On 2 September 2021 Ireland’s Data Protection Commission (DPC) announced a 225 million euro fine for WhatsApp and ordered the company to amend its practices within three months. It is the largest fine ever from the DPC, and the second-highest under Europe’s General Data Protection Regulation (GDPR).
In the age of digital philosophy, when the electronic management of documents become more and more prominent in both private and public sectors, digitalization of invoices is rather a logical development than an innovative approach in the functioning of the supply chain. Harmonization of e-invoicing regulation in B2G sector has been in effect for seven years in the EU, while Serbia established an e-invoice system in 2019, prescribing mandatory registration of invoices issued in commercial transactions with the public sector on the central registry of invoices (CRF). The most recent novelty in the field happened with adopting the Electronic Invoicing Act and its by-laws when a comprehensive set of rules regulating e-invoicing came into effect.
Technological progress has a magnificent impact on everyday business life, and one of the things made possible by it is creating the opportunity for employees to perform work outside their business premises. But although technological progress gave employers the means to operate their business through remote work, the rigidity in incorporating this work model in practice was shaken only after the COVID-19 pandemic struck, making the expansion of remote work models a result of practical necessity. The sudden spread of remote work in companies also brought concerns of legal nature, and questions like what are the best ways to regulate contracts, safety measures etc.
On 4 June 2021, the European Commission adopted two implementing decisions (Decision no. 2021/914 and Decision no. 2021/915) which contain Standard Contractual Clauses for processing and transferring of personal data and are set in line with the General Data Protection Regulation (2016/679) (“GDPR”) with the hope of bringing about a higher level of personal data protection.
The standard approach in cases involving abuse of dominant position implies that the competition authority determines the market influence of the company due to which it can operate in the relevant market to a significant extent independently of other market participants and, provided that the company has a dominant position, whether its actions result in abuse of such position. The standard approach came naturally in markets that are geographically and economically limited. The core of the principle is that the public authority reacts ex-post (after the event) to abuses, by imposing the obligation to terminate anticompetitive practices or imposing penalties for prohibited behaviour.
The global crisis, which arose as a consequence of the COVID-19 pandemic, brought light, among other things, to the weaknesses of the Serbian public health care system. The daily mass collection of a person’s data on health – which, according to the Serbian Data Protection Act, is considered particularly sensitive data – became a regular occurrence during the pandemic.
In the last decade, we have witnessed a significant transformation in the area of transportation services. Several new transportation service providers have entered the market, the offer has increased considerably, and accordingly, the price of the service has decreased. On every corner of the global metropolis, you can see a car of a different transportation company (Yandex, Uber, Cargo…) and customers are now able cheaper than ever move from point A to point B. Private transportation providers have higher profits than ever, and everyone seems to be pleased.
As we mentioned in our previous article, the Law on Archive Materials and Archiving Activities (“Law“) started to apply as of 2 February 2021.
It is 2017 and you are a foreigner (non-resident of Serbia) aiming to purchase a share of a Serbian company. After you negotiate principal terms, conduct the due diligence, set final terms, and negotiate transaction documents, at the closing you transfer the purchase price in euros to the Buyer’s euro bank account in Serbia, and all is well. Now it is 2021, you are again in Serbia undertaking the same steps, but this time, you are in breach of the Foreign Exchange Act (“FX Act”). Why is that?
For our Checking In feature, we reach out to partners and heads of practice across CEE to learn how specific practice areas are faring in their jurisdictions. This time around we asked Data Protection experts: Overall, how compliant would you say economic agents are with relevant local regulations on data protection, and what are the main gaps that have yet to be addressed?
Growing industrial cannabis as a business activity in the Republic of Serbia is not a new phenomenon. The act that specifically regulates this area is the Law on Psychoactive Controlled Substances adopted in 2010 with its amendments in 2018 (“Law”). Besides the aforementioned Law, the Rulebook on Growing Industrial Cannabis adopted in 2013 (“Rulebook”) regulates it in more depth, meaning the business of growing industrial cannabis has been in the books for around a decade.
Ever since the United Kingdom (“UK”) announced its departure from the European Union (“EU”), there were a lot of speculations about which rights and obligations will remain applicable to its citizens upon (Br)exit. Naturally, as negotiations were ongoing since 2016 referendum, question of whether the General Data Protection Regulation (“GDPR”) will remain applicable was still left open, until recently.
In this time of economic distress, many countries have suffered. Yet, reports Milos Gledovic, Partner at Samardzic, Oreski & Grbovic, Serbia has proven resilient. “The pandemic has not affected the number of transactions in our market, except in the industries directly affected by anti-COVID measures,” Gledovic says, describing the overall economic situation in Serbia as stable.