Legal framework for privacy
Macedonia has its own legal framework that guarantees the right to privacy and protection of personal data. Article 25 of the Constitution states:
“Every citizen is guaranteed the respect and protect the privacy of personal and family life, dignity and reputation.”
Article 18, however, says:
“The safety and confidentiality of personal data is guaranteed.
Citizens are guaranteed protection from infringement of personal integrity arising from the registration of personal information through data processing. “
The Constitution protects the privacy and freedom of communication: Article 17 states,
” The freedom and secrecy of correspondence and other forms of communication is guaranteed.
Only a court decision may deviate from the principle of inviolability of the secrecy of correspondence, if necessary for a criminal investigation or it is in the interests of the defense of the Republic.”
Finally, Article 26 guarantees the inviolability of the home:
”The inviolability of the home is guaranteed. The right to inviolability of the home may be restricted only by court decision in the detection or prevention of crime or the protection of human health.”
Apart from the legal framework provided in the Constitution, there are additional laws and regulations in Republic of Macedonia that promote the protection of citizens’ personal data and their privacy.
The Law on Protection of Personal Data, adopted in 2005, defines the ways in which citizens’ personal data is collected, when the collection and storage of personal data is allowed and when it is not, it defines categories of personal data based on sensitivity, and also measures to protect them from illicit processing.
Generally, citizens’ personal data may only be processed with the express consent, except in cases of great importance for the security of the country.
Furthermore, the law specified technical measures necessary for the physical security of databases. In the period after the initial adoption of the law in 2005, guides and handbooks were made which further specified the necessary technical measures for institutions to collect, store and / or process personal data, which further contributes to the security of the data.
In recent guides, the latest available now dated 03.2014, there are listed administrators of databases, which have obligations prescribed by law, such as maintenance of databases, providing the servers that store data technical measures for physical security and protection from external influences, approving and creating access through passwords to employees who use such data in daily operations, multiple levels of authorization etc.
With the latest guides and bylaws, we notice a trend of following and specifying the regulations concerning the protection of personal data and the right to privacy with the widely accepted proposals by the EU and the global scene.
Besides the above mentioned constitutional and legal provisions that promote privacy and protection of personal data, there are a number of other laws and regulations that belong to certain sectors (such as the Law on State Statistics and the Law on Social Protection) that further ensure this basic human right. Because the police authorities, the employment agency, pension insurance, etc., use (collect, store, process) personal data in their daily operations, it is necessary in such instances to further specify the ways in which this data will be used, as well as mechanisms for protection from abuse.