Projects
Research
Press Releases
hr

en

DATA ROL

Projects

01/06/2025

Duration: January 2024- January 2025
Project lead: Sarajevo Open Centre
Partners: Politiscope
Support: Central European Initiative Know-how Exchange Program (CEI KEP)
Funding: €24,540

Politiscope was a partner organization in the project Data Protection and the Rule of Law in Bosnia and Herzegovina (DATA ROL), led by the Sarajevo Open Centre and supported by the Central European Initiative through the CEI Know-how Exchange Programme (CEI KEP) grant scheme. The main goal of the project was to transfer data protection knowledge and expertise to members of an NGO coalition (Initiative for Monitoring European Integration of BiH) and support their advocacy efforts to align the new data protection law with the GDPR, and to help establish a robust national data protection system.

The Politiscope team conducted twoday GDPR educational workshops for coalition members, organized a data protection study visit to Croatia, edited an analysis of the current data protection law and the draft law implementing GDPR, provided mentorship to Initiative members in developing policy briefs with policy and legislative recommendations, and contributed to the planning and execution of the final project conference.

During the study visit to Croatia, members of the Initiative met with data protection consultants from the private sector, CARNet (Croatian Academic and Research Network), and the Office of the Ombudsman, gaining first-hand insights into the strengths and weaknesses of Croatia’s personal data protection system. Unfortunately, a planned meeting with the Croatian Data Protection Authority could not take place due to their engagement with the, at the time, largest Croatian data breach since the adoption of the GDPR.

The analysis of the current and draft personal data protection law produced through the project served as a valuable resource in the mentorship process, helping enhance Initiative members’ capacities in evidence-based advocacy. Strengthening the weak institutional capacities of the Agency for Personal Data Protection and fully aligning the draft law with GDPR were the main recommendations set out in the two policy briefs. These policy briefs were developed by members of the Initiative under the mentorship of the Politiscope team.

The final adopted version of the law included revised administrative fines, in line with our recommendations. However, impunity from administrative fines for public bodies remained in the adopted version of the act, which is expected to significantly hinder the development of a culture of privacy within state and public administration.

Project results were presented at the final project conference held in Sarajevo in December 2024. Panel discussion on developed recommendations included Duje Prkut and Duje Kozomara from Politiscope and representatives of independent public bodies – the Ombudsman and the Agency for Data Protection. The new data protection act, adopted in January 2025, cleared a political path for further European integration of BiH and alignment of its legislation with EU’s acquis communitaire.