The current standard of criminal procedural law of Georgia, along with the danger of illegally copying information obtained from electronic means of communication, envisages collecting such information in the hands of a professionally interested body, which is naturally a big challenge for criminal procedural law. The reason for this is the important fact that the information obtained by the investigation in this way is used as electronic evidence during the substantive consideration of the case in court.

Accordingly, the case concerns information that the court must rely on in making a decision “beyond a reasonable doubt standard”. Thus, when deciding the fate of the accused, it is especially important that there are no doubts regarding the legality, truthfulness and inviolability of such evidence. The above-mentioned is particularly noteworthy in the circumstances when the above-mentioned approach, according to European human rights jurisprudence, is incompatible with the right to respect for private life protected by Article 8 of the European Convention.

Keywords: evidence, limitation, copying, storage

Introduction

Relevance of the topic. The Criminal Procedure Legislation of Georgia refers to the use of the existing norms for the purpose of obtaining electronic records, their storage and, accordingly, the legality of attaching them to the case for the implementation of secret investigative actions, which, as explained by the Constitutional Court, carries the threat of interfering with human rights and freedoms with increased intensity. In addition, the appeal to the Constitutional Court regarding compliance with the issue of copying and storage of identifying data of electronic communication obtained as a result of secret investigative activities with the Constitution of Georgia has not been stopped. There is a difference of opinion regarding the aforementioned among the judges of the Constitutional Court, some of whom consider the norms regulating the above-mentioned issue to be “overriding norms” of the norms known as unconstitutional by the decision of the Constitutional Court of Georgia dated April 14, 2016, N1/1/625,640.

In addition, the new edition of the Law of Georgia, “On Personal Data Protection,” is particularly relevant in this regard, as it defines the standards in the field of personal data protection and the control of conducting secret investigative activities. It is interesting to see whether recent legislative changes are in line with the current international approach to copying and storing personally identifiable communications data. Thus, in relation to the aforementioned data copying and storage in the criminal justice process, the need for an in-depth study of the issue is particularly apparent for protecting human rights and freedoms.

Research subject. The subject of the study is the challenges related to the storage and copying of identifying communication data obtained through the implementation of undercover investigative activities in the criminal process, which are used as electronic evidence in the substantive consideration of the case in court.

The purpose and objectives of the research. The purpose of the research is to outline and analyze the separate legal problems in the storage and copying of identifying data of electronic communication in the criminal justice process. The set task will be achieved both by presenting the issue in terms of historical precedents and constitutional-legal perspective, as well as by using the norms and practices of European human rights law.

Research novelty. The novelty of scientific research is expressed in the fact that the article defines “electronic evidence” as the final result of obtaining communication identifying data, as well as its nature and differences. Year from “traditional” types of evidence. Also, the content of the legislative changes implemented after the decision of the Constitutional Court of Georgia on April 14, 2016, N1/1/625,640 will be discussed, to what extent it is of “substantial” importance and whether it still creates a threat of interfering with the right to respect for private life.

Research stages. At the beginning of this article, the essence of electronic evidence is presented, and the purpose of obtaining identifiable communication data is defined. The main part is also devoted to sub-chapters, which refer to the existing legal threats related to the storage of information transmitted through electronic communication created under the current legislation. In particular, the issue of gathering and illegal copying of obtained information in the hands of a professionally interested body (creating the so-called “alternative bank”) in relation to the right to respect for private life is discussed. The conclusion presents the author’s point of view and summary to solve the problems discussed in the article.

1. Nature and Relationship of Electronic Evidence and Electronic Communication Identifiable Data

The global technological progress made in the XXI century brought great change in all spheres of public life. As communication has become easier, every person, state or private institution has faced so many challenges in terms of information protection. The mentioned progress also affected the criminal procedural legislation, especially from the point of view of the development of evidence.[1] The rate of use of the computer system in the process of committing a crime has increased significantly. Accordingly, electronic, i.e., the year The issue of using “digital” evidence in criminal proceedings, which has become a new type of evidence.[2]

Electronic evidence[3] is any data stored or transmitted using computer technology that supports a theory about how a crime occurred.[4] According to Article 1 of the Council of Europe Convention on “Computer Crime”, a computer system means “any mechanism or a group of interconnected or interconnected mechanisms, one or more of which, through a program, performs automatic data processing.[5] Computer data itself is “any representation of facts, information or concepts in a form suitable for processing in a computer system, including a program that ensures the functioning of a computer system”.[6]

Despite the fact that electronic proof is so-called While it has similar characteristics to “traditional” proof, there are a number of aspects that make it unique.[7] First of all, it should be noted the “fragility” of digital data,[8] what makes it stand out, for example, from a document created in material form, on paper. This refers to the nature of information obtained from electronic communication, which can be easily deleted,[9] change etc. Another important circumstance is its decentralized storage. It is possible that information stored outside the country’s borders can be used remotely by criminals,[10] Which makes the investigation process even more difficult. Thus, determining the reliability and authenticity of such data mining, electronic nature of evidence is quite a challenge for the criminal procedural laws of all countries.[11]

However, the Explanatory Report (N187) to the Convention on Computer Crime states that additional procedural safeguards are required for the effective collection of communications identifying data[12]. There are several reasons for this. The first is that the mentioned information is presented in an immaterial, electromagnetic form. The second reason is the different standards of its touch. In particular, computer data cannot be confiscated or seized in the same way as a paper document.

