The Pivotal Role of DPAs in Digital Privacy Protection

Abstract

With the widespread use of the Internet in both personal and professional life, data protection has become a critical aspect of privacy protection. The mechanisms developed in administrative law are the main tools for personal data protection in modern societies. Within the European integration process, the Republic of Serbia has established an independent data protection authority (DPA) that supervises and ensures the implementation of data protection rules, conducts inspections, acts on complaints of persons to whom the data relates, and determines whether there has been a violation of the law. This paper commences with an analysis of international legal instruments imposing a duty to establish an independent data protection supervisory authority. It goes on to further analyze the main characteristics of the national data protection system, the personal, territorial, and material scope of its application, as well as specific rights of data subjects. The efficient protection of digital privacy primarily depends on the investigative powers of the independent supervisory authority, which are also analyzed in detail. Given the global character of the Internet, the protection of personal data also depends on efficient cooperation among DPAs, the extraterritorial application of data protection rules, and adequate regulation of international transfer of personal data.