Writing for International Law Office (“New e-signature and data protection acts create new IT framework”), Hoxha Memi & Hoxha lawyer Ilir Johollari explains some recent legislative developments in one of Europe’s least-known jurisdictions. On personal data protection the authors write:
“Modern use of information and communication technology raises the issues of privacy and personal data protection. In this regard, Parliament has approved the Law on the Protection of Personal Data (9887/2008). Under the law, personal data must be processed in a way that respects human rights and freedoms and privacy.
The law applies to the automatic processing of personal data. Protection of personal data is based on fair, transparent and lawful processing of such data, which is limited to the purpose for which the data is needed. Personal data may be processed only with the subject’s consent.
The law regulates the international transfer of personal data. Such transfer may take place between countries that can ensure adequate levels of data protection. The Council of Ministers recently approved Decision 934/2009 on countries that have adequate levels of protection. In particular, the EU member states are considered as having adequate levels of protection.
The Commission for the Protection of Personal Data is the public authority in charge of supervising and monitoring the protection of personal data, in accordance with fundamental human rights and freedoms”.