The digitization of processes has brought many threats into existence, thus, sparking important concerns regarding Data Protection. For that reason, as part of the GOT_DATA International Conference held on December 10 in Pristina, addressing the importance of Data Protection as a region was part of the second panel discussion moderated by Open Data Kosovo’s Deputy Director Dafina Olluri.

Data breaches, safety of our data, and cyber-attacks were some of the key concerns that were discussed on this panel. The present speakers also spoke about how their institutions are addressing such pressing matters and what kinds of mechanisms are being used for their prevention or sanction. Among them were Krenare Sogojeva Dërmaku – Kosovo Commissioner, Information and Privacy Agency (AIP) from Kosovo, Gjorgji Rajchinoski – Junior Associate – Supervisor (Supervision Department, Department for Security Violations and Violations of the Right to Personal Data Protection) at the Personal Data Protection Agency from North Macedonia, Aleksa Ivanović – former member of the Council of the Agency for protection of personal data and free access to information in Montenegro, and an expert on protection of personal data from Montenegro, and Uroš Misljenovic – Programme Officer at Partners Serbia from Serbia.

Aleksa Ivanović reflected on the lack of GDPR alignment of the Montenegrin Law and the most recent developments in that area. “The first time we established the Agency was in 2009 which is when we started to protect this constitutional right. The legal basis that we used for the Law was a directive from 1996 and now Montenegro is in the process of drafting a new Law and that Law needs to be harmonized with GDPR.” – he said. He shared that according to plans, the Law should be in Parliament next year and that he is very much looking forward to it. He suggested that institutions should do knowledge transfers more often and not only within the region but also from other EU countries in order to advance this human right.

Gjorgji Rajchinoski spoke about the practices of the Personal Data Protection Agency from North Macedonia, sharing that the Law in North Macedonia is fully aligned with the GDPR and they have already been working on its implementation through creating supporting guidelines for the practitioners, doing capacity building and awareness raising, among other things. He reckoned that this is how they tried to address the lack of awareness and understanding of the Law by the public and private entities as well as civic sector. “Because everything went digital and we were witnesses of how COVID changed our lives and people now are often using digital platforms to pay bills, to buy something on the Internet, the Agency made a decision to do more online supervision of the functionality and security of the websites (of online sellers).”– Rajchinoski shared.

“As you may know already Kosovo has adopted the Law on Data Protection that is fully aligned with the General Data Protection Regulation known as the GDPR. In fact, Kosovo has adopted the Law since 2019 but the functioning of the Agency has just started from June this year.” – shared the Kosovo Commissioner Krenare Sogojeva Dërmaku. She sees the Law as a tool for ensuring the respect for the fundamental human rights and said that as a region we are very lucky to now have this mechanism to make sure to settle cases of data protection more effectively and according to the Law, thus also brining decisions and imposing legal fines. The Commissioner shared that as a region, even if not all the Laws are aligned with the GDPR they still need to work together, identify the best practices from the region and adopt them in their system, as well as build a common trust among the countries on data protection.

Joining virtually, Uroš Misljenovic from Partners for Democratic Change Serbia shared that Serbia had a Data Protection Law prior to 2018 when this Law was improved and it is basically a mixture of provision of GDPR and the Law Enforcement Directive, both EU documents translated into one document. “When you see these things from another perspective you would say “Ok, the Law is well aligned because we have GDPR, right?”. Yes and no. We don’t have the matching supportive specific provisions that EU countries have enacted so far.” – he shared, adding that the institutional capacities for implementing this Law are insufficient and there haven’t been many opportunities or efforts for going beyond those basic requirements to comply with the Law.

The album from this event can be accessed here and in case you missed the event you can watch the videos below.

The conference is part of the regional project “Increasing Civic Engagement in the Digital Agenda – ICEDA” which is co-funded by the European Union, and it presents the results of projects supported by NED (National Endowment for Democracy), DEMOS, the Kingdom of the Netherlands, Sweden and Norway.

Тhe project Increasing Civic Engagement in the Digital Agenda – ICEDA is co-funded by the European Union and implemented by the Metamorphosis Foundation (North Macedonia), Academy for e-Government (Estonia), Levizja Mjaft! (Albania), CRTA – Center for Research, Transparency and Accountability (Serbia), NGO 35mm (Montenegro) and ODK – Open Data Kosovo (Kosovo).