Incorporate as soon as possible the new EU rules on personal data protection into Montenegrin legislation

On the occasion of 28 January – Personal Data Protection Day, the Centre for Civic Education (CCE) appeals to the authorised institutions to urgently start the process of harmonization of the legislative framework of Montenegro with the EU General Data Protection Regulation (GDPR) that entered into force on 25 May 2018.

Data protection is fundamental human right, which is guaranteed by the Constitution of Montenegro and other legal acts. However, due to the ever more rapid technological advancement and digitization of business and private correspondence through numerous mobile applications, social networks, consumer profiling applications, Big Data, etc. problems occur that these acts have not foreseen. Therefore, the importance of this Regulation is also reflected in the definition of new obligations and codes of conduct for employees working on the citizens’ data processing, in order to ensure higher degree of personal data protection.

Što prije inkorporirati nova pravila EU o zaštiti podataka o ličnosti u crnogorsku legislativu

The new Personal Data Protection Law is anticipated in Montenegro for a long time now, and this legal text must also incorporate the GDPR principles in order to be aligned with EU standards. Therefore, the CCE requests the Government to accelerate the process of adoption of long ago announced new Personal Data Protection Law.

The CCE emphasizes the importance that future legal drafters envisage functional personal data management system and its implementation, which will contribute to better control over data and their use, as well as compliance with new European directive. In addition, it is necessary to provide a system of statistics on how and in what manner personal data of citizens are sold to advertisers, companies, state bodies and other entities. It is important for the supervisory authority for the application of the GDPR, i.e. the Agency for Personal Data Protection, to have an insight into the use of personal data at any time, to be able to request the insight into the documentation, order the audit, and to impose sanctions for non-respect of the right to protection of personal data of citizens.

Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data represents a first document that at the European level regulates obligations of countries in relation to personal data protection and was opened for signing on 28 January 1981. This day is marked in all countries of the Council of Europe, and Council of Europe and the European Commission mark it jointly as the European Personal Data Protection Day.

Tamara Milas, Programme Associate