The Cyber Crime Division of the Central Criminal Police Department at the Ministry of Internal Affairs of Georgia was established by the decree of the Minister of the Interior in December 2012. Currently, there are 15 detective-investigators within the Division who are responsible for investigation of cybercrime. The Division is competent to investigate cybercrime offences in narrow sense, in particular crimes provided for in Chapter 15 (Cybercrime) of the Criminal Code of Georgia; however, the Division also provides advice, guidance and technical assistance to other police units across Georgia in the investigation of cybercrime and the handling of electronic evidence. The forensics team of the Ministry of the Interior handles the forensic examination duties.

The 24/7 National Contact Point is operating at the Cyber Crime Division of the Central Criminal Police Department at the Ministry of Internal Affairs of Georgia. 

Since 2010, a Memorandum of cooperation between Internet Service Providers and Law Enforcement Agencies is in force. Ten largest ISPs representing the majority of the Internet industry and the representatives of government agencies, such as Prosecution Service and the Ministry of Internal Affairs, signed the memorandum in January 2010. The Memorandum defines the principles of cooperation between ISPs and law enforcement agencies in the process of investigation of cybercrime and specifies the rights as well as responsibilities of the parties to the memorandum. Among the most important achievements under the document is the creation of specialized contact points within the structure of ISPs and the law enforcement, and significant reduction of time for processing of law enforcement requests.

The Prosecutor General’s Office has the responsibility to control and to supervise the investigative procedures. Cybercrime related investigations are based on the Criminal Procedural Code, meaning no specific regulation was introduced in this respect. Prosecutors must show probable cause in case of search and seizure. There is currently only one prosecutor on staff who is especially focused on cybercrime issues.

Georgia uses a single central authority for mutual legal assistance requests irrespective of the stage of proceedings, namely, the International Cooperation Unit of the Department of Legal Affairs, Office of the Chief Prosecutor at the Ministry of Justice of Georgia. Although requests can be technically transmitted via 24/7 contact point or Interpol point, they must be addressed to the central authority.

The Prosecution Service Strategy and Action Plan 2017-2021 prescribes the following strategic actions prescribed in respect of cybercrime and public-private cooperation:

• Set up of new inter-agency cybercrime policy task force;
• Review the existing LEA-ISP MOU and introduction of amended one if need be;
• Participation in and/or initiating procedural and substantive law reforms on cybercrime and electronic evidence issues;
• Training of prosecution attorneys in cyber related matters (procedural powers, international cooperation, cooperation with service providers);
• Introduction of policy guidelines on the cooperation with Internet service providers.
• Issuance of Manual on the LEA direct cooperation with Multinational Service Providers – the first version of the manual was prepared in March 2017 and has been updated several times.

The Ministry of Justice has a main role in developing the legislative framework and also the organizational tasks within the government sector regarding codification and the legal reforms. The Ministry is also a forum to catalyse cooperation between the public and the private sectors; it also had a lead role in developing the Memorandum of Understanding between the law enforcement authorities and the Internet service providers in 2010.

The Data Exchange Agency was established in 2010 as an independent legal entity under the Ministry of Justice of Georgia. Its main aim is to coordinate e-governance and strategy, international projects and the cyber security strategy. It has coordinated and published the Cybersecurity Strategy of Georgia 2012-2015 as well as the current Cyber Security Strategy.

The Agency has established an incident management system which enables the coordination and exchange of information with critical infrastructure entities. For the critical infrastructure entities consultation and assistance has been provided in order to implement the ISO standards.

The CERT.GOV.GE team under the Data Exchange Agency is one of three dedicated CSIRTs in Georgia: the government CERT.GOV.GE, The Ministry of Defence Cyber Security Bureau and the academic CERT - GRENA. The government CERT was founded in 2011 and it is under the supervision of the Data Exchange Agency of the Ministry of Justice of Georgia. The Law on Information Security defined that the government CERT is responsible for the handling of incidents, providing alerts, raising awareness and educating (e.g. penetration testing). The protection of the Georgian critical infrastructure is a priority task for the CERT.GOV.GE.

The State Inspector’s Service is an independent state authority that, as a legal successor of the Office of the Personal Data Protection Inspector, operates in Georgia since 10 May, 2019.

The key directions of its activities are:

• Monitoring lawfulness of personal data processing;
• Monitoring covert investigative actions and activities performed within the central databank;
• Impartial and effective investigation of grave crimes committed by a representative of law-enforcement authorities, by an official or a person equal to an official against human rights and freedoms;
• investigation of malfeasance crimes committed with the use of violence or insulting personal dignity of a victim.

The Service has thus dual functions of acting as a Data Protection Authority of the country as well as investigative functions in relation to crimes committed by public officials. The service is thus committed to increase its investigative skills on cybercrime and electronic evidence in cooperation with the Council of Europe.

The Georgian National Communications Commission (GNCC) is an independent public administration body, which reports to the parliament on an annual basis. Its annual report is published on its website. With a staff of 120 people, its mandate is to regulate electronic communications and broadcasting sectors of Georgia.

GNCC engages directly with Internet service providers. The Commission has mandate in order to protect privacy of the users. This concept was also articulated in the negotiations at the Memorandum of Understanding signed by the ISPs and the law enforcement authorities. The Commission has a clear understanding that public awareness about cybercrimes is a key issue: educating the users on the threats are of utmost importance. The Commission has a clear legal obligation to cooperate with law enforcement authorities.

The GNCC expresses a clear interest in Georgia to run awareness campaigns on cybersecurity and against cybercrime, which could include a forum of the various relevant stakeholders (ISPs and authorities).