Director

The Director of the Agency is appointed by the Agency Council, based on a public vacancy announcement, for a period of four years.
The person who does not meet the conditions to be a member of the Council cannot be appointed as the Agency Director, according to the Personal Data Protection Law.
The competences of the Agency Director are to:
• organise and represent the Agency,
• organise and run the Agency,
• execute the decisions of the Agency Council,
• propose work plans and reports on the situation regarding personal data protection to the Agency Council,
• perform other tasks laid down by this Law and Statute (Articles 58 and 59 of the Personal Data Protection Law; Official Gazette of Montenegro 79/08 and 70/09).
After the public vacancy announcement, Mr. Bojan Obrenovic, attorney at law, was appointed by the Council as the Agency Director. He is appointed for the period of four years, and begun his work on 4 May 2010.

Bojan Obrenović, the director

Mr. Bojan Obrenović was born on 10 April 1962 in Podgorica. He graduated from the Faculty for Security and OSZ “Kiril i Metodij“ in 1978 in Skoplje - Department of Security and acquired the title of a lawyer. He carried out his internship in the period from 01 April 1988 – 01 April 1989 at the Republic Secretariat of Internal Affairs of Montenegro. In the period from 07 June 1991 until 20 July 1992, he worked at the Ministry of Finance as an inspector for determining public income. Following this position, he was employed at the Directorate for Public Income for the following positions: financial inspector, from 20 July until 09 February 1993; Head of the Division for fight against tax crime, from 09 February 1993 until 23 July 1997; Deputy Director of the DPI- Head of Financial Police of the Republic of Montenegro, from 24 July 1997 until 10 September 2003; Deputy Director of the Tax Administration, Head of tax inspection of the Republic of Montenegro, from 11 September 2003 until October 2004. In the period from 19 November 2004 until 03 February 2009 he was the national Coordinator in the Stability Pact for South Eastern Europe for fight against human trafficking, Government of Montenegro- Secretariat-General of the Government, Head of Office of the National Coordinator for Fight against Human Trafficking. He was appointed to be the Director of the Agency for Personal Data Protection by the Agency Council after a public vacancy announcement for the period of four years, and he began his work on 04 May 2010.


Council

The bodies of the Agency are the Council and the Director of the Agency. The Council of the Agency has a Chairman and two members. The Chairman and members of the Council of the Agency are appointed by the Parliament of Montenegro, at the proposal of the competent working body.

The Council of the Agency shall decide by the vote of an absolute majority of its members.
The Council of the Agency:
• adopts the rules of the Agency;
• adopts a Statute and an internal act on working posts, with the consent of the working body referred to in Article 52 paragraph 2 of the Law, as well as other acts of the Agency;
• drafts annual and special reports on the situation regarding the protection of personal data;
• establishes an annual work plan and annual report on the work of the Agency; 
• establishes a proposal of the financial plan and balance sheet;
• makes decisions on requests for protection of rights and in other cases following supervision;
(Articles 52, 56 and 57 of the Personal Data Protection Law; Official Gazette of Montenegro 79/08 and 70/09).
The Chairman and members of the Council of the Agency must be Montenegrin nationals, have a university degree and have five years of work experience in the area of human rights and freedoms in order to appointed.
Chairman and members of the Council were appointed by the Parliament on 10 December 2009. Mr. Šefko Crnovršanin, lawyer, was appointed as the Chairman of the Council and Mr. Aleksa Ivanović and Mr. Radenko Lacmanović, both lawyers, as members of the Council.


Šefko Crnovršanin, Chairman of the Agency Council 

Mr. Šefko Crnovršanin was born on 30 August 1948 in Bijelo Polje. He graduated from gymnasium in Berane in 1967. He graduated at the Faculty of Law in 1972 in Niš. Following his graduation, he worked in the municipality of Bijelo Polje as an intern, and then at the municipal court in Bjelo Polje (until 1974). He was a judge in the municipal court in Bjelo Polje until 1981, when he was appointed as the judge of the district court in Bijelo Polje. In the period from October 1992 until August 1993, he was working as the judge of the Supreme Court of the Republic of Montenegro. In the period from August 1993 until 2002 he was a judge of the Constitutional Court of the Republic of Montenegro. On the 21 October 2003, he was appointed as the Ombudsman and carried out his duties until the expiration of his term of office, 21 October 2009. He was appointed as the Chairman of the Council of the Agency for Personal Data Protection on 10 December 2009.


Background

The Agency for Personal Data Protection is established pursuant to the provisions of the Personal Data Protection Law (Official Gazette of Montenegro 79/08 and 70/09) as the supervisory authority. In performing affairs within its scope of work, the Agency is autonomous and independent. Agency bodies are the Council and the Agency Director.
The Parliament of Montenegro made a decision on the appointment of the President and two members of the Council of the Agency for Personal Data Protection on 10 December 2009.
The Director of the Agency was appointed in April 2010 and started working in May 2010. Concerning the creation of organisational conditions for the work of the Agency, upon the proposal of the Council, the Statute and the Rulebook on Internal Organization and Job Descriptions of the Agency were adopted at the meeting of the Administrative Board of the Parliament of Montenegro. Pursuant to Article 56 of the Personal Data Protection Law and Article 15 of the Statute, the Council of the Agency for Personal Data Protection has adopted a number of secondary legislation regulating the work of the Agency as follows:

• Work Rules; 
• Rulebook on Salaries, Allowances and Other Income of the Agency Employees; 
• Rulebook on Allowances for Increased Costs of Employees;
• Code of Conduct of the Employees; 
• Ethical Code; 
• Rulebook on Official Identification; 
• Rulebook on Usage of Official Cars and Fuel Costs; 
• Rulebook on Allocating Official Mobile Phones and Acknowledgement of Costs of Their Usage; 
• Rulebook on the Usage of Funds for Representation; 
• Guide for Accessing Information in the Possession of the Agency.
Rulebook on Internal Organization and Job Descriptions of the Agency envisages 22 jobs not including the positions of the President and members of Council. 


Competences

Personal Data Protection Agency performs affairs of a supervisory authority prescribed in the Personal Data Protection Law. In performing affairs within its scope of work, the Agency is autonomous and independent. The Agency has a status of a legal person. 
The competences of the Agency include performing administrative and technical affairs in the area of personal data protection.
The Agency:
• performs supervision over the implementation of personal data protection in accordance with this Law;
• decides on requests for the protection of rights;
• delivers opinions regarding the application of this Law;
• gives consent with regards to the establishment of personal data filing systems;
• delivers its opinion in the case of doubt whether a set of personal data is considered a filing system within the meaning of this Law;
• monitors the application of organisational and technical measures for personal data protection and proposes improvements of such measures;
• gives proposals and recommendations for the improvement of personal data protection;
• delivers opinions as to whether certain ways of personal data processing endanger the rights and freedoms of individuals;
• cooperates with bodies competent for supervision over the personal data protection in other countries;
• cooperates with competent state authorities in the process of preparation of regulations regarding personal data protection;
• puts forward the proposals for assessment of constitutionality of laws, that is constitutionality and lawfulness of other regulations and general acts governing the issues of personal data processing and
• performs other tasks in accordance with this Law. (Article 50 of the Personal Data Protection Law; Official Gazette of Montenegro 79/08 and 70/09)