On July 08, 2022, the discussion table on the law on the protection of personal data was held that took place within the framework of the Partnership Platform for European Integration and the National Convention for European Integration 2021-2023 organized by the Ministry of Justice and the European Movement in Albania. This activity was attended by representatives apart from Ministry of Justice, also from other state institutions, the civil society sector, and universities. It was organized  in the hybrid format, with physical participation in the premises of Xheko Hotel Imperial and online on the ZOOM platform.

The meeting was opened by the Deputy Minister of Justice, Adea Pirdeni, who thanked the members of the panel for their participation and stated that the Ministry of Justice has begun to work with and share this draft law with interest groups since June, putting the appropriate information on their official website as well as including civil society organizations and business actors in the consultation process for this draft law. The draft law, she said, aims to strengthen the protection mechanism by adding categories of rights and strengthening the obligations towards the controllers. The purpose of the draft law, according to Pirdeni, is to provide a broader framework on how the process of guaranteeing data should be developed, to strengthen mechanisms of controls and sanctions in full compliance with the protection of personal data.

Gledis Gjipali, Executive Director of EMA emphasized the work that must continue for the drafting and updating of legislation and the preparation of institutions, related to capacity building, which are a substantialfactor on the development of whole process. He stated that there will be an increasing need for capacity building initiatives and activities, not only for public administration structures, but also for other interest groups that are closely related to Chapter 23 issues. He underlined that Chapter 23 is of particular importance at the moment where the country is now standing, as it is one of the first chapters that will be opened under EU negotiations proces, as has happened with other countries that have already opened the accession talks such as Serbia or Montenegro.

Elona Bano, Director for Integration and Negotiations at the Ministry of Justice emphasized that there are a number of objectives aimed through the adoption of Prime Minister’s Order No. 113 of 2019 for the forms of participation, operation and structure of the Partnership Platform for European Integration. The most relevant ones are: public awareness on the EU membership process, explanation of the importance of this process on society, the economy and the whole country, and to ensure what is most important, the inclusion of civil society in this process, which, as Bano also underlined, must be inclusive and comprehensive. She clarified that the Table for Chapter 23 was founded in 2020 and at first had only 9 members, and now after the third published call for applications there are 12 members coming from the municipalities, 18 representatives from the academic world and 8 institutes and associations that make a total of 38 members for the Roundtable of Chapter 23. The members of the table do not meet only in large meetings, but also in smaller and more specific groups considered relevant and have been also organized. Hence, she mentioned that a mock trial has been carried out on this topic so that the participants to have the opportunity to be informed, as well as to engage and be involved on the process.

Ilir Bejko, Director of Public Law, General Directorate of Codification and Harmonization of Legislation, Ministry of Justice paid attention to the question “How can data be protected?”. He explained that the Constitution of the Republic of Albania guarantees in its Article 35 the protection of personal data and guarantees each individual to decide for themselves what personal data they want to make public and allow to be used by third parties. Bejko clarified that this right has been rewarded as the basis for the new draft law on the Protection of Personal Data, which aims to protect personal data in the Republic of Albania. For the Ministry of Justice, this draft law, according to him, is considered to be of very special importance, as it will guarantee every citizen the protection from the misuse of personal data as well as the protection of the private sphere according to the principles defined in the GDPR. Based on this draft law, data processing will have to be carried out only when there is a specific purpose/reason and they must be deleted immediately if the purpose does not exist anymore. In addition, measures and sanctions have been added to prevent the misuse of this data. Those affected have the right to be informed about the processing of their data and, as the case may be, to object to this procedure, or to request accuracy. He emphasizes once again that it is very important to get the opinion of civil society in terms of the protection of personal data, since the Ministry itself evaluates this process as essential for the implementation of the best possible law.

Blerta Xhako, Director of Legal Affairs and Integration, Commissioner for the Right to Information and Protection of Personal Data explained that during the year 2021-2022 the twinning project was implemented through several Austrian and Italian experts, which consists of 3 components, the first is the realization of a draft law on the protection of personal data and the drafting or revision of the instructions, i.e. by-laws; the second is the strengthening of the capacity of the staff in the commissioner’s offices with the innovations brought by the draft law on the protection of personal data and finally the information and awareness of all public and private controllers on the innovations of the law. Xhako explained that the objective of this project is to develop the rights of the data subject, to increase a higher level of control by strengthening some of the rights that they currently enjoy, but which are now more elaborated and comprehensive. One of the newly introduced rights is  the right to be forgotten, which is a new right included in the Albanian legislation and which is related to the right of the subject and of every citizen to delete personal data from all sites online and search engines such as Google or social networks. If this is the case all operators have an obligation to fulfill the request of the individual and if they consider it reasonable based on what the law provides, they must delete it, since this data may negatively affect the reputation of the affected person .

Zuzana Motúzová, Slovak lawyer and data protection expert during her speech presented in detail how the GDPR is being implemented in Slovak domestic legislation – focusing on the main principles and implications that the implementation of this regulation has. The general data protection regulation which changed the protection of personal data in the EU, known simply as GDPR, has made possible the general unification of their protection at the level of the entire European Union, as well as reinforced technical neutrality and responsible implementation of adequate information security measures. Also, Motúzová emphasized the fact that it should be taken into account that the GDPR is implemented by the public and private sectors, increasing the level of responsibility and obligations for both sectors. She highlighted the rights that the GDPR guarantees, focusing on the right to be forgotten as a legal and technical challenge. Among other things, she explained the list of data that can be processed and paid special attention to personal biometric data, the processing of which is prohibited, unless the GPDR allows it (Article 9 par. 2). At the end of her speech, she offered some recommendations on how institutions and affected actors and citizens should prepare for the changes and effects brought by the implementation of legislation aligned with GDPR, giving concrete cases from Slovakia and examples of successful practices. Motúzová paid particular attention to the role that must be played by the Authority for the protection of personal data.

The second part of the meeting was dedicated to discussions and comments by the participants, members of the round table for Chapter 23, where many questions were raised and some of the engaged participants offered their recommendations in relation to some areas and issues mentioned during the presentations, with a focus on the consultation process of the draft law, but also the measures for increasing of the capacities for its implementation. Questions asked were mostly linked with more clarification on the innovations the law will bring and how the procedures foreseen will be implemented in reality.