SERBIA Law and Practice Contributed by: Vladimir Djeric, Katarina Radovic and Lena Petrovic, Mikijelj, Janković & Bogdanović
If the reported incident is of a public interest, RATEL may order its public disclosure. If the inci - dent is related to crimes prosecuted ex officio, RATEL shall inform the competent Public Pros - ecutor’s Office and/or the Ministry of the Interior. If the incident involves a violation of personal data, RATEL will report the incident to the Com - missioner for Protection of Personal Data (Article 11 of the ISA). According to the Constitution of Serbia, ratified international treaties and generally accepted rules of international law are part of the legal system of Serbia, and laws and other general acts enacted in Serbia have to comply with rati - fied international treaties and generally accepted rules of international law (Article 194 of the Con - stitution). In the context of personal data protection, Ser - bia has ratified the Council of Europe’s Conven - tion for the Protection of Individuals with regard to Automatic Processing of Personal Data and its Additional Protocol regarding Supervisory Authorities and Transborder Data Flows (ETS No 108, Strasbourg, 28 January 1981) (the “Conven - tion”). The Convention serves as a legal ground for transfer of data from Serbia to the UK after Brexit, since the UK is party to it and signatories of the Convention are considered to be countries that ensure an adequate level of data protection. Serbia is also a signatory to various international agreements that contain provisions that could be relevant for accessing or obtaining data pro - cessed in the territory of Serbia, mostly in the context of international co-operation in civil and criminal matters. Because Serbia is in the process of accession to the EU, much Serbian legislation focuses on the
implementation of the standards and provisions provided by EU legislation. Moreover, the PDPA contains solutions provided by the GDPR and Directive (EU) 2016/680 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of crimi - nal offences or the execution of criminal penal - ties, and on the free movement of such data (the Under Serbian legislation, the main regulator in the area of data protection is the Commissioner for Information of Public Importance and Pro - tection of Personal Data (“the Commissioner”), whose prerogatives are defined by the PDPA. Under the PDPA, the Commissioner is a super - visory body that: • monitors and enforces the application of the PDPA; • advises the national parliament, the govern - ment and other institutions and bodies on legislative and administrative measures relat - ing to the protection of natural persons’ rights and freedoms with regard to processing; • provides information to any data subject concerning the exercise of their rights under the PDPA; and • co-operates with the supervisory authorities of other states. The Commissioner also: “Police Directive”). 1.2 Regulators • handles complaints lodged by a data subject; • prepares standard contractual clauses and authorises contractual clauses that would serve as an adequate safeguard for the transfer of data to a country or international
372 CHAMBERS.COM
Powered by FlippingBook