In 2022, Montenegro witnessed a slowdown in the pace of digital transformation reforms, built up in previous years. This slowdown can be attributed to prolonged political uncertainty, continuous government structure changes, and substantial cyberattacks on the state’s digital infrastructure in the second half of 2022. These cyberattacks prompted the government to prioritise cybersecurity in its reform agenda, focusing on mitigating impacts and restoring the operation of IT systems and affected infrastructure.

Montenegro has emerged as a leader in digital literacy among Western Balkan economies, with 52.0% of citizens declaring they have basic or above-basic digital skills in 2023, just below the EU average of 55.3% (Eurostat, 2024[1]). Despite suffering from a shortage of information and communication technology (ICT) professionals, the government aims to increase the number of ICT graduates from all available academic programmes. In 2022, 11% of the total number of graduates from all universities were students from study programmes related to information technology (IT), up from 8% in 2021 (MPA, 2023[2]). The ICT sector has also shown steady growth in Montenegro, accounting for 4.4% of GDP in 2022, up from 3.5% in 2021 (MONSTAT, 2023[3]). Additionally, in 2022 1 358 active ICT companies were employing 5 343 individuals, which marks an increase from the initial values of 970 companies and 4 441 employees set for the implementation of the Strategy for Digital Transformation (MPA, 2023[2]).

Montenegro’s broadband infrastructure has made significant strides over the past three years, particularly in fixed broadband and 5G network development, driven by market investments. Montenegro’s Gigabit Society targets are outlined in key strategic documents, such as the Strategy of Digital Transformation of Montenegro 2022-26 and the Strategy for the Development of 5G Mobile Communication Networks 2023-27. These targets include achieving 86.4% household coverage by 2026 through fixed broadband connections exceeding 100 Mbps (megabits per second) speeds and covering 75% of the total population with 5G by the end of 2030, also at speeds exceeding 100 Mbps. In early 2023, the government awarded 5G licences to three commercial operators in the 700 MHz (megahertz) and 3.6 GHz (gigahertz) frequency bands, leading to the availability of the first commercial 5G services in large urban centres by April 2023. According to International Telecommunication Union (ITU) statistics, Montenegro boasted the highest fixed broadband penetration rate in the WB6 region in 2022, at 30.3%, followed by Serbia (29.3%) and Bosnia and Herzegovina (27.1%) (ITU, 2024[4]). By the end of December 2023, Very High-Capacity Networks (VHCN) delivering speeds above 100 Mbps accounted for 63.11% of available broadband connectivity, with 48.69% being fibre connections (to the home, FTTH/to the building, FTTB) (EKIP, 2023[5]). Additionally, by the end of 2022, households with access to fixed VHCN reached 78.5%, only slightly below the EU average of 79.20% (Figure 11.1), while household coverage with fibre technology stood at approximately 71% (EKIP, 2023[6]).

While statistical data indicate significant investment activity and demand for high-speed broadband Internet connections, very high-speed networks are primarily concentrated around urban centres. Unfortunately, rural broadband development has lagged behind, widening the connectivity gap between urban and rural populations. Montenegro’s National Broadband Development Plan (NBDP) was intended to address this issue by outlining a set of measures for financing and constructing broadband infrastructure across the entire territory, including areas without commercial interest (white areas). This initiative aimed to connect all households, businesses, educational institutions and health facilities with fast and secure Internet to support Montenegro’s digital transformation. However, the preparation of the NBDP was contingent upon an EU-funded technical assistance project aimed at improving broadband infrastructure development in Montenegro. This project experienced significant delays and was launched in March 2023, pushing back the expected completion of the NBDP to the end of 2024. Depending on subsequent interest from private sector investors, Montenegro can access close to EUR 64 million in Western Balkans Investment Framework (WBIF) grants and European Bank for Reconstruction and Development (EBRD) loans to co-finance rural broadband infrastructure development. Meanwhile, Montenegro still needs to adapt existing legislation to align with the 2023 revised EU Guidelines on State Aid for broadband networks.2 These guidelines align the threshold for public support to fixed networks according to the latest technological and market developments; introduce a new assessment framework for the deployment of mobile networks (including 5G); and establish simplified rules and compatibility criteria to incentivise the adoption of broadband services.

