Personal data needs to be carefully managed online and education on this should start in primary school, data protection commissioner Irene Loizidou-Nicolaidou said on Sunday.

Speaking on the occasion of European Data Protection Day on January 28, she said data needs to be carefully managed to protect citizens from violations and abuses by third parties.

She said in her capacity as information commissioner, a new Code of Practice will be announced this year aimed at the more effective implementation of the law on the provision of information by public authorities.

She stressed the importance of fostering a culture of privacy awareness. Her office has undertaken initiatives such as organising workshops in schools, as children’s familiarity with technology starts at an increasingly young age.

She said people are responsible for protecting themselves, saying they often expose their data through the careless use of applications or the acceptance of cookies without fully understanding the consequences. She stressed the importance of carefully reading the terms of use and giving informed consent.

Her office, she said, is not just for the lodging of complaints but members of the public can also raise questions and express concerns.

A large percentage of the complaints received concern spam messages.

The imposition of administrative sanctions, ranging from warnings to fines, has proven effective in preventing repeat violations, she said.

She said the office has also dealt with organisations that collect data in violation of the proportionality principle, without a legal basis or the consent of citizens. It also conducts regular checks on premises to ensure the legal operation of closed-circuit video surveillance systems.

On an annual basis, around 500 cases are registered and investigated, while an equal number of enquiries, mainly for clarification or guidance, are answered directly. There is an upward trend in both the number of enquiries and the number of decisions issued, she said.

Elaborating on the main challenges facing her Office, she pointed to the rapidly developing field of artificial intelligence.

The challenge, she explained, is to strike a delicate balance between ensuring the effective functioning of organisations and businesses without infringing the privacy of individuals, and fully exploiting the potential of modern technology, including AI while keeping protection of personal data intact.

For 2025, her priorities are to adapt to new challenges arising from developments in the field of AI and strengthen the human resources of her office.

She emphasised the importance of correctly implementing the law, describing it as a valuable tool “to enhance transparency and accountability”.