Two years ago, the Estonian Data Protection Inspectorate (AKI) alerted the Ministry of Climate to potential problems in the building register, stating that some information might have restricted access. This came amidst inspections conducted in 2021 and 2022, which aimed to ensure the better implementation of public information laws. It is noteworthy that the Inspectorate did not issue an order for immediate actions but rather provided guidance so that the Ministry could reflect on these concerns.

While these inspections were not deemed urgent enough to warrant immediate publication restrictions, AKI's leadership described the situation as one where certain data could be exposed to the public, undermining privacy expectations. Pille Lehis, the head of the Inspectorate, pointed out that the focus of the ongoing procedures at that point was different, and they merely highlighted the need to consider potential risks associated with public access to sensitive information in the building register, emphasizing wider implications for data privacy.

The implication of this story extends to how Estonia manages sensitive public information within its building register. As the pressure increases for government entities to safeguard personal data, the challenges raised by the AKI signal a need for comprehensive policy reviews in compliance with data protection standards. Current conversations around data access and transparency will likely result in more robust regulatory frameworks aimed at preventing unauthorized data access in the future, safeguarding citizens' privacy rights against potential misuses of public databases.