Montenegro has consistently continued implementation of its communication’s regulatory framework during the current assessment period. However, the adoption of the draft new Law on Electronic Communications, aimed at aligning with the European Electronic Communications Code,3 was still pending in February 2024. Furthermore, while Montenegro enacted the law on the use of physical infrastructure for the installation of high-speed electronic communication networks in January 2022, which partially implements the EU Broadband Cost Reduction (BCR) Directive,4 full alignment hinges on the adoption of the new Law on Electronic Communications. The new Law transfers part of the BCR Directive into Montenegro’s national legislation, crucial for encouraging private sector investments in high-speed communication networks, particularly in anticipation of the upcoming implementation of the NBDP. The new Law is also going to strengthen the independence of the Agency for Electronic Communications and Postal Services (EKIP). This independence was challenged in 2023 when the parliament passed amendments to the existing Law on Electronic Communications without prior public consultation, to dismiss existing Council members and executive director of the Agency before the end of their mandate (European Commission, 2023[7]). Moreover, despite granting 5G licences in early 2023, EKIP has yet to adopt a permit-exempt deployment regime for small-area wireless access points, in alignment with relevant European Commission (EC) regulations.5 Such a regime would streamline the deployment of 5G networks, delivering high capacity, increased coverage and advanced connection speeds.

Montenegro’s implementation of the data accessibility framework has stagnated over the past three years, despite significant updates to relevant policies. Key strategic documents6 integrate measures to improve access to public sector data, increase usage of the open data portal and promote the application of data-driven solutions in both the public and private sectors. The overarching Digital Transformation Strategy 2022-26 advocates for data-driven innovation by increasing the number of institutions actively publishing data on the open data portal, and enhancing the availability of high-value datasets. However, despite the adoption of an enabling policy framework, the cyberattacks of August 2022 disrupted momentum in pursuing data accessibility. All efforts were channelled into restoring existing systems and containing the damage until mid-2023. The existing open data portal, which hosted 197 datasets by 14 institutions in 12 thematic fields, ceased to function after the attacks until June 2023, when it was partially restored without complete functionality. Since then, no new datasets can be uploaded. In July 2023, the government decided to create a new Open Data portal,7 which is not yet complete.

These adversities prompted a new revision of the Law on Access to Public Sector Information, seeking alignment not only with the Open Data Directive8 but also with the EU Data Governance Act.9 The new Law is proposed by the government for adoption within 2024. The government was also forced to postpone activities planned for 2022-23, such as enhancing guidelines for publishing datasets, conducting hackathons for data-driven innovative solutions, and promoting inspiring examples of data innovation practices. Additionally, the public sector continues to face challenges due to a lack of open data skills for collecting, sharing and publishing data. Limited awareness of the benefits of data reuse and officials’ hesitancy to change the data culture in the public sector, alongside technical issues, hinder advancements in developing a data-driven economy in Montenegro. Responding to the recognised deficit in digitalisation skills, the Public Administration Reform Strategy foresees training sessions for content administrators of the open data portal on how to prepare data in open formats. It is crucial that similar capacity-building activities are extended to ensure that public sector skills exist to support data partnerships with the private sector for the creation of new services.

The development of digital government in Montenegro is facing significant delays, particularly following the cyberattacks on the economy’s digital infrastructure in the third quarter of 2022. Despite having a policy framework in place that promotes the digital transformation of government services – aiming for higher quality, appeal, and interoperability of e-services10 – its implementation is stagnating. By the end of 2022 only 54% of the activities scheduled under the Action Plan of the Digital Transformation Strategy had been implemented due to financial constraints, capacity limitations, and organisational changes in public administration (MPA, 2023[2]). The Coordinating Body for Digital Transformation, established by the government to enhance policy co-ordination, has yet to demonstrate its impact in accelerating digitalisation. However, legal reforms since 2021 have facilitated digital government development and improved alignment with the EU acquis. The newly enacted electronic document law in December 2022 is poised to accelerate the digitalisation process by aligning more closely with the EU eIDAS11 regulation on digital identity and trust services, although the alignment is not yet complete. The law extends the definition of electronic signatures, introduces the electronic stamp, and equates digitalised documents with electronic documents, thereby eliminating barriers to acceptance by public institutions.

