The Division for Combating High-Tech Crime, under the General Department on Combating Organized Crime at the Police of the Republic of Armenia is a centralized unit, which is responsible for handling cybercrime with country-wide competency. The police have 10 days to determine the facts and the legal basis for the investigation and then decides either to close the matter, sends the case to the local police where evidence or a perpetrator is located, or to transfer the matter to the Investigative Committee. Thus, the Division is the primary police unit handling cybercrime cases at the preliminary stage (before an official investigation is opened by the Investigative Committee) and providing support to local units.

There are 8 officers employed at the Division for Combating High-Tech Crime of Armenian police. There are no specialised local units; where necessary, additional resources of the Organized Crime Department are used (either at the local offices or at the headquarters). The Division is competent to investigate offences committed against computer systems such as hacking, attacks on critical infrastructure, illegal interception and data interference. The Division is also competent to deal with offences involving technology such as computer related fraud, Internet crimes, offences involving the abuse of children, intellectual property offences as well as racism and xenophobia.

Since the reform of the criminal procedure in 2011, 95% of the criminal cases in Armenia are investigated by the Investigative Committee of the Republic of Armenia, the remaining cases being handled by specialized units for tax and customs fraud, or investigations into public officials. The Committee has 6 investigators dedicated to cybercrime cases. The investigator files the criminal case with the prosecutor and leads the investigative procedure. The Committee does not dispose of a computer forensics laboratory but instead makes use of external expertise for the analysis of electronic evidence; where an expert evaluation is necessary, it is performed at specialised centres, in particular at the National Bureau of Expert Evaluation that is a state non-commercial centre of Armenia’s Academy of Sciences.

On 23 November 2015, the Investigative Committee signed a Memorandum of Understanding with Armenian Internet Service Providers (ISPs), among them ArmenTel, K-Telecom, UCom, and Orange Armenia, with the intention of reducing workload and saving human resources. The main goals of the Memorandum are to undertake effective joint measures for the transmission of court decisions and transcripts, and the development of mutual cooperation for introducing technical capabilities. Within this framework, parties agreed to communicate in a standardized manner (including cover letters and electronic signatures) and agreed to cooperate in solving issues as soon as possible in case of such procedures. Furthermore, the providers agreed to process electronic transmissions from the Investigative Committee within a short period of time and to execute expeditiously court decisions which are designated as “urgent”. A second objective of the Memorandum is to ensure that ISPs retain user traffic data for a set period of time, on a voluntary basis.

The Prosecutor General’s Office of Armenia has the responsibility to control and to supervise the investigative procedures. There are two specialized prosecutors at the Prosecutor General’s Office of Armenia who supervise investigations of cybercrime by all investigative entities in Armenia and support the criminal proceedings in case of corresponding investigations through the entire country.

In practical terms, if any investigative measure is applied unlawfully by the investigating entity, the prosecutor can impose disciplinary actions against the investigator; in terms of cyber-related investigations, no Internet service provider in the country has to date challenged the requests for information during an investigation.

The Prosecutor General’s Office plays an important role in ensuring international cooperation on cybercrime and electronic evidence. At the stage of pre-trial investigation, the competent authority for mutual legal assistance (MLA) is the Department for International Cooperation and Legal Support at the Prosecutor General’s Office. According to the authorities, a prerequisite for an MLA request at this stage is the Red Notice / Diffusion Notice (circulated by Interpol). Reciprocity is also a prerequisite, and written confirmation from the requesting state is necessary.

The Ministry of Justice of Armenia has the main role in developing the legislative framework in the country and shares organizational tasks within the government sector, regarding the codification and legal reforms. The Ministry is in charge of preparing new Codes related to substantive and criminal procedure and follows the process of this important reform, closely in cooperation with international actors, to ensure, among others, compliance with the Budapest Convention on Cybercrime.

The Ministry acts as a forum to generate informal cooperation between the public and the private sectors. Further, The Ministry of Economy and the Ministry of High-Tech Industry are active peers to the Ministry of Justice within the government.

The Ministry of Justice of Armenia also hosts the Data Protection Authority: the Agency for the Protection of Personal Data under the Ministry of Justice of the Republic of Armenia, since October 2015, when the Agency was established on the initiative of the Prime Minister. The Commissioner of the Authority is appointed for 5 years by the Ministry of Justice, pursuant to a list of candidates established by 5 non-governmental organisations. The decision to choose the Commissioner is made with the support of the Prime Minister. The Commissioner can only be relieved of their position on predefined exceptional grounds.

The Agency employs staff of 10 persons, including a technical expert for forensic investigations.

The Computer Security Incident Response Team of Armenia - CERT.AM – is a national information security centre, operating under the management of the Internet Society of Armenia and is therefore a non-governmental entity.

One of the main tasks of CERT.AM is managing the root of the .AM top-level domain system and supporting the government in case of requests. CERT.AM/ AM NREN CSIRT collects and analyses computer incident cases (i.e. attempts or facts of violation of local rules and policies, or rules globally accepted by Internet community, on using computer resources), as well as responses to them, concerning network resources located in Armenia. Its aim is preventing and stopping incidents, and collecting evidence related to incidents. CERT.AM regularly provides Internet Service Providers (ISPs) with information about problems on their networks, such as amplification attacks.

Despite its non-governmental status, the CERT.AM has been working in cooperation with the National Police of Armenia, in handling cybersecurity incidents and provides support in cybercrime cases. CERT AM/ AM NREN CSIRT further serves as a contact point for users who need an assistance in dealing with ISPs and Armenian official bodies in charge for investigating computer crime cases.