PERSONAL DATA PROTECTION

Similar documents
Analytical examination of the acquis communautaire Screening CHAPTER 23 - JUDICIARY AND FUNDAMENTAL RIGHTS

International cooperation on the protection of personal data: Moroccan practice

The Right to Data Protection and the Commissions Adequacy Decision

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 16 thereof,

OPINION OF THE EUROPOL, EUROJUST, SCHENGEN AND CUSTOMS JOINT SUPERVISORY AUTHORITIES

THE LEGAL FRAMEWORK FOR THE PROTECTION OF PERSONAL DATA IN INTERNATIONAL POLICE AND JUDICIAL COOPERATION. Matko Pajčić *

Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

P6_TA-PROV(2007)0347 PNR Agreement

Act No. 502 of 23 May 2018

Data protection and privacy aspects of cross-border access to electronic evidence

PERSONAL DATA PROTECTION PRIVACY INFORMATION FOR THE CITIZENS ON THE RIGHT TO PERSONAL DATA PROTECTION

PE-CONS 71/1/15 REV 1 EN

Table of content What is data protection? Why was is necessary? Beginnings of Data Protection Development of International Data Protection Data Protec

ARTICLE 29 Data Protection Working Party

Action Plan for further steps in the implementation of the Roadmap for visa liberalization

Spring Conference of the European Data Protection Authorities, Cyprus May 2007 DECLARATION

DATA PROTECTION LAWS OF THE WORLD. Colombia vs Germany

COMMUNICATION FROM THE COMMISSION. On the global approach to transfers of Passenger Name Record (PNR) data to third countries

EUROPEAN DATA PROTECTION SUPERVISOR

Council of the European Union Brussels, 27 February 2015 (OR. en)

CONSULTATIVE COMMITTEE OF THE CONVENTION FOR THE PROTECTION OF INDIVIDUALS WITH REGARD TO AUTOMATIC PROCESSING OF PERSONAL DATA

DATA PROTECTION (JERSEY) LAW 2018

EUROPEAN UNION. Brussels, 3 February 2006 (OR. en) 2005/0182 (COD) PE-CONS 3677/05 COPEN 200 TELECOM 151 CODEC 1206 OC 981

ARTICLE 29 Data Protection Working Party

Recommendation for a COUNCIL DECISION

REGULATION (EC) No 767/2008 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL. of 9 July 2008

on the proposal for a Regulation of the European Parliament and of the Council concerning customs enforcement of intellectual property rights

Article 1. Federal Data Protection Act (BDSG)

AKTIVA sistem doo, Novi Sad

EDPS Opinion on the proposal for a recast of Brussels IIa Regulation

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 16 thereof,

Dated Article 1

Meijers Committee standing committee of experts on international immigration, refugee and criminal law

Implementation of GDPR and control mechanisms of data protection institutions in Germany

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 16 thereof,

Privacy and Protection of Personal Data in the EU Transfers of Personal Data to third Countries

ARTICLE 29 Data Protection Working Party

Privacy Notice 1. CONTROLLER S NAME AND DATA

Strengthening Privacy Protection through Co-Regulation

LEGAL BASIS OBJECTIVES ACHIEVEMENTS

EXECUTIVE SUMMARY. 3 P a g e

ARTICLE 29 DATA PROTECTION WORKING PARTY

DATA PROTECTION LAWS OF THE WORLD. Romania

LEGAL BASIS OBJECTIVES ACHIEVEMENTS

***I DRAFT REPORT. EN United in diversity EN 2012/0010(COD)

1. Why do third-country audit entities have to register with authorities in Member States?

JAI.1 EUROPEAN UNION. Brussels, 8 November 2018 (OR. en) 2016/0407 (COD) PE-CONS 34/18 SIRIS 69 MIGR 91 SCHENGEN 28 COMIX 333 CODEC 1123 JAI 829

Republika e Kosovës Republika Kosovo - Republic of Kosovo Kuvendi - Skupština - Assembly

Case C-553/07. College van burgemeester en wethouders van Rotterdam. M.E.E. Rijkeboer. (Reference for a preliminary ruling from the Raad van State)