Despite integrating various government systems and portals into a centralised e-government portal,12 there has been no noticeable improvement in the quality or sophistication of e-services as of the end of 2023. Although the national e-identification system, based on an eID card system, and an e‑payment system for administrative fees are integrated into the new e-government portal, the lack of interoperability persists as a major hindrance for developing fully transactional e-services. Despite government efforts to improve it, the Unified System of Electronic Data Exchange (JSERP), aimed at ensuring interoperability in public administration, remains underutilised. Integrating all public registers and public institutions into the JSERP is not yet complete (37 registers connected in 2022 out of at least 300 targeted). Moreover, awareness about the availability and use of e-services is unsatisfactory, with 53.1% of citizens and 59.4% of businesses being informed in 2022 (MPA, 2023[2]). Notably, the Ministry of Public Administration (MPA) developed an annual Communication Plan for 2023 to raise awareness of the importance of digitalisation and conducted a sizeable public campaign in 2022 to increase uptake of the eID card system. Following the cyberattacks, the number of services on the e‑government portal at the end of 2022 decreased to 382 from over 400. Only 73 of these were electronic services, while the rest were purely informative. Available services comprised 254 services for businesses, 109 for citizens, and 19 for public administration (MPA, 2023[9]). Persisting challenges, such as insufficient capacities for digitalisation in the public sector and limited digital awareness of the Montenegrin society, are slowing down the digital transformation process. In response to these challenges, the Ministry of Public Administration has launched the Digital Academy, which provides civil servants and citizens with both virtual and physical learning spaces to acquire digitalisation skills (Box 11.1).

Digital business development in Montenegro has received enhanced institutional support over the past three years, further accelerated by the COVID-19 pandemic. Key strategic documents13 recognise the pivotal role of companies’ digital transformation across sectors in enhancing competitiveness and economic growth. The increased usage of ICTs in micro SMEs is emphasised in the newly adopted Strategy for the Development of MSMEs 2023-26, which outlines measures focusing on increasing e‑commerce take-up. Moreover, annual programmes have been implemented to increase SMEs’ competitiveness through digitalisation. In 2022, a total of 353 SMEs were supported, 131 of which were women-owned. With a total allocated amount at the level of EUR 2.04 million, 324 companies received financial support, while 29 accessed mentoring services (MERT, 2023[11]). However, with similar annual allocated funding, the overall number of beneficiaries for digitalisation remains modest. Additionally, although a dedicated portal14 exists for accessing these financial support programmes, awareness among SMEs across sectors is insufficient. According to an analysis of the business environment conducted by the Montenegrin Chamber of Commerce in 2023, little more than one-third of surveyed companies were familiar with the government's competitiveness programmes, running since 2021 (KOMORA, 2023[12]). Nevertheless, in 2023, 100% of enterprises in Montenegro used the Internet, with 98.8% using fixed broadband connectivity for their access and 49.1% connecting with speeds above 100 Mbps (MONSTAT, 2023[13]). Additionally, 85.4% of all companies have a website, primarily used for product catalogues or price lists (75.8%) and links to their social media profiles (66.1%).

