Over the past few years, there have been numerous instances of personal data belonging to Albanian citizens being compromised. For instance, within the last two years alone, records pertaining to voters in Tirana, salaries earned by both Albanian and foreign citizens, and information on vehicle owners have been made readily available in digital formats. These breaches represent clear violations of citizens’ constitutional rights. Despite the existence of regulatory and legal frameworks designed to safeguard personal data, the institutional response to such breaches has been minimal, leaving the safety and security of Albanian citizens at risk. This risk is compounded by the lack of awareness among citizens regarding the importance of privacy and personal data protection, which is perpetuated by the level of public discourse on these issues.

This working paper analyses personal data breaches starting from 2008, when the Civil Registry was distributed to anyone interested to have access to it, it then continues with the depiction of the most massive breach of personal data in the country the 2021 publication of Tirana Voters’ Database, which was leaked a couple of weeks prior to general elections. In late 2021, massive breaches continued with the salaries of public and private sector employees, and license plates of Albanian citizens and companies.

The paper represents a living document, that aims to stimulate discussion and contribute to formalization of knowledge on personal data breaches in the country, while increasing awareness of different stakeholders towards such breaches. The recommendations part of the document feed into this line of thinking and aim to bring together stakeholders to increase awareness on personal data protection, think of mitigating risks stemming from the breaches, as well as contribute to enlarge the body of research on such topic.

Download the working paper here: WORKING PAPER – Mapping personal data violations in Albania: A short retrospective on massive breaches in the country.

This working paper is prepared in the framework of the project “Modifying Error 404: Towards Green, Digital and Inclusive Societies”, implemented by DBS Foundation, SHARE Foundation, SCiDEV, Institute of Communication Studies, and ERIAC Serbia, with the support of OSF Serbia.