Status regarding Budapest ConventionStatus : Party Declarations and reservations : Reservations regarding Art. 4, 29, 42. Declarations regarding Art. 2, 40. See legal profile
The cyber security document for Slovakia covers the period 2015-2020: Cyber Security Concept of the Slovak Republic. Its strategic goal is to achieve an open, secure, and protected national cyber space, i.e. building trust in the reliability and security of critical information and communication infrastructure, as well as building of certainty that this will perform its functions and serve national interests also in cases of cyber attacks. It addresses thus primarily cyber security aspects. (Source: https://www.cyberwiser.eu/slovakia-sk)
State of cybercrime legislation
The Criminal Code of Slovakia provides substantive law framework for majority of offences provided by the Budapest Convention, with exception of direct implementation of offences related to misuse of devices.
Similarly, the Criminal Procedure Code implements majority of specific procedural powers required by the Budapest Convention, except for real-time collection of traffic data and interception of content.
Slovakia applies thus general legal regime to the issue of cybercrime. Cybercrime substantive and procedural related provisions may be found in the Act no. 300/2005 Coll. (Criminal Code, as amended), Act 301/2005 Coll. (Code of Criminal Procedure, as amended). An act on cybersecurity is currently being drafted.
Criminal Code includes the following crimes: Illegal access to computer systems (Section 247), Illegal interception of computer data (Section 247c), Illegal interference to computer data (Section 247 b), Illegal interference to computer systems (Section 247a), Production and possession of access device, password to a computer system or other data (Section 247 d), Damaging and abusing information stored on data carrier (Section 247), Unjust enrichment (Section 226), Production of child pornography (Section 368), Dissemination of child pornography (Section 369), Possession of child pornography and participation in child pornography performance (Section 370), Further, sections 201a and 201b provide for the merits of the criminal offence “Sexual abuse” implementing the Council of Europe Convention on the Protection of Children against Sexual Exploitation and Sexual Abuse (the Lanzarote Convention), Infringement of copyright (Section 283).
The main framework can be found in the Code of Criminal Procedure:
- Duty to surrender a thing (Section 89);
- Safeguarding and surrendering computer data (Section 90);
- Withdrawal of a thing (Section 91);
- Interception and Recording of Telecommunications (Section 115);
- Communication of telecommunication operations’ data (Section 116).
General rules and safeguards apply (e.g. Section 362 of Code of Criminal Procedure – review of proceeding concerning e.g. interception of telecommunication operations and recording of interception communication, etc.) Slovakia is also party to international treaties such as European Convention on Human Rights which provide for restrictions and limitations in investigation procedure.
Related laws and regulations
Except above mentioned acts and codes, there are other important laws include:
- Act No. 171/1993 Coll. on Police Force;
- Act No. 351/2011 Coll. on Electronic communications;
- Act No. 96/2016 Coll. on Criminal Liability of Legal Persons and on amendments to certain other acts;
- Act No. 122/2013 Coll. on the Protection of Personal Data;
- Act No. 215/2004 Coll. on Protection of Classified Information.
- Cybercrime Division of Presidium of Police Force – specialised unit with focus on fight against cybercrime
- Interpol – 24/7 Contact Point for the purposes of Art. 35 Budapest Convention, competent to send/receive requests.
- Multidisciplinary integrated group of experts for cybercrime – multidisciplinary group which discusses legislative and practical issues related to cybercrime
- A prosecutor of International unit of the General Prosecutor’s Office is member of European judicial cybercrime network within EUROJUST
- Regulatory Authority for Electronic Communications and Postal Services - the national regulatory authority and pricing authority in the sector of electronic communications and postal service
Competent authorities and channels
- Ministry of Justice of the Slovak Republic: Ministry of Justice of the Slovak Republic is designated as the authority responsible for making and receiving requests for extradition. Central authority for MLA requests in accordance with Art. 27 of Budapest Convention.
- General Prosecutor’s Office of the Slovak Republic: Central authority for MLA requests in accordance with Art. 27 of Budapest Convention.
- INTERPOL - 24/7 point of contact established pursuant to Art. 35 of Budapest Convention
Practical guides, templates and best practices
Slovakia has signed most of the treaties and conventions on judicial international cooperation within the European Union, the Council of Europe and United Nations. We have also concluded numerous bilateral treaties. Cooperation may be provided also on the basis of reciprocity.
The Constitutional Court of the Slovak Republic proclaimed the mass surveillance of citizens as unconstitutional. More specifically, on 23 April 2014, the Slovak Constitutional Court preliminary suspended effectiveness of the Slovak implementation of Data Retention Directive, which was repealed as invalid by the Court of Justice of the European Union
On 29 April 2015, The Grand Chamber of the Constitutional Court (PL. ÚS 10/2014) proclaimed provisions § 58(5) to (7) and § 63(6) of the Electronic Communications Act (Act No. 351/2011 Coll.), which until now required mobile network providers to track the communication of their users, as well as provisions of § 116 of the Criminal Code (Act No. 301/2005 Coll.) and § 76(3) of the Police Force Act (Act No. 171/1993 Coll.), which allowed access to this data, to be in contradiction to the constitutionally guaranteed rights of citizens to privacy and personal data. As a consequence, these provisions lost their binding effect.
According to now invalid provisions of the Electronic Communications Act, the providers of electronic communications were obliged to store traffic data, localization data and data about the communicating parties for a period of 6 months (in the case Internet, email or Voice over Internet Protocol communication) or for a period of 12 months (in case of other communication).
Hence, data about who, for how long, when, how and from where the communication was made, has been stored. Data about unsuccessful calls was also stored to the same extent.
The Constitutional Court concluded that contested law requiring general data retention for the purposes of their disclosure to competent public authorities continued to pursue legitimate general interest objective of fighting serious crime and public security.
This fact, of itself, is according to the Constitutional Court, not sufficient to pronounce accordance with constitutional law of Slovak Republic. Analysis of data retention and possibility of their combination and connection with other data permitted to uncover substantial part of privacy of individuals in question. Such reality together with lasting, systematic and global character of data collection was in the awareness of persons concerned able to cause an impression that their private life was subjected to permanent surveillance.
After the decision of the Constitutional Court, the Slovak Republic has amended provisions of respective Acts that were declared invalid to that extent that the global character of data retention was revoked (for all types of data: location data, traffic data, content of conveyed messages).
Sources and links
- GENVAL - Evaluation report on the seventh round of mutual evaluations "The practical implementation and operation of European policies on prevention and combating Cybercrime" - Report on Slovakia
- Other GENVAL 7th round evaluation reports
- Ministry of Justice of the Slovak Republic
- Ministry of Interior of the Slovak Republic
- General Prosecutor’s Office of the Slovak Republic
- Regulatory Authority for Electronic Communications and Postal Services
These profiles do not necessarily reflect official positions of the States covered or of the Council of Europe.
Are you aware of the latest legislative or policy developments on cybercrime and electronic evidence?
Share this information with us helping to keep this platform up to date.
- Cybercrime website
- Template: Mutual Legal Assistance Request for subscriber information (Art. 31 Budapest Convention). English and bilingual versions available.
- Template: Data Preservation Request (Articles 29 and 30 Budapest Convention). English and bilingual versions available.