In a digital landscape increasingly defined by automated systems, the latest annual report from Lithuania’s State Data Protection Inspectorate (VDAI) reveals a significant shift in public engagement with privacy rights. During a recent presentation to the Seimas Committee on Human Rights, officials disclosed a 48% year-on-year increase in complaints and reports, signaling a sharp rise in citizen vigilance regarding personal information.
This surge in activity is not necessarily an indicator of declining security standards, but rather a reflection of a more informed and reactive public. According to the 2025 data, while 58% of Lithuanians believe that local institutions and private companies are adequately protecting their data, the sheer volume of formal complaints suggests that users are no longer willing to overlook perceived infringements.
The Anatomy of Data Breaches in 2025
The report provides a granular look at how data security fails in practice. In 2025, the VDAI recorded 223 significant personal data security breaches (ADSP). These incidents collectively impacted 1,249,409 data subjects—a staggering figure for a nation of roughly 2.8 million people, suggesting that many individuals were affected by multiple breaches or large-scale institutional failures.
When examining the root causes of these breaches, the data challenges the common perception that sophisticated hackers are the primary threat. Instead, internal operational failures remain the dominant risk factor.
| Cause of Data Breach | Percentage of Incidents |
|---|---|
| Human Error | 58% |
| Cyberattacks/Incidents | 29% |
| Other (Technical/Systemic) | 13% |
| Total Subjects Affected | 1,249,409 |
These figures prove that while cybersecurity infrastructure is vital, the “human element”—ranging from misdirected emails to improper access controls—remains the most vulnerable link in the data protection chain. For UK readers and businesses, this mirrors a global trend where administrative training often lags behind technical software defenses.
The AI Frontier and Regulatory Challenges
A central pillar of the 2025 report is the implementation of the European Union’s Artificial Intelligence Act. As AI systems become integrated into public services and private commerce, the VDAI has prioritized ensuring these technologies adhere to the principles of transparency and the rule of law.
Dijana Šinkūnienė, Director of the VDAI, emphasized that the rapid digitalization of the environment has made data protection an inseparable component of broader human rights. The challenge, however, lies in the technical complexity of AI. The Inspectorate noted that managing the risks posed by AI requires not just legal oversight, but a significant boost in specialized institutional expertise.
There is a notable caveat to the reported rise in public awareness: while half of the surveyed population feels informed about their rights, the other half remains in a “grey zone.” This gap explains the VDAI’s aggressive pivot toward preventive education, including the publication of methodological recommendations and the hosting of specialized seminars for both the public and private sectors.
Looking Ahead: Capacity and Cyber-Resilience
The discussion within the Human Rights Committee highlighted a critical bottleneck: a shortage of qualified specialists in the fields of data protection and cybersecurity. As the volume of complaints grows and the complexity of AI-driven data processing increases, the VDAI’s ability to provide timely oversight is under pressure.
For the international community, the Lithuanian experience serves as a bellwether. The transition from passive data subjects to active claimants suggests that the “GDPR era” has reached a new level of maturity. However, the high rate of human error-driven breaches indicates that the next phase of data protection must focus as much on organizational culture and staff training as it does on repelling external cyber-threats.
As Lithuania continues to align its domestic policies with the EU AI Act, the focus will remain on balancing technological innovation with the fundamental right to privacy—a challenge that resonates across the UK and the wider European continent.
Source: ELTA
Article contextPeople & topics2#5
What do you think about this article?
Reader Ideas Newsroom
Have a sharper angle for this topic? Add it to the community idea board and let readers vote it up for editorial review.
/linkComments
8+ useful words can earn +10-60 DP; shorter replies can still publish without DP.