By-law of the Data State Inspectorate

Issued pursuant to
Section 16, Paragraph one of
the State Administration Structure Law

I. General Provisions

1. The Data State Inspectorate (hereinafter - Inspectorate) is an institution of direct administration under supervision of the Ministry of Justice, which operates independently and without assistance, performing the functions laid down in laws and regulations.

2. The purpose of the operation of the Inspectorate is the supervision of personal data protection, the accreditation and supervision of trustworthy providers of certification services, the supervision of data protection in the electronic communications sector, as well as the supervision of the circulation of services of an information society according to the competence.

II. Functions and Tasks of the Inspectorate

3. The Inspectorate shall have the following functions:

3.1. to supervise processing and protection of personal data in accordance with the laws and regulations governing the field of personal data protection, processing of biometric data, human genome research and extrajudicial debt recovery;

3.2. if the data subject requests information regarding himself or herself, to ensure forwarding of the request to the European Judicial Cooperation Unit (Eurojust);

3.3. to represent the Republic of Latvia in the Joint Supervisory Body of the Schengen Information System, the Europol Joint Supervisory Body, the Appeals Committee of Europol and the Joint Supervisory Body of the Customs Information System, in the Article 29 Data Protection Working Party set up under the Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and the Consultative Committee set up under Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data.

4. In order to perform the functions referred to in Paragraph 3 of this Regulation, the Inspectorate shall perform the tasks specified in the laws and regulations, European Union legal acts and international agreements governing the field of personal data protection, services of an information society, electronic communications, electronic documents, processing of biometric data, operation of the Schengen Information System, human genome research, security of information technologies, and extrajudicial debt recovery, as well as represent the Republic of Latvia in international organisations and measures in the field of data protection.

5. The Inspectorate has the rights specified in the laws and regulations, European Union legal acts and international agreements governing the field of personal data protection, services of an information society, electronic communications, electronic documents, processing of biometric data, operation of the Schengen Information System, human genome research, security of information technologies, and extrajudicial debt recovery.

III. Structure of the Inspectorate and Competence of Officials Thereof

6. The work of the Inspectorate shall be led by the director of the Inspectorate.

7. The director of the Inspectorate shall carry out the tasks of the head of an institution of direct administration laid down in the State Administration Structure Law, as well as:

7.1. represent the Inspectorate without special authorisation;

7.2. in each individual case authorise an official or employee of the Inspectorate to represent the Inspectorate;

7.3. establish commissions, councils, and working groups for the performance of the functions of the Inspectorate, as well as approve their by-laws.

8. The director of the Inspectorate shall determine the structure of the Inspectorate, the functions and subordination of each unit.

9. The competence and rights of officials and employees of the Inspectorate are laid down in laws and regulations, European Union legal acts and international agreements governing the field of personal data protection, services of an information society, electronic communications, electronic documents, processing of biometric data, operation of the Schengen Information System, human genome research, security of information technologies, and extrajudicial debt recovery.

10. The officials and employees of the Inspectorate shall ensure that the information obtained in the process of notification and inspections is not disclosed, except information accessible to the general public. Such prohibition shall also remain in effect after the official and employee have ceased to fulfil their official duties.

IV. Provision of the Rule of Law of the Operation of the Inspectorate and Report on the Operation Thereof

11. The rule of law of the Inspectorate shall be ensured by the director of the Inspectorate. The director of the Inspectorate shall be responsible for the establishment and operation of the system for internal control and verification of governance decisions of the Inspectorate.

12. An administrative act issued by or actual action of an official of the Inspectorate may be contested by submitting a respective submission to the director of the Inspectorate. The administrative act issued by or actual action of the director, as well as the decision on the contested administrative act or actual action may be appealed to the court.

13. The Inspectorate shall, once a year, prepare a public report on its operation and provide a report on utilisation of the budget resources.

V. Closing Provision

14. Cabinet Regulation No. 408 of 28 November 2000, By-law of the Data State Inspectorate (Latvijas Vēstnesis, 2000, No. 435/437; 2003, No. 49), is repealed.

Prime Minister Valdis Dombrovskis

Minister for Justice Jānis Bordāns

Translation © 2016 Valsts valodas centrs (State Language Centre)