The Commissioner for Information of Public Importance and Personal Data Protection communicated to the National Assembly the Report on Implementation of the Law on Free Access to Information of Public Importance and the Law on Personal Data Protection for 2014. The Report was also communicated to the Serbian President, the Protector of Citizens and the Serbian Government and posted on the Commissioner's official website.

In that regard, Commissioner Rodoljub Sabic said the following:

"Constant increase in the number of citizens and other entities who contact the Commissioner was continued in 2014. This trend can be seen as positive, as it shows that citizens' trust in the institution of the Commissioner is increasing, but it is also alarming, as it confirms that a number of problems associated with the exercise of rights still remain.

In 2014, the Commissioner handled 11 387 cases in total (8 749 cases in the field of free access to information and 2 638 cases in the field of personal data protection), which is an increase of about 15 % compared to 2013, about 33% compared to 2012, or 46% compared to 2011 or three times the number in 2010 or even five times the number in 2005. These are, of course, just formal procedures, while the number of citizens' informal contacts is incomparably higher.

The assessments of the situations in these two fields are significantly different. On the one hand, we have continual progressive process, which is evidently irreversible in spite of some chronic problems which persisted for years, and even the re-appearance of certain problems for which we thought they were overcome in the field of free access to information. These problems, of course, should not be underestimated and it should be noted that they are the product and the consequence of non-functioning mechanisms which are not under the Commissioner's control, but the executive branch.

The fact that the Government has not enforced the Commissioner's decisions in any of the cases where this was necessary, although it was clearly required under the law to act so. Bad "practice" of the Ministry of Justice and Public Administration which did not prosecute a single one of the numerous offenders in the last three consecutive years, in 2014 was practically continued by the competent Ministry of Public Administration and Local Self-Government. This attitude of the competent authorities for initiating infringement proceedings simply begs for more violations of the law.

An end must be put to this practice without any further delays, taking into account the importance of transparency and for the achievement of a number of transition objectives, i.e. the fundamental principles of democratic society such as –good administration, democratic control of government, rationality, accountability etc. Underestimation of facts which point to a lack of compliance with the duties owed to the public, especially when coupled with a chronic lack of liability for violations of the Law on Free Access to Information of Public Importance, certainly and inevitably steers the country away from the desired and strongly proclaimed results in the fight against corruption and many other transition objectives.

The situation in the field of personal data protection is, as already mentioned, unsatisfactory and alarming.

During 2014, the Commissioner in this field closed 2200 cases, which is an increase of about 16% compared to the previous year. However, there are problems in this field which no activities of the Commissioner can eliminate them, since the sources of the problems are beyond Commissioner's control.

The main issue is the complete lack of thoughtful, strategic approach at the global, national level, because the implementation of modern standards of personal data protection for each transition state is extremely sophisticated, state-solving task that necessarily entails such an approach and involvement of a large number of entities.

Even after more than four years of adoption of the Personal Data Protection Strategy, the Government has not adopted an Action Plan for Implementation of the Strategy, although it should have done so within three months. As a result of this omission, the Strategy remains a list of good intentions, a dead letter, while in the meantime four years have passed by without any attempt to do what was needed and possible.

Even after repeated warnings by the Commissioner about the need for radical amendments or a completely new law on personal data protection, virtually nothing was done in this regard in 2014. There was no response even to the "partial" initiatives launched by the Commissioner. As a result, Serbia lacks legislative provisions in highly sensitive areas of personal data processing, such as video surveillance, biometrics, security checks etc., although the existence of such provisions is stipulated by the Constitution. The same applies to the access to data on citizens' electronic communications.

Faced with the above situation, the Commissioner, trying to assist the Government, decided to draft a new model LPDP. Following the suggestions received during the public hearing, the Commissioner communicated in October 2014, the new Model LPDP, to the Ministry of Justice and published it on its official website, where it can be also seen today. Unfortunately, it is not known whether the Ministry of Justice or the Government of the Republic of Serbia has undertaken the activities with a view to adopting the submitted model LPDP or drafting a new text on the basis of this model.

Six whole years after the effective date of the Law, the Government has not adopted a regulation that would provide for the protection of particularly sensitive personal data. For this reason, the special protection of particularly sensitive data, which is guaranteed by the law, has remained nothing more than an empty promise for many different categories of persons. As a result, processing of data in many cases leads to violations of the citizens' rights. This is all the more alarming because these rights are flagrantly and quite frequently violated by public authorities.

Since the reasons explained above are a source of a large number of violations of guaranteed human rights, it is necessary for competent authorities, including in particular the Government of Serbia and the competent ministries, to qualitatively change their current approach to the situation in the field of personal data protection."