On occasion of 28th January which is the Data Protection Day in EU and CE, the Commissioner for Information of Public Importance and Personal Data Protection has estimated that the day, i.e. the 29th anniversary of the adoption of the fundamental international document in this field - the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, is an opportunity to be reminded that as a state, which has accepted the Convention, as well as the Additional Protocol to the Convention, we still have a lot to do to bring the situation in this field to the level of European standards.
In a conversation, with NGO ‘’Privatnost Srbija’’ (Privacy Serbia), Rodoljub Sabic, the Commissioner, has stated the following:
‘’Adoption of European standards of personal data protection is a very complex task for every state in the process of transition. It entails not only comprehensive legislative activities on harmonization of legal order, but also establishing a monitoring body with powers and resources enabling monitoring over achieving these standards and their protection and also, which is maybe most important, a very comprehensive and complex education campaign on the contents and scope of the standards, before all, for the people in public authorities and for as wide circle of citizens as possible.
Such a complex task must not be a matter of improvisation and it would have to be based on a defined strategy. In cooperation with the EU Commission experts, my associates and I have prepared a Draft National Strategy for Implementation of Personal Data Protection and submitted it to the Government of Serbia. Unfortunately, even though I have subsequently initiated the adoption of the Strategy, we do not have it yet.
The process of harmonization of our legal order has only been initiated with the adoption of the Law on Personal Data Protection. However, all secondary legislation necessary for implementation of the Law has not been adopted yet. The Commissioner has adopted documents which are within his competences, but the Government has not adopted the Regulation on Protection of Very Sensitive Data, even though the deadline for that has passed several months before. It is not good that there is no awareness that harmonization of a large number of laws is expected of us, for which is necessary to define, using the already mentioned Strategy, the exact laws to be harmonized, the deadlines and responsibilities. With regard to the monitoring body, it is good that this year, as opposed to the last year, the Government has provided all necessary resources in the budget for employing workers for performing the new tasks of the Commissioner’s Office in the field of personal data protection. However, that fact will have the first real, practical significance only if the necessary office space, which is missing now, is provided in due time.
In general, the precondition for raising the level of personal data protection entails not only the inclusion of the Commissioner and all other public subjects, but also of the widest possible circle of social subjects and citizens, and the organizations from the nongovernmental sector can make a very significant contribution.“
