Information on Parties
Information for providers
on Parties to Budapest Convention
Partnership agreement with providers
There are no agreements of cooperation between the Government of Moldova and the Internet service providers operating in the country. At the same time, the Law on Preventing and Combating Cybercrime of 2009 creates general obligations for the service provider to cooperate with the law enforcement. Under Article 5 of the Law, “in the activities of prevention and combating of cybercrime, competent authorities, service providers, non-governmental organizations and other representatives of the civil society cooperate through exchange of information and experts, through joint activities of criminal cases research, of offenders’ identification and of personnel training, through the development of initiatives aimed to promote some programs, practices, measures, procedures and minimum security standards of computer systems, through information campaigns regarding the cybercrime and the risks to which the computer system users are exposed and through other activities related to this field.”
Powers to request information
In the sense of Article 18 of the Budapest Convention
Production order (Article 18 Budapest Convention) provisions are implemented under Article 7(d) of the Law on Prevention and Combating Cybercrime and are also applicable to service providers – this power is meant to be applied to any person/entity that is in possession or in control of certain computer data. The scope of this power covers only subscriber information, implementing only requirements of Article 18.1.b Budapest Convention.
Powers of search and seizure can be also used as an alternative to produce data.
The prosecutor is a competent authority for production orders under Article 7(d) of the Law on Prevention and Combating Cybercrime. The judge can also issue the order to the same effect.
Search and seizure is a procedure driven by a judicial order, unless being performed in exigent circumstances with subsequent authorization from the judge.
Basis in law
Under Article 7(d) of the Law on Prevention and Combating Cybercrime, service providers are obliged to submit to the competent authorities, on the basis of a request made under the law, the data about users, including the type of communication and the service the user benefited by, the method of payment for the service, as well as about any data that can lead to the identification of the user.
In terms of search and seizure of stored computer data under Article 19 Budapest Convention, the current legislation of Moldova (Articles 125 and 126 of the Code of Criminal Procedure) is tailored mostly to tangible objects to be searched and seized (instruments used for the commission of the crime, objects and valuables resulting from the crime and other objects and documents that may be of interest for the case); all three categories are interpreted broadly in practice to apply to a computer system. Search and seizure is a procedure driven by a judicial order, unless being performed in exigent circumstances with subsequent authorization from the judge.
If different for subscriber information
To obtain subscriber information, prosecutor’s order is sufficient.
If different for traffic data
To obtain traffic data, the court decision is required
In the sense of Articles 16 and 17 of the Budapest Convention
Expedited preservation of stored computer data (Article 16 Budapest Convention) is directly implemented by Article 7(c) of the Law on Prevention and Combating Cybercrime of Moldova, which creates obligations for service providers only. Expedited preservation and partial disclosure of traffic data under Article 17 Budapest Convention is also directly implemented by Article 7, par. 2 of the Law on Prevention and Combating Cybercrime of Moldova.
1. The Prosecutor General’s Office may order to any person or entity public or private to preserve any information in its possession relevant to the investigation in digital format, including traffic data.
2. Competent police authority is also entitled to order preservation of data.
Basis in law
Under Article 7(c) of the Law on Prevention and Combating Cybercrime, service providers are obliged to perform, confidentially, the competent authority’s request regarding the immediate preservation of computer data or of web traffic data, which are in danger of destruction or alteration, within 120 calendar days, under the provisions of national legislation. If the web traffic data are possessed by several service providers, then the requested service provider is obliged to submit to the competent authority the necessary information for the identification of the other service providers (p. 2).
If different for subscriber information
Although the web traffic data is mentioned separately, the preservation power applies to all categories of computer data.
If different for traffic data
Preservation power is the same; expedited disclosure is used in relation to traffic data only.
Definition of emergency situation
Article 1 of the Law of Moldova “About the modes of the emergency, disaster and war situation” defines the emergency situation as the following:
“Emergency state - set of measures of political, economic, social nature and on maintenance of public order, temporarily entered in some areas or in all territory of the country in the case:
a) inevitability of origin or emergence of emergency situations of natural, technogenic or social and biological nature that makes necessary the warning, reduction and liquidation of their consequences;
b) existence of threat for the homeland security or for the constitutional order that does necessary protection of the constitutional state, maintenance or recovery of legality.”
Obligation to cooperate
No specific obligation to cooperate in emergency situations.
No specific exceptions applicable.
Obligation of secrecy
According to Article 212 of the Criminal Procedure Code, entitled “Confidentiality of a Criminal Investigation”, criminal investigation materials shall not be disclosed unless the disclosure is authorized by the person conducting the criminal investigation and to the extent he/she considers it possible during which the presumption of innocence shall be observed and the interests of other persons and of the criminal investigation shall not be affected.
Non respect of the obligation of secrecy
Under Article 315 of the Criminal Code, disclosure of data from a criminal investigation contrary to the interdiction of the persons conducting criminal investigation shall be punished by a fine of up to 300 conventional units or by community service for 180 to 240 hours, while deliberate disclosure of data from a criminal investigation by the person conducting the criminal investigation or by the person exerting control over the criminal investigation, provided that such an action causes moral or material damage to a suspect, accused, witness, or injured party or to their representatives or that causes the guilty person to evade criminal liability, shall be punished by a fine in the amount of 500 to 1000 conventional units with the deprivation of the right to hold certain positions or to practice certain activities for up to 3 years.
No exceptions applicable.
Data protection agreements
European Union Member States/ Adequacy
Additional Protocol ETS 181 to Convention 108
Domestic legal framework on data protection
no information provided
Please refer to sections on production and preservation powers for instances where judicial authorisation is necessary.
There powers apply in the context of criminal proceedings; therefore an open criminal investigation is a pre-requisite.
No limitation to the use of these powers in terms of seriousness of offences.
In accordance with national law, proportionality, legality and reasonableness of special investigative measures, which are authorized to provide obtaining of computer data is subject of judicial control, regulated in Chapter VIII of the Code of Criminal Procedure.
These profiles do not necessarily reflect official positions of the States covered or of the Council of Europe.