The Commissioner for Information of Public Importance and Personal Data Protection has submitted to the National Assembly of the Republic of Serbia the Report on Implementation of the Law on Free Access to Information of Public Importance and the Law on Personal Data Protection in 2012. This report has also been submitted to the President of Serbia, the Ombudsman and the Government of the Republic of Serbia in accordance with the law.
This regular report submitted by the Commissioner for each year within three month after the year ends is also posted on the Commissioners web presentation at: http://www.poverenik.rs/index.php/sr/o-nama/godisnji-izvestaji/1562-izvestaj-poverenika-za-2012-godinu.html.
In that regard, Commissioner Rodoljub Sabic also said the following:
"In 2012, citizens have continued turning increasingly to the Commissioner to protect their rights. In 2012, 7,570 cases were processed (6,037 in the field of information and 1,533 in the field of data protection). That number is about 25% higher compared with 2011, two times higher compared with 2010, or three times higher compared with 2005. Of course, these are only formal procedures, while the number of citizens' informal consultation with the Commissioner is several times higher. The present trend is good as a confirmation of the improvement of citizens' trust in the institution of the Commissioner, but it is also alarming as a confirmation of the presence of a number of problems in the exercise of rights.
There is a significant difference in assessment and situation in the two fields for which the Commissioner is responsible. On the one hand, in the field of freedom of information, we have a continual progressive process, which appears to be irreversible. It just has to be improved and its continuity has to be maintained.
I must also point out several acute issues.
First, the total lack of liability for violation of the law. I do not know what could justify the fact that in 2012, as well as in 2011, the competent ministries – first the Ministry of Public Administration and then the Ministry of Justice – did not initiate any infringement procedure against those responsible for violations of the Law on Free Access to Information, although there is no doubt that several hundred of violations have been done, and they were also directly informed by the Commissioner about several hundreds violations of the most drastic kind.
A chronic problem is enforcement of Commissioner's orders, which are final, binding and executive under the law, but should, where necessary be enforced by the Serbian Government according to the law as a last resort, although the Government has so far failed to do so.
In that regard, we should also not ignore the increase in the number of those who fail to act in accordance with the orders, although the orders are binding for them according to the law. In the context of anti-corruption efforts it could be particularly worrying that the leading offenders are public enterprises. A drastic example is "Telekom Srbija", which failed to act in accordance with as many as 23 rulings, but it is "successfully" followed by public enterprise "Serbian Railways", Electric Power Industry of Serbia, public enterprise "Srbija gas" etc.
In the absence of liability for violation of the law and enforcement of Commissioner's rulings, the percentage of successful Commissioner's interventions - about 91% - gains additional weight.
In 2012, the Commissioner had at his disposal 146 million dinars, and he spent 105 millions or 72%. Savings are the result of rational spending of available funds and also of the fact that the Commissioner worked with the significantly lower number of associates than the envisaged.
As regards personal data protection, the situation is considerably worse due to a number of negative facts, of which I would like to emphasize two on this occasion.
The Commissioner as an institution provides a significant contribution to the implementation of the Law on personal Data Protection and the citizens are increasingly turning to him for the protection of this right (from 83 cases in 2009 to 1,533 cases in 2012). Still, the Commissioner's Office is chronically understaffed. The chronic lack of the Government's will (three successive governments have changed since the Law on Personal Data Protection has entered into force) to provide to this institution necessary premises for work results in its inability to act on citizens' complaints within desired deadlines.
In addition, the legal framework for personal data protection is absolutely incomplete. I emphasized on several occasions that certain important fields are virtually unregulated (video surveillance, biometrics, security checks, private security sector etc.). Also, the Government and other public authorities did not even perform their main tasks set out in the Law on Personal Data Protection. Only two examples are enough to illustrate this. The Government delayed enactment of the Action Plan for implementation of the Personal Data Protection Strategy for almost two and a half years and enactment of the Decree on Protection of the so-called Particularly Sensitive Data for almost four years. It is needless to comment negative results of such attitude.
In the field of freedom of information we have a positive trend which should be continued, while in the field of personal data protection we are almost at the very beginning. Chronic issues in the field of freedom of information should be finally addressed. If there is political will, it could be done in a relatively short period. But, as regards privacy, particularly personal data protection, much more remains to be done. The attitude of the society and the state towards the situation in this field should be radically changed."