The government has also established a comprehensive framework for strengthening the domestic ICT sector, which is currently less competitive compared to other economies in the WB6 region. Its growth is primarily supported by the Digital Transformation Strategy, which recognises the digital skills deficit in the workforce and the shortage of IT professionals as major barriers. The strategy integrates measures for financing ICT innovation projects, promoting the internationalisation of IT products and incentivising digital nomads and ICT professionals from abroad to work in Montenegro. Additionally, ICT start-ups receive support from the Innovation Fund of Montenegro. Since September 2021, the Innovation Fund has supported 85 projects with EUR 2.68 million.15 The volume of applications received during the same period (288) underscores the considerable demand for similar initiatives. In 2023, ICT companies were awarded seven out of eight new projects supported by the Innovation Fund, with nearly EUR 1 million.16

Montenegro has not yet formulated policies governing the development and use of emerging digital technologies such as artificial intelligence (AI), blockchain, or the Internet of Things (IoT). While no legislation is currently in place to ensure the safe and responsible use of these technologies, the Law on Innovation Activities and subsequent bylaws anticipate their application for creating innovative products and services. Furthermore, the 5G Development Strategy includes measures aimed at promoting the proactive involvement of the 5G ecosystem in introducing new concepts and applications for state institutions and local governments based on emerging technologies, such as Big Data, AI, IoT and cloud computing. An AI ecosystem is gradually taking shape, albeit without institutional support at this time, prompting discussions and collaborations among stakeholders and experts at the initiative of the Montenegrin AI Association (MAIA). The Association actively promotes the development of artificial intelligence by supporting or participating in research projects, fostering co-operation activities with domestic and international entities, and organising relevant seminars, workshops and training sessions.

Montenegro has enhanced its policy framework on digital inclusion in the current assessment period. Since adopting the Digital Transformation Strategy in 2022, measures have been put in place to promote digital skills development for vulnerable groups of the population, including the elderly, people with disabilities, and Roma and Egyptian populations, alongside awareness raising on the societal benefits of digitalisation. However, implementation of policy measures, particularly those focused on digitally underprivileged groups and person with disabilities, has lagged behind. In 2022, only 91 citizens from vulnerable groups attended ICT training at adult education organisers (MPA, 2023[2]). Moreover, while the newly established Digital Academy promises to enhance citizens’ digital literacy and knowledge about emerging digital technologies, during its initial operation period since March 2023 the Academy’s training programmes have yet to integrate digital learning opportunities for vulnerable groups. Additionally, in 2022, planned subsidies for the purchase of computer equipment for the socially disadvantaged and students and pupils were not implemented. Statistical data show that the digital divide in Montenegro is evident in Internet usage discrepancies among different geographical regions and between rural and urban populations. In 2023, Internet usage in households across Montenegro differed significantly from the overall 81.28% and the EU average of 93.08%, 2023 (Eurostat, 2024[14]) with the lowest usage in the North region (74.8%), and the highest in the South (93.0%) (Figure 11.2). Furthermore, Internet usage in rural areas is only 71.9%, compared to 85.9% in urban locations (MONSTAT, 2023[15]).

Despite legal obligations for e-accessibility to be integrated into the Law on e-Government (2019) and adopted rulebooks on e-accessibility standards for websites, e-documents, e-services and procurement of ICT products and services since 2020, practical implementation lags behind. While the new central government portal (GOV.ME) meets international e-accessibility standards, this is not the case for other public institution websites and online information sources, including the e-government portal (euprava.me). Website redesign initiatives for public sector bodies like news agencies, educational institutions and local self-government authorities are pending, and accessibility requirements are yet to be applied in public procurements for ICT products and services. Moreover, digital inclusion indicators face poor monitoring and data collection, hindering policies and programmes’ impact assessment.

Montenegro has yet to adopt specific policy measures to ensure development of green digital technologies. Although the Smart Specialisation Strategy 2019-24 recognises the potential of Green ICT for economic growth through emission reductions and energy savings, it lacks specificity in terms of activities and budget allocation. Additionally, existing digital society policies overlook the environmental impact of the ICT sector and the growing use of digital technologies on climate change. Notably, science and technological development programmes, along with Innovation Fund initiatives, support students and start-ups in creating innovations focusing on energy efficiency across diverse industry sectors. These innovations often contribute to the valorisation of digital advancements employed to achieve eco-friendly outcomes. Furthermore, waste electrical and electronic equipment (e‐waste) management is addressed in the Law on Waste Management. Under the current Law, extended producer responsibility (EPR) applies to companies that manufacture, import or sell electrical and electronic equipment, among others. EPR ensures that manufacturers consider the full life cycle of their products, from the design phase to the end of the product's life, promoting sustainability and environmental responsibility. In 2023, a new draft Law on Waste Management was prepared, aiming to align with relevant EU legislation with a particular focus on provisions for the Extended Producer Responsibility Programme.