Adequacy Referential (updated)

LIFTING OF SECRECY OF COMMUNICATIONS 1. APPLICABLE PROVISIONS AT CONSTITUTIONAL AND SUPRALEGISLATIVE LEVELS (INTERNATIONAL AND EUROPEAN) Pursuant to

Opinion of the European Union Agency for Fundamental Rights on the proposed data protection reform package

POLICE ACT GENERAL REGULATIONS

DATA SHARING AND PROCESSING

AMENDMENTS EN United in diversity EN. European Parliament Draft report Claude Moraes (PE v02-00)

DIRECTIVE 95/46/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL. of 24 October 1995

EBA/GL/2015/ Final Guidelines. on the minimum criteria to be fulfilled by a business reorganisation plan

Opinion of the European Data Protection Supervisor

REVISED DRAFT LAW THE SPECIAL STATE PROSECUTOR S OFFICE OF MONTENEGRO

The NATIONAL CONGRESS decrees: CHAPTER I PRELIMINARY PROVISIONS

ISRAEL. Decision of OJ L 147/1 of Agreement: art. 49 OJ L 147/12. Protocol No 5 OJ L 147/154

the Commisslone Mazionale per le Sodeta e la Borsa in ItaJy and the Public Company Accounting Oversight Board In the United States

A. S. Uzlău C. M. Uzlău

The Act on Processing of Personal Data

Annex 1: Standard Contractual Clauses (processors)

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 172 thereof,

Is information about legal entities personal data? No. The DPA only applies to information about individuals as opposed to legal entities.

Comments. made by the Conference of the German Data Protection Commissioners of the Federation and of the Länder. of 11 June 2012

The High Contracting Parties to the present Treaty, Member States of the European Union,

Annex - Summary of GDPR derogations in the Data Protection Bill

EUROPEAN DATA PROTECTION SUPERVISOR

Council of the European Union Brussels, 8 October 2015 (OR. en)

Hong Kong General Chamber of Commerce Roundtable Luncheon 13 April 2016 Collection and Use of Biometric Data

Federal Law Gazette I Issued on 6 November 2015 No of 11 FEDERAL LAW GAZETTE FOR THE REPUBLIC OF AUSTRIA Issued on 6 November Part I

PROVISIONAL VERSION. REGULATION (EU) No.../2013 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

Submission on the General Scheme of the Data Protection Bill 2017 to the Committee on Justice and Equality. by Dr Eoin O Dell *

COMMISSION REGULATION (EU)

EU LEGISLATION (INFORMATION ACCOMPANYING TRANSFERS OF FUNDS) (JERSEY) REGULATIONS 2017

Data Protection in Germany

Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

Opinion 3/2016. Opinion on the exchange of information on third country nationals as regards the European Criminal Records Information System (ECRIS)

A Guide to Ontario Legislation Covering the Release of Students

The Transfer of Data Abroad by Private Sector Companies: Data Protection Under the German Federal Data Protection Act

STATE OF PERSONAL DATA PROTECTION IN GEORGIA

Assessing the necessity of measures that limit the fundamental right to the protection of personal data: A Toolkit

Opinion of the Joint Supervisory Body of Eurojust regarding data protection in the proposed new Eurojust legal framework

Official Journal of the European Union. (Legislative acts) DIRECTIVES

The EDPS has limited the comments below to the provisions of the Proposal that are particularly relevant from a data protection perspective.

ARTICLE 29 Data Protection Working Party

Organic Farming Act. Passed RT I 2006, 43, 327 Entry into force

Implementing Data Protection in Law

POLICE COOPERATION ISSUES RELATED TO (PREPARATION TO ACCESSION) SCHENGEN OPERATIONAL CROSS BORDER CO-OPERATION BORDER POLICE DIRECTORATE

Migrants Who Enter/Stay Irregularly in Albania

Public access to documents containing personal data after the Bavarian Lager ruling

DATA PROTECTION LAWS OF THE WORLD. Ukraine

LAW ON FOREIGN TRADE IN WEAPONS, MILITARY EQUIPMENT AND DUAL-USE GOODS (Published in the Official Gazette No 7 from February 2, year 2005.

