Back Slovenia

    Status regarding Budapest Convention

Status regarding Budapest Convention

Status : Party Declarations and reservations : See legal profile

Cybercrime policies/strategies

The Slovenian National Cyber Security Strategy was adopted in February 2016. The strategy is based on three main pillars: prevention, response, awareness.

The strategy consists in the specific strategic objectives and related measures:

  • Obj. 1 Strengthening and systemic regulation of the national cyber security assurance system;
  • Obj. 2 The safety of citizens in cyberspace;
  • Obj. 3 Cyber security in the economy;
  • Obj. 4 Providing the operation of critical infrastructure in the sector of ICT support;
  • Obj. 5 Cyber security assurance to ensure public security and combat cyber crime;
  • Obj. 6 Development of defence cyber capabilities;
  • Obj. 7 Ensuring safe operation and availability of ensuring conditions for the smooth operation of key ICT systems in the event of major natural and other disasters;
  • Obj. 8 Strengthening national cyber security through international co-operation

Objective 5, on the fight against cybercrime also foresees actions on: regular training on cyber security for law enforcement participating in the development of cyber capacities for public security and in combatting cybercrime as well as regular updating of the laws and procedures in line with the development of ICT.

In April 2017, Slovenia adopted the resolution on obligations and the organisation of the established national cyber security authority, applying thus the requirements imposed by the NIS Directive on measures to ensure high overall level of network and information security in European Union (NIS Directive 2016).  (Source:


Previously, in March 2010, the National Assembly of Republic of Slovenia adopted the Resolution on the National Security Strategy of the Republic of Slovenia. Based on this Resolution, the Republic of Slovenia created the national strategy for responding to cyber threats and the misuse of information technologies, and aimed to adopt necessary measures to ensure effective cyber defence which included, to the maximum possible extent, include the public and private sector. The Republic of Slovenia also took active steps to suppress crime related to the publication and dissemination of illegal content on the World Wide Web.

In October 2012, the National Assembly of Republic of Slovenia adopted the Resolution on National Plan on the Prevention and Combating of Crime for the Period 2012 – 2016 (available only in Slovenian language). Chapter 6.4. of this document contains the strategy for improving detection and investigation of cybercrime offences. Herein it is emphasised that also better cooperation between law enforcement authorities and other state bodies and NGOs as well as their education and training in the area of fighting cybercrime can have positive effects on the number of detected, investigated and adjudicated cybercrime offences. The resolution points out also the fact that there is no effective, safe and up-to-date system of informing and exchanging information on incidents or attacks on government and non-government information systems and important infrastructure. Consequently, the Resolution sets a strong emphasis on education and mutual cooperation, informing, coordination and exchange of knowledge and experiences between various institutions, and anticipates the establishment of a Government Centre for Informing on Incidents in Information Systems that will: 1) be competent for investigating incidents in information systems of public sector authorities, 2) provide timely information on detected threats, and 3) carry out also preventive and educational tasks in the area of fight against cybercrime. (Source:


Specialised institutions

In 2009, Computer Investigation Centre was established within the Criminal Police Directorate. In addition six police departments for computer investigation are operating on regional level withih all major police directorates in the country. Also National Investigating Bureau is employing computer forensic experts. As regards State Prosecution Office, there are no separate departments for prosecution of cybercrime, but some state prosecutors are specialized (or are specializing) for this area.

Main contact point for reporting network security incidents involving systems and networks located in Slovenia is SI-CERT, Slovenian Computer Emergency Response Team. It is operating in the scope of Academic and Research Network of Slovenia (ARNES).

In Slovenia, also Safer Internet Centre SAFE.SI is active. This national project is aimed at promoting and ensuring a better and safer internet and mobile phone use for children, teenagers, parents and teachers. It is co-financed by the European union. Part of it is hotline for reporting hate speech and child sexual abuse images on the internet, called Spletno oko (Online Eye).

Jurisprudence/case law

“The subject of protection afforded by Article 37 of the Constitution is communication regarding which an individual legitimately expects privacy. Obtaining information regarding the complainant's dynamic IP address does not interfere with his right to communication privacy determined by the first paragraph of Article 37 of the Constitution, taking into account all the circumstances of the case, as by his conduct the complainant himself waived his privacy and therefore could not have a legitimate expectation of privacy regarding his communications.

The identity of the communicating individual is one of the important aspects of communication privacy, therefore it is necessary to obtain a court order for its disclosure in accordance with the second paragraph of Article 37 of the Constitution. However, since the complainant himself waived the legitimate expectation of privacy, the information on the identity of the IP address user no longer enjoyed protection of privacy in terms of communication privacy, but only in terms of the data privacy determined by Article 38 of the Constitution. Therefore, by obtaining the data regarding the given name, surname, and address of the dynamic IP address user that was used by the complainant to communicate, the police did not interfere with his communication privacy and therefore a court order was not required for the disclosure of his identity.

If it is clear from the search order that it was issued with the intent to review the data stored on the computer and other data storage media, an additional court order is not required for the review of computer files."


" In on-line communication using the programme (such as e.g. E-mule) that enables practically unascertainable (unlimited) number of possible coincidental contacts we cannot speak about private communication. […]"


" When the defendant (with co-defendants) breaks in foreign bank accounts in on-line banking system and transfer the money to his bank account and latter took out the money from bank, he commits criminal offence of grand theft […]."


" Right to privacy cannot be of absolute nature, but is limited with (constitutional) protection of rights and benefits of other persons, in concrete case of the children. Sexual exploitation of children and child pornography severely violate child's human right to sustainable upbringing and development. Therefore established infringement of defendant's right to (communication) privacy that was consequence of the fact that telecommunications operator did not destroy the traffic data after the deadline for their legal retention expired, and was able to provide them to the police on the basis of court order, is in concrete case of smaller significance, compared with the goal that justified obtaining traffic data from the operator, i.e. detection of a person who committed a crime that is prosecuted ex officio, and is intended for fighting sexual abuse and exploitation of children and for protection of child's human rights."

Sources and links

Tools on Cybercrime & Electronic Evidence Empowering You!

These profiles do not necessarily reflect official positions of the States covered or of the Council of Europe. 


  Are you aware of the latest legislative or policy developments on cybercrime and electronic evidence?

  Share this information with us helping to keep this platform up to date.

Useful links