Although in Malta, the Data Protection Act implementation has reached its decade, it seems that its enforcement is far from being the desired one. Maltawinds has received complaints in different forms about the way businesses and other organisations totally ignore Data Protection. The constant complaint is with respect to sales companies of organisations that use data acquired for other reasons to cross sell in spite of the persons objecting to that. It seems that there is also the wrong use of data when it comes to surveys.
The description given to Maltawinds on how organisations are acquiring data clearly show that organisations do not have procedures in place in order to protect data and to make proper use of data. One may think that this is in the private sector only and it is because it may be too much of an administrative burden and it increases costs. Regrettably, this is not the case as if properly implemented one may combine the various obligations under Maltese law under one procedure without necessarily increasing costs significantly. However, it is not just the private sector. Government and the Political Parties are far from leading by example on this sensitive matter.
Beyond the recent debate on a legal notice envisioned by Minister Evarist Bartolo there are some serious complaints on certain Government Schools particularly when there are cases of Civil Unions, Divorces, Separations and similar situations. It seems that the schools send to both the parents of the children for parents day and on such letters it put the address of both parents. There have been cases whereby the Police gave a word of caution to the estranged partner not to give to the former partner for security reasons. Yet again the school gave this address to the estranged partner through this move. It seems as well that the schools do not have the necessary infrastructure to monitor who has legal custody. There have been cases whereby one of the Parents not only has no legal custody but has been prohibited by the courts to see the child without the attendance of the Social worker. One argues how in an era whereby various administrations boast of the technological advancement of Government, there is not a fool proof system that caters for these situations.
Even more shocking however, is the fact that it seems that Mater Dei Hospital has the authority to give certain data on persons to people that are not employees of the same hospital. It seems for example that in the case of persons sent to England to be operated, Mater Dei provides a list to a religious entity of the Maltese persons, which hospitals they are in, when they are due to arrive and when they leave and what they are being operated for. This is to say the least atrocious.
It seems that the Commissioner for Data Protection lack the resources to address these matters. Both scenarios above are very serious. Malta needs to start respecting the privacy of persons . It is useless changing laws if we cannot have the fundamental right of Privacy.