In 2016, the Constitutional Court of Georgia deliberated on the procedural guarantees of the storage of communication identifying data obtained by the investigation.[13] At what time should the standards be used by the state when copying and storing information from electronic means of communication were determined.[14]

On the basis of the mentioned decision, certain changes were made in the legislation of Georgia, and the issue of compliance of the contents with the Constitution of Georgia caused a difference of opinion among the judges of the Constitutional Court itself.[15]

One of the reasons for the difference of opinion was the problem of copying and storing information from modern electronic means of communication. In particular, a part of the judges of the Constitutional Court drew attention to gathering the obtained data in the hands of the professionally interested body and the so-called On the dangers of creating “alternative banks”.

2. The so-called danger of creating “alternative banks”

As emphasized in the decision of the Constitutional Court, “it is technically possible to create the so-called “Alternative bank”, the existence of which may not be known to anyone, and the personal data protection inspector may not even have access to it.[16] This implies total access to the information obtained by the investigation, without any content separation: who connected where, when, by what technical means, from which location and for how long.

It should be noted the mechanisms of supervision, which were created for the purpose of preventing the copying of the obtained information. As noted by the Constitutional Court, in the Law of Georgia “On Personal Data Protection”[17] the changes made on March 22, 2017, did not introduce any new regulation in terms of controlling the data copying process by the inspector.[18] A positive innovation was that one of the levers of existing control - the electronic system of control of the central bank of identifying data of electronic communication has already been fixed from a technical point of view, and with its help the inspector could control the actions carried out in the copied data bank.[19] As for the process of copying data from electronic communication companies by the agency, the only lever of supervision was the inspection. This type of supervision was deemed ineffective by the Constitutional Court in its decision of April 14, 2016, due to the method of its implementation, which was based on the “principle of random selection”. The mentioned approach excludes absolutely all data control, therefore, the possibility of detecting absolutely all violations, and such “selective control is practically impossible to produce tangible results”.[20]

Regarding the regulatory norms of the above-mentioned issue, it should be emphasized that the current version of the Law of Georgia “On Personal Data Protection” does not provide provisions that are significantly different from the previous version of the law regarding the field of data protection and the control of conducting secret investigative activities. In particular, Chapter VII of the current edition of the Law of Georgia “On Personal Data Protection” textually and, accordingly, in terms of content V2 of the previous edition of the Law of Georgia “On Personal Data Protection” (“Powers of the Personal Data Protection Service in the field of data protection and control of the conduct of covert investigative actions”). It is identical to itself.

Thus, the existing lever of inspection is still the bearer of the “random selection principle”, which allows the possibility that during the operation of the mentioned control mechanism, the personal data protection service will completely detect and, therefore, eliminate violations of the law in relation to the issues within its competence.

In addition, since the so-called In the presence of threat of creating “alternative banks”, it is possible to copy absolutely all the obtained information without any selection, it is interesting to see what changes the legislation has undergone in this regard after the implementation of the new law “On Personal Data Protection”.

As mentioned in the explanatory note of the aforementioned law, the data “should be processed only to the extent necessary to achieve the relevant legal purpose”. In addition, we read here that information can be stored “only for the period necessary to achieve the purpose of data processing”. The explanatory note also emphasizes the importance of the safe storage of information and that appropriate measures should be taken to prevent “unauthorized or illegal” processing of data.[21] The above-mentioned goals, elaborated in the explanatory card, were formulated in the form of principles of data processing in Article 4 of the mentioned law.

However, on the part of the legislator, in terms of information storage and protection, despite the above-mentioned clear, obvious readiness to protect human rights, the mentioned approach has little effect on the storage period of information obtained from electronic communication through covert investigative actions. After the decision of the Constitutional Court, the period of storage of identifiable data of electronic communication was reduced from two years to 12 months.[22] Despite the mentioned change, there is no periodic verification of the above term. Accordingly, there is no provision in the legislation to determine whether the obtained information is still relevant to the case and whether there is a need to keep it. Thus, everything, including information not important to the case, can be stored for the period established by law, without any selection or justification. Thus, the current legislation “provides absolutely unlimited copying and storage of such information for a period of one year depending on the circle of persons and location.[23]

Based on all of the above, e. year The danger of creating “alternative banks” is problematic in the sense that it is possible to store such information that is not important for the investigation, but in the absence of the law, it is not destroyed by the authorized persons.