Implementation of the privacy and personal data protection framework has shown slight advancement in Montenegro since 2022. Law enforcement and stakeholders’ understanding of personal data protection issues has improved since the previous assessment periods. However, Montenegro has yet to align its national legislation with the GDPR17 and the e-Privacy Directive.18 In view of Montenegro’s EU accession process, the EC has emphasised the importance of alignment with both of these complementary legal acts (European Commission, 2023[7]). Alignment with the e-Privacy Directive will establish a common set of rules with EU Member States regarding direct marketing communications (including cookies and similar identifiers) and electronic communications service providers. In 2020, to address the shortcomings of the existing framework and improve its alignment with the EU acquis, the Agency for Personal Data Protection and Free Access to Information (AZLP) initiated preparations for a new law on personal data protection, aligning with EU legislation. However, its adoption is still pending. The draft law also aims to secure the Agency's operational and financial independence, which has been repeatedly challenged. For instance, in December 2021 the parliament dismissed two members of the Agency’s Council, leading to a temporary operational halt until August 2022 when the Council became operational again.

Operating with limited personnel and financial resources, including 29 staff members out of an optimal 47, and a total budget of EUR 636 000 in 2022, the Agency received 215 initiatives (i.e. requests) for the protection of rights from natural and legal persons and conducted 127 inspections. In 114 extraordinary inspections, irregularities were found in 82 cases. At the end of 2022, the Agency reported that domestic personal data collection operators have shown improved understanding of personal data protection processes and an increased willingness to comply with its non-binding decisions and opinions. In 2022, six opinions were issued for the application of the personal data protection law (AZLP, 2023[16]). Despite its limitations, the Agency actively engages in awareness campaigns and capacity-building initiatives for data practitioners in both the public and private sectors. However, since the current legislation does not mandate the appointment of a personal data protection officer, only a small number of data operators have appointed one, one of the critical issues addressed by the new draft law.

Montenegro has made significant progress in enhancing its framework for consumer protection in e‑commerce. It has consistently implemented its Consumer Protection (CP) Programme 2022-24, aimed at better alignment with the EU acquis, strengthening law enforcement, particularly for consumers in the digital realm, and increasing awareness among consumers and traders regarding their rights and obligations. Although the existing law on consumer protection aligns with the EU Consumer Rights Directive19 and the EU Directive on consumer Alternative Dispute Resolution20 since December 2021, it does not fully incorporate the modernised EU-wide consumer protection rules currently in force.21 While the government has prepared a new law for consumer protection, prescribing new rules for trade processes in the digital world in line with EU legislation (Official Journal of the European Union, 2019[17]), its adoption, along with other pertinent legislation, is still pending.

The Directorate for Inspection Affairs, the central point of the Consumer Protection System in Montenegro, is responsible for the management of complaints and consumer issues. The Directorate strengthened its administrative capacities by hiring 11 inspectors for consumer protection in 2022. This led to an increase in inspections, including in the e-commerce domain, such as systemic website checks (“sweeps”) of 62 companies engaged in online sales (EC, 2022[18]). These checks, mirroring EU Member practices, aim to encourage higher compliance of online traders in Montenegro with consumer protection legislation. Similarly, the Consumer Protection Department of the Ministry of Economic Development, which oversees the CP Programme’s implementation and monitoring, recognised that despite its efforts, awareness-raising activities on consumer protection remained insufficient. To address this gap, the Ministry collaborated with non-governmental organisations (NGOs) in 2023, financing six projects with a total of EUR 37 000 to augment consumer awareness. However positive, these initiatives have limited impact on online consumers, as only a fraction of these funds targets e-commerce activities. Consumer awareness is increasingly critical due to the significant uptake of e-commerce in Montenegro. In 2023, 51.6% of individuals used the Internet to buy products or services, while 32.5% made their last purchase within the past 12 months (MONSTAT, 2023[15]), which still lags behind the EU average of 69.39% (Eurostat, 2024[19]).

