The Commissioner for information of Public Importance and Personal Data Protection Rodoljub Sabic considers that stealing of a computer with personal data on several dozens of persons from premises of the Commissioner for Refugees in Novi Sad is not and must not be treated as a "regular' criminal offence.
The fact that unauthorized persons obtained personal data on several thousand citizens opens numerous possibilities for abuse and is a serious, real threat to rights and interests of persons the data relate to. This and some other similar cases should be taken as a serious warning that the attitude towards protection of citizens' privacy is far from adequate because unauthorized persons can easily come into possession of citizens' personal data and because of the lack of or completely inadequate reactions of responsible persons.
In connection with this, Commissioner Rodoljub Sabic also said the following:
"This case, as several other recent cases, raises a number of questions in connection with violation of rights and interests of a large number of citizens because of the possible abuse of their personal data. We do not have reliable answers to those questions although we should have them. As regards personal data protection, by a combination of circumstances we seriously lag behind not just EU, but our neighbouring countries as well. Although the first thing can be understood, we should not accept the other thing and this is why we must start changing the current situation without delay.
With a delay of at least several years compared to, for example Croatia or Macedonia, our country has recently passed the New law on Personal Data Protection partially harmonized with the EU standards, but even after more than a half of year after its adoption necessary conditions for its implementation have not been met. This is why our country does not have organized state supervision which would ensure implementation of standards for treatment of citizens' personal data set under the Law. While 20-30 persons are employed for personal data protection in the Slovenian Information Commissioner's Office and in agencies of Croatia and Macedonia, our country still has no employees for that purpose.
We must start taking measures on the normative (necessary secondary legislation has not been passed yet), organizational and operative plans without delay, particularly measures for education of both citizens and general public and persons who deal with personal data processing and are responsible for their protection. The last could be the hardest task, taking into account the current, very low level of culture of personal data protection."