Cybercrime policies/strategies
In 2015 the Government of Croatia adopted the National Cyber Security Strategy and the Action plan for the implementation of the Strategy (Official Gazette No. 108/2015).
For the purpose of reviewing and improving the implementation of the Strategy and Action plan for its implementation, the Government of the Republic of Croatia established the National Cyber Security Council (Interdepartmental panel composed of the authorized representatives of the competent bodies with national or sectorial policy and coordination responsibilities), which, among other things:
- Systematically monitors and coordinates the implementation of the Strategy and discusses all issues relevant to cyber security,
- Proposes measures to improve the implementation of the Strategy and Action plan for the implementation of the Strategy,
- Proposes the organization of national exercises in the area of cyber security,
- Issues recommendations, opinions, reports and guidelines related to the implementation of the Strategy and Action plan,
- Proposes amendments to the Strategy and Action plan or proposes the adoption of a new Strategy and action plans, in accordance with the new requirements.
To ensure the support for the work of the National Council, the Government of the Republic of Croatia established the Operational and Technical Cyber Security Coordination Group (Interdepartmental panel composed of the authorized representatives of the competent bodies with operational and technical responsibilities), which:
Monitors the state of security in national cyberspace for the purpose of detecting threats that
- may result in cyber crisis,
- Issues reports on the state of cyber security,
- Proposes cyber crisis action plans,
- Performs other duties according to the issued programmes and activity plans.
The National Cyber Security Strategy of the Republic of Croatia - The National Cyber Security Strategy and Action plan for the implementation of the Strategy (Summary)
Cybercrime legislation
State of cybercrime legislation
Following entry into force of new Criminal and Criminal Procedure Codes in 2013, both substantive and procedural criminal law framework of Croatia are fully in line with the Convention requirements.
Provisions related to cybercrime and electronic evidence can be found in the following acts:
- Criminal Code (OG 125/11, 144/12, 56/15, 61/15, 101/17, 118/18, 126/19)
- Telecommunications Act (OG 73/08, 90/11, 133/12, 80/13, 71/14)
- Act on the responsibility of the legal persons for the criminal offences (OG 151/2003, 110/7, 45/11, 143/12)
- Criminal Procedure Act (OG 152/08, 76/09, 80/11, 121/11, 91/12, 143/12, 56/13, 145/13, 152/14, 70/17, 126/19)
Substantive law
The Criminal Code criminalises the following offences:
- Article 266 - Unauthorised Access
- Article 267 - Computer System Interference
- Article 268 - Damage to Computer Data
- Article 269 - Unauthorised Interception of Computer Data
- Article 270 - Computer Forgery
- Article 271 Computer Fraud
- Article 272 - Misuse of Devices
- Article 273 - Serious Criminal Offences Against Computer Systems, Programmes and Data
- Article 163 - Exploitation of Children for Pornography
- Article 164 - Exploitation of Children for Pornographic Performance
- Article166 - Serious Criminal Offence of Child Sexual Abuse and Exploitation
- Article 284 - Infringement of the Personal Rights of an Author or Artist Performer
- Article 285 Unauthorised Use of a Copyright Work or Performance by an Artist Performer
- Article 286 - Infringement of Other Rights Related to Copyright
Procedural law
Specific procedural powers related to cybercrime and electronic evidence can be found he in the Criminal Procedure Criminal Procedure Act Act (OG 152/08, 76/09, 80/11, 121/11, 91/12, 143/12, 56/13, 145/13, 152/14) and in the Decree on obligations from the area of national security of the Republic of Croatia for legal and physical persons in telecommunications (OG 64/08, 76/13)
Safeguards
General rules and safeguards can be found in the Criminal Procedure Act, Articles 1 to10.
Related laws and regulations
Specific legislation and regulation related to cybersecurity and cybercrime has been enacted through the following instruments:
- Law on Information Security 2007.
- Law on Protection of Personal Data 2003.
- Law on Ratification of conventions on cybercrime 2002.
- Law on Electronic Document.
- Law on the Security and Intelligence System 2006.
- Ordinance on the manner and deadlines for the implementation of measures for protection safety and integrity of networks and services 2012.
- Regulation on Information Security Measures 2008.
- Act on Critical Infrastructures N. 56/113
Specialised institutions
The Information Systems Security Bureau (ZSIS) (in Croatian and in English) is the national competent authority for network and information security for Croatia;
Croatia has two established computer emergency response teams (CERTs). CARNet, the National CERT (in Croatian and in Englis).
ZSIS CERT, (in English) established in 2009 is responsible for coordinating security and incident response measures for parties that use a Croatian IP address or .hr domain.
The Information Systems Security Bureau’s ZSIS CSI (in English) has jurisdiction over Croatian government institutions.
(Source: https://www.cyberwiser.eu/croatia-hr)
International cooperation
Competent authorities and channels
- For Extradition and MLA
the Ministry of Justice
Ulica grada Vukovara 49
10 000 Zagreb. - For 24/7 Contact point
Ministry of Interior
General Police Directorate, Crime Intelligence Sector, Cyber Security Department
Practical guides, templates and best practices
Jurisprudence/case law
Sources and links
- The National Cyber Security Strategy of the Republic of Croatia
- The National Cyber Security Strategy and Action plan for the implementation of the Strategy (Summary)
- GENVAL - Evaluation report on the seventh round of mutual evaluations "The practical implementation and operation of European policies on prevention and combating Cybercrime" - Report on Croatia
- Other GENVAL 7th round evaluation reports
These profiles do not necessarily reflect official positions of the States covered or of the Council of Europe.
Are you aware of the latest legislative or policy developments on cybercrime and electronic evidence?
Share this information with us helping to keep this platform up to date.
- Cybercrime website
- Template: Mutual Legal Assistance Request for subscriber information (Art. 31 Budapest Convention). English and bilingual versions available.
- Template: Data Preservation Request (Articles 29 and 30 Budapest Convention). English and bilingual versions available.