Montenegro maintained its cybersecurity performance, increasing efforts to strengthen its cybersecurity capacities in 2023 following the massive cyberattacks in August 2022. However, despite these endeavours, the government’s ability to combat cybercrime remains weak, primarily due to a shortage of cybersecurity talent and persisting challenges in hiring and retaining expert staff, exacerbated by pay disparities between the public and private sectors (Vujovic, 2023[20]). The cyberattacks on the government’s digital infrastructure underscored the urgent need for comprehensive action in cybersecurity, necessitating increased allocation of financial, technical and human resources. These attacks disrupted online government information platforms and posed threats to critical infrastructure, including banking, water, and electricity systems. The government was compelled to go offline, shutting down portals, including the central government portal. Some of the government’s e-services remained non-operational for several months. Moreover, the attacks underscored the need to refine criteria for identifying critical information infrastructure per sector and enhance protective measures. In response, in December 2022, the Ministry of Public Administration established a new Directorate for Information Security, also known as the government Computer Incident Response Team (CIRT), consisting of nine staff members. The GOV-CIRT is going to collaborate closely with the National CIRT22 (CS/NCIRT), which stands as Montenegro’s central focal point for cybersecurity incident management and international collaboration. Unfortunately, the National CERT also struggles with inadequate human resources (seven staff members) and financial constraints.

The ongoing implementation of the cybersecurity strategy 2022-26, aims to enhance the legal framework and address deficiencies identified in the previous strategy by the end of 2021. According to the strategy’s final implementation report, 39% of performance indicators were not met, with a lack of funding and insufficient cybersecurity awareness at the top management levels identified as the primary hindrances to achieving strategic objectives. While the framework is currently aligned with the Networks and Information Security (NIS) EU Directive,23 a new law on information security has been drafted to align with the updated EU legislation (NIS 2 Directive24), enforced in 2023. This draft law, anticipated for adoption in 2024, delineates the responsibilities of the forthcoming National Cybersecurity Agency and proposes expanding the capacities of the National CIRT to include 39 employees. However, Montenegro has yet to establish security requirements for 5G mobile networks, despite recent licensing of 5G operators. It is crucial for these operators to proactively assess risks posed by suppliers and mitigate dependency on a single vendor. Furthermore, reforms are still pending to introduce a system for the cybersecurity certification of ICT products, services and processes, harmonised with EU Member States, in accordance with the Cybersecurity Act.25

Montenegro’s progress on implementing CO 2021 Recommendations has been mixed. The economy has made strong advances in supporting SMEs’ digitalisation, and the adoption of a policy that incorporates measures fostering ICT sector growth is also an improvement. Conversely, progress has stagnated in domains such as digital inclusion and open data reuse. Table 11.2 shows the economy’s progress in implementing past recommendations for developing a digital society.

Considering the level of the previous recommendations’ implementation, areas remain in which Montenegro could enhance its digital society policy framework, thus further improving aspects of access to electronic communications and public data, the digitalisation of government and businesses, the inclusiveness of the digital society and overall trust in digital technologies. As such, policy makers may wish to:

• Prioritise the adoption of the new Law on Electronic Communications and ensure regulatory facilitation of fixed and mobile ultra high-speed infrastructure development. The government needs to complete the alignment process with the European Electronic Communications Code, proceed with complementary regulations to abolish roaming charges with EU Member States,26 and update relevant product and service markets within the electronic communications sector. In light of the forthcoming national broadband development plan, Montenegro should consider modernising its state aid rules for the development of broadband infrastructure and improve networks’ resilience against natural disasters and other risks.

