On the occasion of the European Data Protection Day, a gathering was held in the Serbian Chamber of Commerce on 28 January 2015.
Organised by the Association for Electronic Communication and Information Society of the Serbian Chamber of Commerce and the Informatics Association of Serbia, this gathering presented participants with an excellent opportunity to proactively exchange their views on the results of the activities of the Serbian Commissionaire for Personal Data Protection so far, current issues and trends in privacy protection and especially on the manner that individual rights are jeopardised by way of electronic trade and on the internet in general.
This well attended event gathered, among others, Aleksandar Resanović, the Deputy Commissionaire for Personal Data Protection, who particularly emphasised the necessity for the enactment of a new law on personal data protection in order to regulate important questions which the current law does not address, as well as in order to substantially change a number of currently inadequate solutions.
Video Surveillance Concerns
The participants agreed that video surveillance probably presents the area which most urgently needs to be regulated, taking into account the fact that cameras are located practically at every second corner and that the current law does not contain a single provision prescribing the conditions and limitations for undertaking this activity. It was emphasised that capturing video footage in public places, as well as their online monitoring in real time, presents a serious threat to individual privacy and therefore needs to be limited to justified cases only, with access available exclusively to authorised persons and protected by adequate technical measures from external breaches.
In addition, special attention was paid to the possible misuse of individual identification documents, the copying of which is a rather common practice of both the private sector and state authorities in Serbia today. The risks inherent to such practice include identity theft, the consequences of which may be quite serious – as evidenced recently by media headlines concerning registration of companies and extracting money through loans obtained by using a false identity.
Improving Data Security
Finally, data security in general was discussed in view of recent IT improvements, both software and hardware related. The continuous update of technical security solutions in data management was acknowledged by the participants not only as useful, but as a vital precondition for mitigating the risks of everyday business to an acceptable level. Examples were provided as to how individual fingerprints or iris scans can easily be captured from a distance by using simple smartphone cameras, thus exposing serious risks of intrusion into data management systems protected by these systems.