Adoption of the Strategy is of crucial importance for better and more efficient realization of this right in Serbia
About the current situation and new Strategy for Personal Data Protection in Serbia Milan Marinović, Commissioner for information of public importance and personal data protection gives his opinion in interview for our magazine.
What is the current situation when it comes to the protection of personal data in Serbia and what can be improved?
I would say that the situation here is similar to other European countries, meaning that the same challenges/problems appear in practice before all institutions dealing with this right. The most characteristic is accelerated digitalization, increased new technologies use, rapid AI development, and other new age challenges. Besides the good sides that all of the above brings, it also leads to a greater threat to personal data protection. Bearing in mind that the wheel of civilization is unstoppably pushing forward in the described direction, it is up to us who deal with this right to constantly point out the new age dangers in terms of privacy and propose solutions to protect this human right.
“The fact that in 2021 we received 3,366 cases in this area – which is a significant increase compared to 2,952 cases received in 2020, shows that the situation is not yet at a satisfactory level”
The fact that in 2021 we received 3,366 cases in this area – which is a significant increase compared to 2,952 cases received in 2020, shows that the situation is not yet at a satisfactory level. One of the reasons for that is the insufficient level of knowledge, both of those who process personal data and of the citizens whose data are processed. Hence, we will launch a series of activities: an initiative to make personal data protection a part of the curriculum in primary and secondary schools, education of citizens and personal data processors on the need to protect these data, and ways to achieve that protection, establishment of offices outside Belgrade so that all citizens in Serbia have almost the same opportunities to protect their data and communicate with the Commissioner, as well as many other activities.
The law in this area has been applied for a bit over two years. Has it improved the exercise of rights and how is the implementation going?
The Personal Data Protection Law has undoubtedly improved the exercise of the right to personal data protection, which is expected for it is practically a compilation of the GDPR and the Police Directive used in EU member states. The law’s implementation, however, is not going well and due to the fact that it has left many open questions, e.g. insufficiently precise definition of the competent bodies that process special categories of personal data, lack of regulation of some important types of personal data processing such as video surveillance, biometric data processing, non-compliance with the provisions governing legal remedies that may be submitted to protect personal data and more.
A new Strategy for Personal Data Protection is currently being drafted. What is expected and to what extent is it harmonized with similar documents in the EU?
Adoption of the Strategy is of crucial importance for better and more efficient realization of this right in Serbia. I expect that the implementation of the Strategy will lead to a more complete and harmonized normative framework and fuel raising the awareness of all social strata about this right’s importance. One of the priorities of the Strategy is to amend the current Law and harmonize all laws dealing with personal data processing with it, providing unity of the legal system in this area.
What else can Serbia do regarding strengthening the Commissioner’s institution and what do you think, is the situation improving or stagnating from year to year?
In recent years, a lot has been done on this issue and the situation is constantly improving. However, although the Commissioner, with the adoption of the new Personal Data Protection Law and then the Law on Amendments to the Law on Free Access to Information of Public Importance, has been given expanded powers, there is still a need for additional empowerment, through increasing the number of staff, and institution’s spatial/technical equipping. This is a precondition for the Commissioner to be able to respond to all the challenges and demands posed by a significant expansion of his competence and to be able to protect the citizens’ rights in the way that is expected of him.