• Update the legal framework on open data reuse and promote the development of data‑driven innovation based on domestic high-value datasets. The government should prioritise adoption of the new law on data reuse to enhance alignment with the EU Open Data Directive and the EU Data Governance Act.27 It is critical to swiftly launch the new Open Data Portal, identifying and publishing domestic high-value datasets for reuse, and carefully assessing demand and potential for reuse in creating new services. Montenegro should ensure that public sector institutions publish high-quality, reusable data, implement automated data publishing, and invest in data certification systems28 to foster and stimulate private sector-led data partnerships and innovation (Box 11.2).

• Redesign existing and create new user-centric e-government services implementing the life-event approach within public administration. Integrating public services into life events is an approach29 designed to enhance government services, making them more accessible, user‑friendly, and personalised to meet the needs of individuals at different stages of their lives. The government should accelerate seamless connection of all public registers and public institutions to the JSERP system, facilitating the development of high-quality, fully transactional e‑government services. Montenegro should explore opportunities to modernise the national eID scheme (e.g. through mobile eID) to improve user convenience and ensure interoperability with EU Member States to create cross-border services.

• Ensure the adoption of the new law on personal data protection and increase resources in personal data protection. The new law aims to align the framework in personal data protection with the EU acquis, embedding in Montenegro the same high standards enforced in EU Member States. The government should ensure that the Agency for Personal Data Protection and Free Access to Information (AZLP) has adequate human and financial resources to perform significant awareness-raising and capacity-building activities and staff training vital for implementing the new law. Montenegro should also prepare legislation on e-Privacy aligning with relevant EU legislation to ensure comprehensive protection of privacy rights.

• Accelerate the creation of the National Cybersecurity Agency and strengthen cybersecurity capacities. The government needs to accelerate the adoption of the new law on information security and ensure the swift establishment of the anticipated National Cybersecurity Agency. The government should expedite personnel hiring processes to make the Agency operational before the end of 2024. Montenegro must allocate an adequate budget for comprehensive staff training and international knowledge transfer to enhance its cybersecurity capacity in addressing the growing challenges in this field. Having already licensed three 5G operators, it is crucial to strengthen security requirements for 5G mobile networks and ensure infrastructure resilience, aligning with the EU Toolbox for 5G Cybersecurity30 (Box 11.3).

[16] AZLP (2023), 2022 Annual Report, Agency for Personal Data Protection and Free Access to Information, https://www.azlp.me/storage/docs/zajednicka/izvjestaj_o_stanju/Izvjestaj%202022.docx.

[20] BalkanInsight (ed.) (2023), Meagre Resources Leave Montenegro Exposed to Cyber Threats, https://balkaninsight.com/2023/05/09/meagre-resources-leave-montenegro-exposed-to-cyber-threats/.

[18] EC (2022), Montenegro 2022 Report, Commission Staff Workign Document, SWD(2022) 335 Final, European Commission, https://neighbourhood-enlargement.ec.europa.eu/system/files/2022-10/Montenegro%20Report%202022.pdf.

[6] EKIP (2023), Annual Report 2022, Agency for Electronic Communications and Postal Services, https://ekip.me/media/documents/general/1703840162_ANNUAL%20REPORT%202022.pdf.

[5] EKIP (2023), Report on Internet and Broadband Access, December 2023, Agency for Electronic Communications and Postal Services, https://ekip.me/media/documents/general/1706606028_Internet%20-%20decembar.pdf.

[8] European Commission (2023), DESI 2022 Indicators, https://digital-decade-desi.digital-strategy.ec.europa.eu/datasets/desi/charts/desi-indicators?indicator=desi_2a3&breakdown=total_pophh&period=desi_2023&unit=pc_hh_all&country=AT,BE,BG,HR,CY,CZ,DK,EE,EU,FI,FR,DE,EL,HU,IE,IT,LV,LT,LU,MT,NL,PL,PT,RO,SK,SI,E.

[7] European Commission (2023), Montenegro 2023 Report, Commission Staff Working Document, SWD(2023) 694 Final, European Commission, https://neighbourhood-enlargement.ec.europa.eu/system/files/2023-11/SWD_2023_694%20Montenegro%20report.pdf.

