Legal analysis of the law
- Title of the law and Official Gazette number (last change or modification)?
Law on Electronic Communications („Official Gazette of the Republic of Macedonia“ no. 39/2014 and 188/2014
- Does the Law envisage processing of personal data and in what type of Collection? (Evidence, Register, Database)?
Records of all subscriber established relationships
Records of the Office of Information
White Pages (phone-book)
- What is the purpose of collecting personal data? Is that purpose clear?
Providing telecommunications services.
- What categories of personal data are collected? Is the scope in compliance with the purpose?
Operators can obtain the following information from their subscribers:
- Name of title of the subscriber,
- PIN number for physical persons or tax and registration number for legal entities
- Work activity of the subscriber,
- Address of the subscriber,
- Subscriber number,
- Academic title of profession
- On the basis of payment, additional data, provided that it does not threaten the rights of third parties.
Data listed can only be used for:
- conclusion, monitoring and termination of subscriber contracts,
- recovery services,
- preparation and publication of phone-books under this Act and
- other purposes in accordance with the law, based on the consent of the subscriber.
- Who collects the personal data at first instance? (company, institution)
Telecommunications operator.
- Is the Consent of the data subject for personal data protection envisaged by this law?
Yes. For their availability in the phone-book.
- Is the keeping period of personal data clearly defined?
Yes.
- Does the law contain separate provision for personal data protection that clearly states the implementation of technical and organizational measures?
In the arrangement of the definitions of the Law it is stipulated that the breach of security of personal data is a disorder leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access to personal data transmitted, stored or otherwise processed in relation to the public electronic communications services.
The protection of personal data is one of the principles of action of the Agency for Electronic Communications. At the same time, it is envisaged that the AEC in cooperation with the Directorate shall lay down rules for processing of personal data.
Article 167 and 168 regulates the protection of the subscriber in the event of a breach of personal data as well as it’s confidentiality.
Matter of protection of personal data is regulated in regards of the issue of the phone-book as a public record.
- Is the processing of personal data prescribed by this law connected to implementation of another law?
Law on Obligation Relations.
- Are there any exceptions for processing of sensitive data? (PIN, biometrics, video surveillance)
PIN.