Norwegian grant for institutional strengthening of the Directorate for Personal Data Protection

"Technical assistance for strengthening the organizational and institutional capacities for protection of personal data".

The main goal of this project is further strengthening of the organizational and institutional capacity of the Directorate for Personal Data Protection for better and more effective protection of privacy on social networks, improving the services of social networks in terms of protection of the right to privacy, raising public awareness about the right to privacy when using the Internet, as well as strengthening their knowledge regarding contemporary technological developments and emerging issues related to privacy as cloud computing.

With this project, the Directorate for Personal Data Protection will provide support from the Norwegian authorities for personal data protection by creating better mechanisms for the protection of personal data on social networks, raising awareness about privacy and technological development, and capacity building of the Directorate for Personal Data Protection by providing a more efficient way to protect personal information on the Internet and social networks.

The project will be implemented through two components:

  • The first component relates to the protection of personal information on social networks. For that purpose, a team of the Directorate for Personal Data Protection will be formed to respond to the requests of citizens whose personal data are abused or whose privacy is violated on social networks.
  • The second component is targeted to the employees of the Directorate for Personal Data Protection, to the controllers and processors in order for them to gain knowledge about Cloud computing and the protection of personal data. Within the second component, regional conference will be organized which will be dedicated to new technological developments and protection of personal data.

In previous years (over a decade) we are witnessing а revolution in communications. Increasing number of professional, and private communication take place on-line and bidirectional. Growing trend is the increasing number of services available on-line, accompanied by a large amount of multimedia content. This trend is followed by many countries offering on-line services for its citizens of all kinds, which further contribute to the further development of the digital (information) society looking at this type of service delivery vehicle for further savings or  costs reduction by  providing services  to citizens, as well as asset for development of new and previously unavailable services often only online since thereby be accessible regardless of physical limitations including territorial limitations. In such an environment, an interest is manifested in elaboration of appearances of social networking and cloud computing concept concerning the protection of personal data that inevitably circulated on the Internet in various forms and contexts. The protection of personal data is a subject of intense global debate triggered by the extraordinary development of information technology (IT), an ever-growing capacity of products for storage and processing of data and their interrelations. In this context, and as part of the project, an Analyses on current state of the organizational and institutional capacities for protection of personal data was made.

As part of the project, a research is done to measure the awareness Macedonian companies have of Cloud Computing. Conducted on 249 companies with a different profile, the results point out the fact that the term "cloud computing" is still not well known, i.e.t there is only a partial degree of awareness among companies upon this term.

The importance of personal data protection as the main goal of this research that consists of two parts: a qualitative and quantitative, confirms that companies perceive security and control of data as the lightest advantage.

The qualitative part of the survey, conducted through discussions with professionals in the IT sector have confirmed the results from the quantitative part – the fact is that this target audience (unlike the rest of the companies) is much better informed regarding the subject, therefore those that offer or intensively use such services are more likely to be the ones to lead the regulation rather than just to follow. The continual, daily monitoring of what is going on with the subject, combined with the new problems that arise and for which solutions should be found, as well as the need to stay within the borders of what is legally allowed makes them most relevant for completing the regulation for cloud computing that would be good to exceed the policy level, moving towards full control not only regarding keeping but also accessing the personal data.