We cannot be satisfied with the final decisions adopted by the Parliament; in particular with the decision which stipulates that the Director of the Agency approves the inspection of registers and databases of legal entities. As we have pointed out many times, the practice of the European Court of Human Rights, which is required for Montenegro as a signatory of the Convention on Human Rights, stipulates the explicit request – the deeper interference with human rights requires higher level of authorization to execute covert measures. In this case, constitutionally guaranteed right to privacy and the right to protection of personal data would be significantly limited. That is the reason why we have insisted to make a distinction in relation to the databases of state authorities and to introduce a higher level of approval by the Supreme Court for the application of these measures. The databases and registers of the legal entities include medical records of citizens, bank data, the data about vulnerable and marginalized groups, etc. In other words – the data subjected to abuse. Therefore, these data should be additionally protected in such manner that the organ, which is not the part of the National Security Agency, confirms the legitimacy of the application of such measures. We share the same point of view when it comes to the electronically determining of the location of the user of the telecommunication networks, monitoring and surveillance in the open.
All that remains is to wait the Constitutional Court to consider these problematic norms.
However, we have to emphasize that three of our proposal have been adopted and we believe that the implementation of aforementioned proposals is going to enable further reforms of the Agency in long terms.
Namely, it is stipulated that from now on, the internal control of the National Security Agency submits its annual work report to the Security and Defense Committee.
We hope that in this way the Parliament would put an additional pressure on the internal control which exercises its authority, checks legality of officers’ practice, and prosecutes them for all forms of abuse.
Second, the right of each member of the Committee on Security to request information held by the NSA is strengthened, by deletion of the article in the Law on National Security Agency which was granting this right to the Committee as a whole. This meant that only a majority in the committee could get information from the NSA, which was a major disadvantage for the MPs of the opposition. Now, the possibilities which enable to the Committee, and to the members of the Board, are complete and available when it comes to control of the NSA, so we hope that the MPs will use this power in the future, and thus help to build the trust in the Agency.
Finally, the Law stipulates the procedure which enables the destruction of data which are not related to the security and, thus, prevent the excessive (collateral) collection of the data. This will both safeguard the rights of “related parties” and legally bound the NSA to destruct personal and family data, as well as all other data whose obtaining is not the goal of aforementioned measures.
In the next period, state organs which have the authority to supervise the work of NSA, which are as follow: Security and Defense Committee, the Agency for Protection of Personal Data and the Ombudsman, should perform direct controls and examine the cases to ensure that the articles of the Law which are meant to protect the citizens’ rights are adequately implemented.
