Privacy protection in the transmission of personal data in business – insights from Lithuania

Abstract

In recent decades extremely rapid technological advances have been seen that have changed many areas of daily life and the business environment. These technological advances are leading to the increasing use of electronic communications networks and cloud technologies by individuals, businesses, and organizations to provide services, store, and manage records, especially in the electronic space. The increasing use of these links offers an unprecedented opportunity to systematically collect and use a variety of data (including personal data) for different purposes. Information and data collected and processed with the help of technology are used not only for the purposes of meeting the needs of natural and legal persons but for various other reasons too. In the context of the collection and the use of personal data, which is very widespread in business relations, ensuring the individual’s right to privacy becomes problematic, especially if the data have to be transferred to third countries outside the EU. The authors of the article provide an example of how the case of data transfer to a third party was resolved in the Lithuanian courts. It also provides insights into how data transfers to third (non-EU) countries will change according to the Standard Contractual Clauses (SCCs), which will take effect on December 27, 2022.