protection commissioner in February 2009.

FRA's report says that Malta's legislation gives a significant guarantee of institutional independence to the data protection commissioner particularly through the attribution of a distinct legal personality and by the possibility for it to start legal proceedings.

However, various deficiencies concerning data protection in the context of employment have been highlighted.

"Malta still lacks legislation to adapt data protection rules specifically to the employment relationship, failing to acknowledge the necessity to adopt special data protection provisions to regulate the use of personal data in the employment sector. This may cause violations of personal rights of individuals," an FRA official told The Sunday Times.

In other countries, this lack of protection in the employment sector has already caused problems, particularly through the use of secret (video) surveillance of employees at their workplace.

In Malta, though many private and public workplaces have installed new data-related tools such as fingerprint logging technology and CCTV systems, it is questionable if this is in line with the law.

In general, the FRA report shows that data protection authorities in the EU are often not equipped with full powers of investigation and intervention or the capacity to give legal advice or engage in legal proceedings.

The study also found a lack of independence from the government of several of the data protection authorities in the EU, and this is presenting a major problem for their credibility. This was particularly the case in Lithuania, Latvia, Estonia, Ireland, and the UK, where concerns were raised about the capability of the officers of data protection authorities to perform their task autonomously.

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.