Organic Farming Act. Passed RT I 2006, 43, 327 Entry into force

Council of the European Union Brussels, 8 February 2016 (OR. en)

PARLIAMENTARY ASSEMBLY OF BOSNIA AND HERZEGOVINA 308 LAW ON AMENDMENTS TO THE LAW ON THE PROTECTION OF PERSONAL DATA

COMP Article 1. Article 1 Subject matter and objectives

Transcription:

PERSONAL DATA PROTECTION

Protection of Personal Data and Relevant European Legislation (1) 1. Guidelines for the Regulation of Computerized Personal Data Files adopted by General Assembly resolution 45/95 of 14 December 1990; 2. Organization for Economic Cooperation and Development (OECD): Recommendation of the Council concerning Guidelines Governing the Protection of Privacy and Transborder Flows of Personal Data, adopted by the council on 23 September 1980; 3. European Convention for the Protection of Human Rights and Fundamental Freedoms, Article 8; 4. Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (Strasbourg, 28 January 1981) - Additional Protocol to the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, regarding supervisory authorities and transborder data flows (Strasbourg, 8 November 2001);

Protection of Personal Data and Relevant European Legislation (2) 5. Treaty on the Functioning of the European Union, Article 16; 6. Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data; 7. Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector; 8. Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC;

Protection of Personal Data and Relevant European Legislation (3) 9. Directive 2009/136/EC of the European Parliament and of the Council of 25 November 2009 amending Directive 2002/22/EC on universal service and users rights relating to electronic communications networks and services, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector and Regulation (EC) No 2006/2004 on cooperation between national authorities responsible for the enforcement of consumer protection laws; 10. Council Framework Decision 2008/977/JHA of 27 November 2008 on the protection of personal data processed in the framework of police and judicial cooperation in criminal matters; 11. Charter of Fundamental Rights of the EU of 7 December 2000

Regulations of the Republic of Serbia Constitution of the Republic of Serbia ( Official Gazette of RS, no. 98/06); Law on Personal Data Protection ( Official Gazette of RS, no. 97/08, 104/09 oth. law, 68/12 UC and 107/12); Law Confirming the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data ( Official Gazette of FRY International Agreements, no. 1/92, Official Gazette of SMNE International Agreements, no. 11/05 and Official Gazette of RS International Agreements no. 98/08 oth. law and 12/10); Law Confirming the Additional Protocol to the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, regarding supervisory authorities and transborder data flows ( Official Gazette of RS International Agreements no. 98/08); Strategy on Personal Data Protection ( Official Gazette of RS, no. 58/10).

Laws of Importance for the Protection of Personal Data Law on the General Administrative Procedure; Misdemeanour Law; Law on Administrative Disputes; Law on the Free Access to Information of Public Importance; Law on Data Secrecy; Law on Police; Law on Healthcare Protection; Labour Law; Law on Electronic Communications; Criminal Procedure Code; Law on Banks; Other laws.

Bylaws Adopted Pursuant to the Law on Personal Data Protection Decree on the Form for and Manner of Keeping Records of Personal Data Processing ( Official Gazette of RS, no. 50/09); Bylaw on the Manner of Prior Verification of Personal Data Processing Actions ( Official Gazette of RS, no. 35/09); Rulebook on the Form of ID for Persons Authorized to Undertake Supervision as per the Law on Personal Data Protection ( Official Gazette of RS, no. 35/09); Acts of the Commissioner for Information of Public Importance and Protection of Personal Data on Staffing Available Workplaces in the Professional Service of the Commissioner and the work of the Professional Service. The preparation of the text of the Provision on the Method of Archival and Measures of Protection for Particularly Sensitive Personal Data is under way, to be adopted by the Government with the previously obtained opinion by the Commissioner and the Action plan for the Implementation of the Strategy for Personal Data Protection, adopted by the Government.

