Status regarding Budapest ConventionStatus : Party Signed : 23/11/2001 Ratified / acceded : 20/06/2002 Declarations and reservations : declarations regarding Article 24, paragraph 7, Article 27, paragraph 2; no reservations See legal profile
The National Cyber Security Strategy (2020 – 2025) seeks to build upon improvements made in the previous National Cyber Security Strategy (2014-2019) and continue progress in the national cyber-protection, making improvements in the legal frameworks for cyber security and cybercrime whilst continually developing the capabilities of its citizens in information technology.
This strategy stipulates four specific goals in the field of high-tech crime, namely:
1. Ensuring cyber security at the national level, through the protection of information infrastructures, strengthening technological and legal means.
2. Building a secure cyber environment, educating and raising public awareness on professional capacity building in the field of information security.
3. Creating the necessary mechanisms for the safety of children in cyberspace, while preparing the new generation capable of taking advantage of information technology and meeting the challenges of development.
4. Increase of national and international cooperation in the field of cyber security with strategic partners.
The Strategy for investigation of cybercrime (2021-2025) seeks to implement many of the policy goals identified in the cyber security strategy. In order to increase the quality of the investigation of cybercrime and crimes related to electronic evidence in the country, the cybercrime investigation structures in the State Police must meet the following goals:
- Guaranteeing the investigation of cybercrime and crimes related to electronic evidence at the national level, through the extension of the investigation structure throughout the country, strengthening the technological and legal means.
- Prompt and efficient response to cybercrime, raising public awareness, taking legislative initiatives and building professional capacity.
- Rapid and professional response to the prevention, prosecution and investigation of cybercrime against children in cyberspace.
- Increase of national and international cooperation in the field of cybercrime investigation with strategic partners.
State of cybercrime legislation
- Law No. 7895 from 27.01.1995, Criminal Code of Albania, as amended (by Law No. 36/2017 and 89/2017)
- Law No. 7905 from 21.03.1995, Criminal Procedure Code of Albania, as amended (by Law No. 35/2017)
- Law No. 9918 from 19.05.2008, “On electronic communications”, as amended
- Law No. 9887 from 10.03.2008, “On protection of personal data”, as amended
- Law No. 9880 from 25.02.2008, “On electronic signatures”, as amended
Criminal Code enlists the following offences:
Article 74/a Computer-related distribution of pro-genocide or crimes against humanity materials (Added up by law no 10 023, dated 27/11/2008, Article 11)
Article 84/a Threat under motives of racism and xenophobia through computer-based system (Added up law no 10 023, dated 27/11/2008, Article 12)
Article 117 /2 Pornography (Paragraph II is added by law no. 9859, dated 21.01.2008, article 1; Amended by law no.144, dated 02.05.2013, article 29)
Article 119/a Distribution of racist or xenophobic materials through computer-based system (Added by law no. 10 023, dated 27.11.2008, article 13)
Article 119/b Insult under motives of racism and xenophobia through computer-based system (Added by law no. 10 023, dated 27.11.2008, article 13)
Article 137/a Theft of electronic communication network (Added by law no.144, dated 02.05.2013, article 34)
Article 143/b Computer-related fraud (Added by law no. 10 023, dated 27.11.2008, article 15;
The part that provides fine as main punishment in addition to imprisonment is abrogated by law no.144, dated 02.05.2013, article 48)
Article 186/a Computer falsification (Added up by Law 10 023, date 27.11.2008, Article 18)
Article 192/b Unauthorized computer interference (Added up by Law no. 8733, dated 24.01.2001, Article 53; amended by Law no. 10 023, dated 27.11.2008, Article 19)
Article 293/a Unlawful wiring of computer data (Added by Law no. 10023, dated 27.11.2008, article 23)
Article 287 Laundering the Proceeds of Criminal Offence or Criminal Activity
Article 293/b Interference with computer-related data (Added by Law no. 10023, dated 27.11.2008, article 23; Added by the law no. 36/2017)
Article 293/c Interference in computer systems (Added by Law no. 10023, dated 27.11.2008, article 23; Added by the law no. 36/2017)
Article 293/ç Misuse of equipment (Added by Law no. 10023, dated 27.11.2008, article 23)
Article 299/a of the Criminal Procedure Code (CPC) - expedited preservation and maintenance of computer data (Added by law no. 10054 of 29.12.2008, article 4)
Article 101 of the Law no. 9918 from 19.05.2008 “On electronic communication” - preservation and administration of data for the purpose of criminal prosecution
Article 299/b of CPC - expedited preservation and partial disclosure of computer data (Added by law no. 10054 of 29.12.2008, article 4)
Article 191/a of CPC - obligation to produce computer data (Added by Law No. 10054 of 29.12.2008, article 2)
Article 208/a of the CPC - Sequestration of computer data (Added by Law No. 10054 of 29.12.2008, article 3; Amended by Law No. 35/2017 of 30.03.2017, article 112)
Articles 221-223 of the CPC - interception of communications (including provisions on the limits, authorisation and procedure) (Amended by Law No. 9187 of 12.02.2004, article 2, article 3, article 4 and article 5; Amended by Law No. 35/2017 of 30.03.2017, article 117, article 118, article 119, article 120)
Article 15 (1) of the Law no. 9918 from 19.05.2008 “On electronic communication” states that in the general authorisation the Authority of Electronic and Postal Communications (AKEP) may include conditions related to: “f) permission for interception by competent authorities defined in the legislation in force on interception of telecommunications and implementation of other liabilities arising out of this legislation”.
