Centre for Civic Education (CCE), on the occasion of International Data Protection Day, recalls the obligation to adopt a new Law on Personal Data Protection, aligned with the European Union acquis communitaire, in particular with the General Data Protection Regulation (GDPR). Legislative solutions and practices must keep pace with rapid technological development, the expansion of social media, and the increasing use of artificial intelligence.
CCE emphasises that data protection entails regulating the collection, use, and storage of personal data in order to safeguard individual privacy in the digital environment. At a time when communication and business activities are predominantly conducted online, this issue acquires particular significance. Personal data are increasingly treated as a resource for profit-making or as a means of control, while violations of rights manifest through unlawful surveillance of communications, theft of financial data, data leaks, and unauthorised processing of personal information. If such violations remain unsanctioned, the security and freedom of individuals are put at risk. It is therefore essential for state authorities to develop sustainable mechanisms to prevent the unauthorised collection and misuse of personal data. At the same time, they face the challenge of ensuring a balance between the protection of privacy and the development of digitalisation and artificial intelligence, as citizens must be guaranteed the right to access their personal data, to request their correction and completion, as well as the right to be forgotten once the purpose of data processing ceases to exist.
CCE points out that Montenegro continues to face serious challenges in this area. The adoption of a new Law on Personal Data Protection is crucial, as is strengthening the budgetary framework in order to ensure greater independence of the Agency for Personal Data Protection. In addition, Montenegro has yet to ratify the 2018 Protocol of the Council of Europe amending Convention 108.
Furthermore, over the past year, there have been several instances of unlawful surveillance of the communications of journalists or civil society activists. Such practices are particularly dangerous, as the monitoring and disclosure of communications in cases where there is no reasonable suspicion of a criminal offence are most often aimed at achieving political objectives and silencing critical voices, thereby undermining the very foundations of the rule of law. The Special State Prosecutor’s Office and investigating judges must consistently comply with the legal conditions for the application of covert surveillance measures, as prescribed by the Criminal Procedure Code.
Continuous dialogue among the academic community, civil society organisations, and the media is also necessary in order tostrengthen awareness of privacy protection as one of the fundamental values. In parallel, ethical guidelines for the governance of artificial intelligence should be developed to ensure that technological progress serves the public interest.
The complexity of contemporary challenges in the field of data protection requires a decisive response from the state. Failure to do so risks violations of privacy, the narrowing of space for critical discourse, and the long-term weakening of democratic and Europeanisation processes. CCE therefore calls on the competent authorities to act responsibly and in a timely manner to ensure an adequate level of personal data protection in a period of intensive digital transformation.
International Data Protection Day is marked on 28 January, noting the adoption of Council of Europe Convention 108 in 1981, the first international legal instrument dedicated to the protection of personal data.
Dr Ivan Vukčević, Human Rights Programme Coordinator