[22] European Commission (2020), Open Data Best Practices in Europe: Learning From Cyprus, France and Ireland, https://data.europa.eu/sites/default/files/report/20200518_AR16_ODM%20Top%20Performing%20Countries_V1.1_FINAL.pdf.

[14] Eurostat (2024), Individuals - Internet Use, https://ec.europa.eu/eurostat/databrowser/product/page/ISOC_CI_IFP_IU (accessed on 27 May 2024).

[1] Eurostat (2024), Individuals’ Level of Digital Skills (from 2021 onwards), https://ec.europa.eu/eurostat/databrowser/view/isoc_sk_dskl_i21__custom_9882830/bookmark/table?lang=en&bookmarkId=ca727989-dcca-4872-9a11-051d8950f01e (accessed on 15 May 2024).

[19] Eurostat (2024), Internet Purchases by Individuals (2020 onwards), https://ec.europa.eu/eurostat/databrowser/product/page/ISOC_EC_IB20 (accessed on 28 May 2024).

[23] French Government (2024), ETALAB, https://www.data.gouv.fr/en/organizations/etalab/ (accessed on 28 May 2024).

[24] French Government (2024), Service Public de la Donnée : Des Données sur Lesquelles Vous Pouvez Compter, https://www.data.gouv.fr/fr/pages/spd/reference/ (accessed on 28 May 2024).

[10] Government of Montenegro (2024), Digitalna Akademija, https://www.gov.me/clanak/digitalna-akademija (accessed on 28 May 2024).

[4] ITU (2024), Fixed Broadband Subscriptions per 100 Individuals, https://www.itu.int/fr/Pages/default.aspx#/fr (accessed on 1 March 2024).

[12] KOMORA (2023), Business Environment in Montenegro on the Basis of a Survey Conducted in the Period February-March 2023, Chamber of Commerce of Montenegro, https://komora.me/wp-content/uploads/2023/09/poslovni-ambijent-u-cg-sep-2023-w.pdf.

[11] MERT (2023), 2022 Annual Report of the Ministry of Economic Development and Tourism, Ministry of Economic Development and Tourism, https://wapi.gov.me/download-preview/c1b8e6d0-824a-4541-a690-4f7dbdbd0def?version=1.0.

[15] MONSTAT (2023), 2023 ICT Survey in Households, Statistical Office of Montenegro, https://monstat.org/uploads/files/ICT/2023/domacinstva/Podaci%20Domacinstva%20-%20ENG%202023.xlsx (accessed on 1 March 2024).

[3] MONSTAT (2023), Gross Domestic Product, Release 124/2023, Statistical Office of Montenegro, https://monstat.org/uploads/files/BDP/2022/Annual%20GDP%202022_eng.pdf (accessed on 1 March 2024).

[13] MONSTAT (2023), ICT Usage Survey in Enterprises 2023, Statistical Office of Montenegro, https://monstat.org/uploads/files/ICT/2023/preduzeca/Podaci%20Preduzeca%20-%20ENG%202023.xlsx.

[9] MPA (2023), 2022 Annual Report of Activities, Ministry of Public Administration of Montenegro, https://www.gov.me/dokumenta/07c9adb6-7a42-489e-ad11-f45c2deb8c52.

[2] MPA (2023), Report on the Implementation of the Action Plan of the Digital Transformation Strategy of Montenegro for the Year 2022, Minsitry of Public Administration, https://wapi.gov.me/download-preview/f0ba718c-d168-4ead-b953-573312317c84?version=1.0.

[21] OECD (2018), Open Government Data Report: Enhancing Policy Maturity for Sustainable Impact, OECD Publishing, https://doi.org/10.1787/24131962.

[25] OECD Observatory of Public Sector Innovation (2024), Achieving Cyber Security Resilience of Public Sector IT Systems and Services, https://oecd-opsi.org/innovations/cyber-security-resilience/ (accessed on 28 May 2024).

[17] Official Journal of the European Union (2019), Directive (EU) 2019/770 of the European Parliament and of the Council of 20 May 2019 on certain aspects concerning contracts for the supply of digital content and digital services.