Institutional Framework Commissioner for Information of Public Importance and Personal Data Protection (deputy Commissioner for Personal Data Protection, persons authorized for supervision, professional service of the Commissioner); Ministry of Justice and Public Administration (drafting of regulations); Data controllers (public authorities, natural persons and legal entities), data processors and data users.

Activities of the Commissioner in the Field of Personal Data Protection Executed 184 prior checks of data processing activities, with irregularities found in 118 cases; Executed 365 supervisions, with 223 violations of law found in 103 cases; Adopted 67 warnings regarding irregularities in processing; Ordered 14 measures; Submitted a proposal to the Constitutional Court for the assessment of Article 286 of the Criminal Procedure Code; Submitted 35 requests for initiating misdemeanour proceedings and one case of criminal charges; Acted on 174 appeals; Undertaken entry into the Central Registry of 303 handlers and 1,575 records on collections of personal data; Acted on 12 requests for the transmission of personal data outside the Republic of Serbia.

Administrative Capacities Commissioner, Deputy Commissioner, professional service with 46 employees, Supervision Sector with 12 employees; Department for Normative Affairs in the Judiciary at the Ministry of Justice and Public Administration; Internal organizational units, i.e. individual employees in public administration bodies.

Harmonization of Laws with the Relevant European Legislation (1) The Law on Personal Data Protection is Partially harmonized. Harmonization needs to be ensured with regards to: Precisely defining some of the fundamental terms; Territorial jurisdiction of the law; Precise definition of fundamental principles; Precise definition of provisions on particularly sensitive data, conditions for their processing and method for processing; Providing data for use to another controller or user; Data processing for the purposes of media, artistic or literary expression; Contracting of processing operations; Precisely defining the authorizations of the Commissioner; Transfer of data outside the Republic of Serbia.

Harmonization of Laws with the Relevant European Legislation (2) Other laws and bylaws A large number of laws need to be harmonized with the provision of Article 42 of the Constitution, envisaging that the collection, processing and use of data needs to be regulated by the law, provisions of the Law on Personal Data Protection and international standards.

Criminal Prosecution, Judicial Cooperation and Protection of Personal Data (1) The right to respect for the private and family life, home and correspondence may be limited under the criminal procedure pursuant to the Constitution and the Criminal Procedure Code; Provisions on the protection of personal data in automatic databases also relate to personal data kept in records in the criminal field; The rights regarding personal data protection (right to information and right of access) may be limited for the prevention, discovery, investigation and criminal prosecution of criminal offences pursuant to the Law on Personal Data Protection and the Criminal Procedure Code;

Criminal Prosecution, Judicial Cooperation and Protection of Personal Data (2) In regards to data already collected, and after a decision on not using these data for criminal prosecution, Article 163 of the Criminal Procedure Code envisages that the judge shall adopt a decision as per the previous procedure on the destruction of materials collected using special evidentiary activities, including personal data, unless the public prosecutor initiates criminal proceedings within 6 months of the date of being introduced to the materials, or states they will not use it in the proceedings. There is a possibility of notifying the person against whom such special activities were implemented on such a decision if their identity was determined during the implementation of the activity, and if this would not jeopardize the possibility of holding criminal proceedings; The competence of the Commissioner includes supervision over the protection of personal data in the field of criminal law and supervision over the transfer of personal data in judicial cooperation.

JUDGMENTS OF THE EUROPEAN COURT OF JUSTICE (1) 1. Judgment of the Court of 20 May 2003 in Joined Cases C-465/00, C-138/01 and C- 139/01, Rechnungshof; 2. Judgment of the Court of 6 November 2003 in Case C -101/01 OJ C 7, Bodil Lindqvist; 3. Judgment of the Court (Grand Chamber) of 30 May 2006, Joined Cases C 317/04 OJ 228, and C-318/04 OJ C 228 passenger data records; 4. Judgment of the Court of 16 December 2008 in Case C-524/06 OJ 44 - Huber general processing of personal data and concept of necessity; 5. Judgment of the Court of 16 December 2008 in Case C-73/07 OJ c 44- Satakunnan processing and flow of tax data of a personal nature;