The Constitution of Albania proclaims that fundamental human rights and freedoms are indivisible, inalienable, and inviolable and stand at the base of the entire juridical order. It also requires that the organs of public power, in fulfillment of their duties, shall respect the fundamental rights and freedoms, as well as contribute to their realization. In addition, Article 17 of the Constitution specifies that any limitation to the rights and freedoms must be established by law, in the in the public interest or for the protection of the rights of others and should be proportionate. Limitations should not infringe the essence of the rights and freedoms and may not exceed the limitations provided for in the European Convention on Human Rights.
The Constitution guarantees among others:
Article 22 – Freedom of expression
Article 23 - Right to information
Article 36 - Freedom and secrecy of correspondence or any other means of communication
Article 37 - Inviolability of the residence.
Additional safeguards are provided by the CPC, Law on Data Protection, Law On Protection of Children Rights. The Code of conduct for safe use and responsive networks and electronic communications services in Albania was signed between Albanian Operators on 07.02.2013.
As a rule, national legislation provides for the requirement of judicial oversight, namely requiring judge’s authorisation for certain procedural measures if fundamental rights are in danger (for example in cases of interception of communications or for obtaining traffic data).
Related laws and regulations
- Law no. 9918 from 19.05.2008, “On electronic communications” amended by law no. 102/2012 in accordance with the last developments on EU’s acquis
- Law No. 9917 from 19.5.2008, “On the prevention of money laundering and Financing of terrorism”, amended by Law No.10391, dated 3.3.2011; No. 66/2012; No. 44/2017 and No. 33/2019, dated 17.6.2019.
- Law no. 9880 from 25.2.2008, “On electronic signature”
- Law no. 10273 from 29.4.2010, “On electronic document”
- Law no. 10128 from 11.5.2009, “On electronic shopping”, amended by the law no. 135/2013
- Law No. 9887 from 10.03.2008, “On protection of personal data”, as amended
- amended by the law no nr.48/2012 and law no. 120/2014
- Law no.10325 from 23.9.2010, “On State Data Base”
- Law no. 9380 from 28.4.2005, “On Property Right and other relevant rights”
- Law no. 119/2014 from 18.09.2014, “On the information right”
- Law No. 10192, from 3.12.2009 – (Anti-Mafia Law), as amended by Law No. 24/2014 and 70/2017
- Law No. 9643, from 20.11.2006, “On public procurements”, that makes possible the possibility of electronic procurement (article 36 and article 37)
- Nr. 9723 law, from 3.05.2007 “On the National Center of Registration”
- Albanian State Police, Cybercrime Unit
- Bank of Albania (BSH)
- Department of Classified Information Security (DSIK)
- Electronic and Postal Communication Authority (AKEP)
- National Authority for Electronic Certification and Cyber Security (AKCESK)
- General Prosecutor Office, Cybercrime Unit
- Information Society National Agency (AKSHI)
- Infosec Security and Defense Intelligent Agency, Infosec & Cyber Defense
- Ministry of Defense, Department of Digitalization and Innovation
- National Cyber Security Agency (ALCIRT)
- The Information and Data Protection Commissioner
Practical guides, templates and best practices
These profiles do not necessarily reflect official positions of the States covered or of the Council of Europe.