Joint Instruction No. 463/2020 “On the determination of institutions and bodies receiving personal data from the civil status service, as well as the method, type, and amount of information they should receive“, as amended (Instruction No. 463/2020), establishes the regulatory framework for the proper handling of citizens’ personal data processed in accordance with the specific activities of various public authorities or private entities. Information and Personal Data Protection Commissioner, Mr. Besnik Dervishi and the Minister of the Interior, Mr. Taulant Balla signed the amendment to this sub-legal act, which includes an expanded list of institutions/bodies with access to the National Civil Status Register (NCSR).
Commissioner Dervishi, while appreciating the collaboration with the Ministry of the Interior in updating this Instruction, emphasized in his speech, among other things: “This correct and careful process should serve as a model for all other institutions. The Office of the Commissioner performs functions mandated by several specific laws, international agreements, or sub-legal acts that are closely related to the activities of the Ministry of the Interior. In fulfilling these duties, the Office of the Commissioner also acquires nuances and is categorized among institutions concerned with national security. The activities of law enforcement bodies are highly sensitive, particularly in terms of personal data protection, administration, and processing of data in their systems and databases, as well as the transparency these institutions must reflect in their dealings with the public. In our work, supported by the standards of the General Data Protection Regulation (GDPR) of the European Union, we have found that there is a need to strengthen the level of security measures, maintain data confidentiality, identify and monitor access levels, and ensure that the category of data processed does not exceed the specific provisions or the principle of adequacy. We are concluding a meticulous process regarding access to the National Civil Status Register (NCSR), finding it necessary to review this act to address issues and, at the same time, increase the number of new or restructured institutions/bodies that require access to the NCSR to fulfill their functional duties and comply with specific legislative provisions.”
Minister Balla highlighting the contribution of the Commissioner’s Office in Albania’s EU accession process, said among other things: “This act includes several new institutions, which play a key role in the enforcement of the law and the protection of personal data, such as the High Council of Justice, the Special Anti-Corruption Structure, the National Bureau of Investigation, and the Personal Data Protection Authority, among others. These institutions will have a clarified and adapted access based on the relevant legislation for the protection of personal data. This Guideline aims to improve the procedures of the Civil Status Service, ensuring greater transparency and the secure and controlled provision of necessary information to these institutions. The Guideline also includes improvements in the data verification process to guarantee the integrity and security of shared information. As part of this initiative, new provisions related to the use of technology in electoral processes have been included, which are important for increasing the reliability and efficiency of democratic processes in our country. In preparing this Guideline, comments from various institutions have been considered and integrated to ensure the document meets all legal requirements and protects citizens’ rights.”
This revised bylaw act ensures unified and higher standards in the use/exchange of citizens’ personal data and simultaneously guarantees them the respect for this fundamental right and freedom, even in the context of technological developments and the increase of online state services. On the other hand, the improved Instruction No. 463/2020 also addresses the issue of technical-organizational measures that these institutions need to take concerning strengthening such important aspects of this process as security, integrity, accountability, adequacy, and traceability.