Status regarding Budapest ConventionStatus : Party See legal profile
Georgia introduced an updated Strategy and Action Plan on Organized Crime 2017-2020, both of which contain separate sections dedicated to cybercrime. The issues therein go beyond organized crime matters and address cybercrime threats and planned responses in general. Sections 20 to 30 of the Organized Crime Action Plan refer to increasing public awareness, development of substantive and procedural law, increasing capacities of state agencies combating cybercrime, public-private partnerships and international cooperation as major areas of activity planned in the short term until 2020.
State of cybercrime legislation
In terms of substantive law, Criminal Code of Georgia contains elements of all substantive law offences provided by the Budapest Convention.
The Criminal Procedure Code generally implements procedural powers in compliance with the Budapest Convention, with alternative provisions being used for preservation. Georgia is also one of the few countries of the region having adopted a provision on international production orders as part of the criminal procedure legislation.
Criminal Code of Georgia implements offences contained in the BCC as follows: Art. 284 Access to a computer system without right; Art. 158 Disclosure of Secret of Private conversation; Art. 286 Computer data and/ or computer system interference (as per amendment of 24.09.2018); Article 285. Misuse of computer data and/or computer system (24.09.2010) – incompletely implements Art. 6 BCC.
Article 362. Production, Sale or Use of Forged Document, Seal, Stamp or Blank and Article 180. Fraud of the Criminal Code of Georgia implements Art. 7-8 BCC;
Article 255. Illicit production or sale of pornographic material or other object provides for general implementation of child pornography offences but several definitions lacking (corresponding Art. 9 BCC);
Article 189. Infringement of the Right of Copyright-holder, Neighbouring Right-holder and Database Author contains General provisions for IPR offences (corresponding Art. 10 BCC);
Article 18. Preparation of Crime, Article 23. Complicity, Article 24. Types of Complicity, Article 25. Liability of Perpetrator and Accomplice introduce concepts of attempt, aiding and abetting implemented (corresponding to Art. 11 BCC);
Article 1071. Basis for Criminal Liability of Legal Entities, Article 1072. Cases of the responsibility of legal person and Article 1073. Types of Sentences implement corporate liability implemented applicable also to cybercrime offences (corresponding to Art. 12 BCC).
The notion of electronic evidence for the purposes of criminal proceedings is recognized in the Code of Criminal Procedure as one of the valid forms of evidence (information in electronic format). Definitions of subscriber information and traffic data are implemented in the Georgian CPC, while content data is interpreted to include the content of communications.
Georgia did not implement Article 16 Budapest Convention on expedited preservation of stored computer data as a standalone measure. The production order provisions of Article 136 of the Criminal Procedure Code can be used due to their broad interpretation in practice; alternatively, search and seizure in exigent circumstances can be used to address this issue in a similar manner.
There is also no direct implementation of the power of expedited preservation and partial disclosure of traffic data (Article 17 Budapest Convention). Similar to Article 16 implementation, due to broad interpretation of production order under Article 136 of the Georgian CPC, it can be used as an alternative.
In general, subject-matter of Article 136 of the Georgian CPC is the production order, which is an issue primarily relevant in the context of Article 18 Budapest Convention. The terms of this provision are of open nature and can cover requests directed to any person (ISP, individual or organization).
Article 1381 of the Georgian CPC governs international production orders which essentially implements Arts. 18.1 (b) and 32 (b) BCC.
Georgian legislation does not implement search and seizure of stored computer data under Article 19 Budapest Convention as a specific measure applicable for computer-related search and seizure; instead, traditional measures of search and seizure are applicable also to computer system and data.
General rules establishing grounds for search and seizure are contained in article 119 of the Code of Criminal Procedure, which is a procedure driven by a judicial order, unless being performed in exigent circumstances with subsequent authorization from the judge.
Georgia has not implemented special provisions in the context of search and seizure provided by Article 19 (search of a connected system; making and retaining a copy of those computer data; maintaining the integrity of the relevant stored computer data; rendering inaccessible or removing those computer data in the accessed computer system) in its procedural legislation
Article 20 Budapest Convention providing for real-time collection of traffic data is directly implemented in Georgian legislation by Article 137 of the Criminal Procedure Code.
The interception of content data (Article 21 Budapest Convention) is also directly implemented in Georgian legislation by Article 138 of the Criminal Procedure Code.
Georgia has initiated a reform of its procedural legislation to address the issues of data preservation and production orders in line with the Budapest Convention.
In terms of horizontally applicable conditions and safeguards (Article 15 Budapest Convention), most of the elements limiting and controlling the application of more intrusive measures, such as search and seizure, real-time collection of traffic data and content interception, are present – such as existence of criminal investigation, judicial order, time limitations and other conditions.
