Lauri, a former justice minister, told ERR that after Monday's extraordinary joint session involving four Riigikogu committees, "the picture is much clearer, and it is also clear where the weak spots are or what needs to be discussed further in more detail."

The Riigikogu's constitutional committee, special committee for oversight of security agencies, finance, and legal affairs committees all convened Monday – on an extraordinary basis since the Riigikogu is on its summer recess.

Access by government agencies to account holders' banking secrecy without a legal basis was on the table following findings by the Office of the Chancellor of Justice, that state agencies have in just over a year made tens of thousands of bank data inquiries via the enforcement register but without the proper legal basis.

"When the Chancellor of Justice sent her letter, to comprehend the other parties' views on her objections, to understand what state this is in, where the actual shortcomings are, how serious they are. And since there was a sense that we likely need to make some adjustments or legislative clarifications, then it is surely needed to understand what kind of clarifications and for what reasons. For example, how these agencies operate when they request data, for what reasons they request it, how much is requested," Lauri went on.

"As has now become clear, each entry, of various kinds... For one person, there can be over 60 rows, figuratively speaking, per inquiry. If it is not known where the account is, at which bank, then they ask from eight or nine banks – immediately eight or nine inquiries. They ask for the account's existence, number, or amount – each a separate inquiry. These inquiries come in, and they accumulate relatively quickly," she continued.

Lauri said MPs received technical details and context on the scale of investigative procedures, including how and why bank secrecy is accessed — "in the case of criminal proceedings there are not many concerns." She noted that internal oversight mechanisms were explained and emphasized the need to focus the debate on account statements, which "are actually done rarely," but require clarity on "justification and the process," with potential for legislative updates in future discussions.

The ability of members of the public to check if their bank data has been queried was also talked about; in some justified cases — such as in the course of ongoing criminal investigations — this information "is hidden," Lauri added.

She noted this also applies to the money laundering data bureau, where "people often don't get an answer... on whether they've been investigated," a matter the president raised in returning a bill.

Lauri added that data tracking must be clear: "the Tax and Customs Board… [should] only turn to the banks with their inquiries as a last resort."

Lauri said that the session was a closed-door one meant there could be "more in-depth" discussion, and noted that the Ministry of Justice audit, due by mid-August, will help determine any necessary further actions.

Eesti 200: The use of bank data needs a clear legal basis and accountability

Reform's coalition partner, Eesti 200, however finds the situation where several government agencies have gained access to people's bank account data without a valid legal basis must be ended quickly, clear rules established, and accountability ensured.

Ando Kiviberg, chair of the constitutional committee and member of the Eesti 200 Riigikogu faction, stressed at the meeting the need for data usage in accordance with the principles of the rule of law.

"This is clearly a matter of maintaining the state's credibility. Of course, there must be the most effective and modern tools available to investigate crimes involving money, including cases of fraud targeting individuals. Hopefully this is understandable to everyone. But the use of these tools must be clearly in accordance with the law, and overuse of them must be ruled out," Kiviberg said.

The current practices call for raising the issue of the personal responsibility of officials, he added.

"Questions remain unanswered about, for example, who opened the enforcement register for use without a valid foundational regulation, who and on what basis granted permission for its use, etc. The fight against any type of crime cannot and must not go against the constitution," the MP went on.

The office of Chancellor of Justice Ülle Madise found during an inspection that government agencies have been able to gain access to account holders' banking secrecy via the enforcement register but without the proper legal basis. According to the chancellor of justice, state agencies have made tens of thousands of inquiries to banks in just over a year.

Minister of Justice and Digital Affairs Liisa Pakosta (Eesti 200) had previously drawn attention to the need for an audit across the entire area of governance of the ministry to eliminate any other data processing cases lacking legal clarity.

The minister has said that the protection of banking confidentiality in Estonia must be ensured at least at the same level as that afforded to health data, adding that the current high volume of inquiries indicates a need to address the debt system in a broader sense.

--

Follow ERR News on Facebook, Bluesky and X and never miss an update!