JUDGMENTS OF THE EUROPEAN COURT OF JUSTICE (2) 6. Judgment of the Court of 9 March 2010 in Case C-518/07 OJ C 113 independence of national supervisory authorities; The Law on Personal Data Protection is harmonized with this Judgment, envisaging that personal data protection activities shall be performed by the Commissioner for Information of Public Importance and Personal Data Protection, as a separate state authority, independent in executing its competence 7. Judgment of the Court of 7 May 2009 in Case C- 553/07 OJ C 153- Rijkeboer; 8. Judgment of the Court of 9 November 2010 in Case C- 92/09 OJ C 317 и C 93/09 - Volker und Markus Schecke. 9. Judgment of the Court of 9 March 2010 European Commission vs. Germany 10. Judgment of the Court of 16 October 2012 European Commission vs. Austria

European Commission Decisions (1) 1. ARGENTINA Commission Decision C (2003) 1731 of 30 June 2003 - L 168; 2. CANADA Commission Decision 2002/2/EC of 20 December 2001 - L 2 on the adequate protection of personal data provided by the Canadian Personal Information Protection and Electronic Documents Act; 3. SWITZERLAND Commission Decision 2000/518/EC of 26 July 2000 L 215; 4. UNITED STATES OF AMERICA Safe Harbor Commission Decision 2000/520/EC of 26 July 2000 - L 215; 5. GUERNSEY Commission Decision 2003/821/EC of 21 November 2003, on the adequate protection of personal data L 308; 6. ISLE OF MAN Commission Decision 2004/411/EC of 28 April 2004 on the adequate protection of personal data L 151;

European Commission Decisions (2) 7. JERSEY Commission Decision оf 8 May 2008 on the adequate protection of personal data L 138; 8. FAROE ISLANDS Commission Decision оf 5 March 2010 on the adequate protection of personal data L 58; 9. ANDORRA Commission Decision оf 19 October 2010 on the adequate protection of personal data L 227. Article 53 of the Law on Personal Data Protection envisages that personal data can be transferred from the Republic of Serbia to a state party to the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, as well as to other country or international organization, if they provide a level of protection equivalent to that envisaged by the Convention, with the permission of the Commissioner..

Model of the Contract for the Transfer of Personal Data to Third Countries 1. Commission Decision 2001/497/EC of 15 June 2001 on standard contractual clauses for the transfer of personal data to third countries L 181; 2. Commission Decision 2004/915/EC of 27 December 2004 amending Decision 2001/497/EC as regards the introduction of an alternative set of standard contractual clauses for the transfer of personal data to third countries L 358; 3. Commission Decision of 5 February 2010 on standard contractual clauses for the transfer of personal data to processors established in third countries under Directive 95/46/EC L 39. Article 53 of the Law on Personal Data Protection envisages that personal data can be transferred from the Republic of Serbia to a state party to the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, as well as to other country or international organization, if they provide a level of protection equivalent to that envisaged by the Convention, with the permission of the Commissioner.

Personal Data Protection in European Institutions and the European Data Protection Supervisor 1. Regulation (EC) 45/2001 of the European Parliament and of the Council of 18 December2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data L 8; 2. Decision No 1247/2002/EC of the European Parliament, of the Council and of the Commission of 1 July 2002 on the regulations and general conditions governing the performance of the European Data-protection Supervisor's duties L 183; 3. 2004/55/EC: Decision of the European Parliament and of the Council of 22 December 2003 appointing the independent supervisory body provided for in Article 286 of the EC Treaty (European Data Protection Supervisor) L 12. Applicable as of the date of accession of the Republic of Serbia to the European Union

Future Activities Amendments to the Law on Personal Data Protection, and/or the adoption of a new law; Harmonization of sectoral laws; Adoption of laws in areas currently unregulated. Having in mind the number of relevant international documents, as well as the sensitivity of the issue, the time limit for the final adoption of the above law should be a mid-term period of at most two years.

REPUBLIC OF SERBIA The Negotiating Team for Accession of the Republic of Serbia to the European Union THANK YOU FOR YOUR ATTENTION QUESTIONS

2024 © lawsdocbox.com Privacy Policy | Terms of Service | Feedback