One Year of the New Personal Data Protection Law, Where Are We at Now?

One Year of the New Personal Data Protection Law, Where Are We at Now?

North Macedonia
Tools
Typography
  • Smaller Small Medium Big Bigger
  • Default Helvetica Segoe Georgia Times

Back in February 2020, the new Personal Protection Data Law was published in the official gazette, which meant that North Macedonia was catching up with the European Union on personal data protection.

But, the government gave enough time for the companies to settle and this was to be practiced starting from the 24th of August, 2021. 

Maybe because there was not enough fuss sooner, everyone started talking about being compliant with the new law sometime around the beginning of August last year. Back in August last year, everyone was trying to find professional consultants who can help them to adopt the necessary documents and actions to comply with the new law. 

This meant doing very complex work in a hurry, which resulted in many companies only having the documentation drafted, and not adopting the process as much as the law expected. 

But maybe this is something that was expected since the personal data protection regulation was not easily welcomed by anyone who was focused on improving the revenue. The businesses all felt that this was an unnecessary burden. 

For this reason, the Agency and the Ministry of Justice acknowledged the need for more time for the controllers and informed the public that the first six months will have a softer approach to the private sector. This means a more educational and corrective approach, rather than penalizing the controllers with the high misdemeanor penalties that the law prescribed. 

This is how the Agency approached and continued with a great work of education and giving guides to the controllers on how to comply with the law. Many pieces of training, publications, and other educational materials were published on the website. On a more individual approach, the Agency approached many controllers who were using their website as a webshop and guided them through the process of how to comply with the new obligations. 

With this, it seemed also that the public and the individuals were also acknowledging that they now have a mechanism to get their privacy rights protected. 

Overall, it seems that slowly but surely, the North Macedonia controllers and processors are making progress and compliant with the new regulation. Yes, many companies are still catching up, but the regulation is very complex for many controllers and it was surely expected that this would be a marathon and not a sprint.

By Martin Boshkoski, Partner, Lalicic & Boskoski Law Office