Related laws and regulations
Since 2010, a Memorandum of cooperation between Internet Service Providers and Law Enforcement Agencies (hereinafter “ISP”) is in force. Ten largest ISPs representing the majority of the Internet industry and the representatives of government agencies, such as Prosecution Service and the Ministry of the Interior, signed the memorandum in January 2010. The Memorandum defines the principles of cooperation between ISPs and law enforcement agencies in the process of investigation of cybercrime and specifies the rights as well as responsibilities of the parties to the memorandum.
Law on Information Security comprises provisions on critical information systems, provides a framework to ensure cyber security and establishes the Cyber Security Bureau.
The separation of investigative jurisdiction in Georgia is regulated under Decree 3/2019 of the Prosecutor General of Georgia. The document underlines that the investigative jurisdiction in general is vested in the investigative agencies of the Ministry of Internal Affairs, with some exceptions specifically listed in the Decree (such as crimes investigated by Investigative Division of the Ministry of Finance of Georgia).
Cyber Crime Division of the Central Criminal Police Department at the Ministry of Internal Affairs of Georgia was established by the decree of the Minister of the Interior in December 2012. The Division is competent to investigate cybercrime offences in narrow sense, in particular crimes provided for in Chapter 15 (Cybercrime) of the Criminal Code of Georgia; however, the Division also provides advice, guidance and technical assistance to other police units across Georgia in investigation of cybercrime and handling of electronic evidence. The forensics team of the Ministry of the Interior handles the forensic examination duties.
In 2020 Tbilisi Regional Police Department established the cybercrime division which is a clone of the one in Central Criminal Police Department while the other regional police departments are currently working towards specialization.
Following legislative reform in 2014, the State Security Agency has been established separate from the Ministry of the Interior. The Agency inherited the team of former Operative-Technical Department of the Ministry of the Interior, which now acts as a cybercrime investigation team of within the Agency.
Cyber Security Bureau of the Ministry of Defence.
Data Exchange Agency of the Ministry of Justice is responsible, inter alia, for: setting ICT standards for public sector entities and elaborating information security policies; e-governance; Data exchange infrastructure.
CERT.GOV.GE set under the Ministry of Justice is responsible for handling critical incidents that occur within Georgian Governmental Networks and critical infrastructure. It specializes in identifying, registering and analyzing critical computer incidents, issues recommendations and conducts prompt responses to such occurrences.
Competent authorities and channels
24/7 points of contact and police cooperation
The 24/7 National Contact Point is operating at the Cyber Crime Division of the Central Criminal Police Department at the Ministry of Internal Affairs of Georgia.
Given the nature of preservation requests they are all treated as urgent.
Further contact details of the 24/7 National Contact Point can be requested here [refers to email address of the manager of the Network]
Mutual legal assistance authorities
Georgia uses a single central authority for MLA requests irrespective of the stage of proceedings, namely, the International Cooperation Unit of the Department of Legal Affairs, Office of the Prosecutor General. Although requests can be technically transmitted via 24/7 contact point or Interpol point, they must be addressed to the central authority.
A preliminary consultation is not an obligation but highly recommended as specific restrictions apply to access to electronic data. Hence, prior consultation may prevent waste of costs for requests that have no prospect. Consultation can be provided via designated e-mail. The 24/7 point of contact provides similar consultations at the designated email address but keeping the Prosecutor’s Office in copy is advisable. The Georgian Central Authority may also review draft request if asked to do so.
Details of competent authorities for extradition, provisional arrest and mutual legal assistance can be found here [separate document linked].
Given the nature of preservation requests, they are all treated urgently.
As to mutual legal assistance requests, urgent requests may be processed as soon as within hours but may normally require a week. Criteria of urgency in respect of requests for traffic data would be volatility of data or immediate risk to life or physical integrity of persons. Justification for urgency must be provided by the requesting state.
If request is not urgent but prioritized otherwise, it may be processed within 1 month. Criteria for prioritization are: urgency (procedural time limits to expire soon, volatility of data) and seriousness of crimes.
These profiles do not necessarily reflect official positions of the States covered or of the Council of Europe.
Are you aware of the latest legislative or policy developments on cybercrime and electronic evidence?
Share this information with us helping to keep this platform up to date.
- Cybercrime website
- Template: Mutual Legal Assistance Request for subscriber information (Art. 31 Budapest Convention). English and bilingual versions available.
- Template: Data Preservation Request (Articles 29 and 30 Budapest Convention). English and bilingual versions available.