3. Collection of data in the hands of professionally interested body

According to the Law of Georgia “About the Legal Entity of Public Law - Operative-Technical Agency of Georgia”, the Operative-Technical Agency is a legal entity under public law responsible for the processing, storage, issuance and destruction of identifiable data of electronic communication.[24] Before the decision of the Constitutional Court of Georgia on April 14, 2016, the agency was represented as a department within the State Security Service. According to the position expressed by the witness at the mentioned session of the Constitutional Court, the transformation of the operational-technical department into a legal entity under public law was named as the only lever to prevent the creation of “alternative banks”. In this case, the collection of obtained data in the hands of the professionally interested body, the State Security Service, of which the agency was an integral part, was excluded.

After the formation of the mentioned approach of the Constitutional Court, regardless of the transformation of the operational-technical agency into a legal entity under public law, it should be noted that it is still subject to the “effective control” of the State Security Service.[25]

According to Article 3 of the Law of Georgia, “On Legal Entity of Public Law - Operative-Technical Agency of Georgia”, the agency, as a legal entity of public law, is created in the system of the State Security Service and functions in this system as a part of a unified and centralized service. In particular:

-  The head of the agency “will develop proposals for the agency’s material and technical support and financing (including the agency’s budget) and submit the relevant projects to the head of the service”[26].

- “Before submitting the statistical and generalized report of the agency’s activities to the Prime Minister of Georgia, the head of the agency will submit this report to the head of the service”.[27]

- The head of the State Security Service decides on the issues of establishing a special allowance and determining bonuses for the head of a legal entity under public law.[28]

- “The state control of the agency’s activities is carried out by the head of the service”.[29]

It should be emphasized that by the decision of the Constitutional Court of April 14, 2016, the Operational-Technical Department was considered a professionally interested body, not because this department directly had any kind of investigative function but due to the fact that it represented the State Security Service. The unit and the functions of the service made it an investigative function.[30] The Constitutional Court emphasized that “when the technical capabilities of direct and immediate access to personal information are at the disposal of the State Security Service (or another body with an investigative function), which, as we have already mentioned, immeasurably increases the risks of arbitrary, excessive interference with the right, it becomes objectively very difficult if not impossible, effective control of the authorities authorized to investigate”[31].

In the conditions of the current legal regulation, it is clear that the issue of the transformation of the mentioned department into a legal entity under public law is of a formal nature since the activity of the operational-technical agency depends on the decision taken by the head of the State Security Service, both in terms of financial and functional management.

The so-called possibility of creating “alternative banks” and collecting data in the hands of an interested body on a professional basis, according to the Constitutional Court, “both cumulatively and separately create a danger of excessive, groundless interference in a person’s personal space, therefore, a violation of fundamental rights”.[32]

Especially in circumstances where covert investigative actions are concerned, the risk of taking arbitrary action is obvious. In addition, since, in this case, we are talking about obtaining electronic evidence, the issue of authenticity of which is closely related to technological progress, the need for clear and detailed rules in this regard is even more evident.[33]

Since, both at the national and international level, great importance is attached to the inviolability of a person’s intimate life, to personal connections with a certain circle of people with the intensity necessary for his personal perfection.[34], It is necessary to have such a set of legal norms at the national level that will not create doubts about the disproportionate interference with the above-mentioned rights by unauthorized persons.

Thus, since the threats that have been discussed above can have a great impact on the freedom of human behavior, it is necessary to determine whether the current legal regulation in this regard leads to the limitation of such an important right as respect for private life.

4. The issue of compliance with the right to respect for private life protected by Article 8 of the European Convention

It is interesting to see what approach the European Court of Human Rights takes in terms of the right to respect for private life and whether the criminal procedural legislation of Georgia in relation to the safe storage of identifiable data of electronic communication is consistent with the above-mentioned right protected by Article 8 of the European Convention.

The Strasbourg Court explains that the concept of private life is broad and cannot be subject to an exhaustive definition.[35] The concept of respect for private life includes the right to the free development of the individual, as well as the establishment of relationships with others.[36]

In the case of A v. France,[37] the French government argued that the recorded conversations related to the commission of the murder did not concern private life. The commission found the following: the fact that the conversation was a matter of public interest did not deprive it of its private character. The court shared the mentioned argument and explained that the collection of information about an individual without his consent by state officials always refers to a person’s personal life and, therefore, falls within the scope of Article 8, Paragraph 1. In order to determine the compatibility of the issue of copying and storage of information obtained from electronic communication in criminal proceedings with the right to respect for private life protected by Article 8 of the European Convention, the following must be determined:

1. a) Was the restriction implemented in accordance with the law?

The approach of the European Court, according to which the existence of a norm at the legislative level does not mean that the restriction will be in accordance with the same law, is particularly interesting in terms of determining “compliance with the law”. In the case of Bykov v. Russia [38] the European Court noted that for national legislation to comply with the “quality of law” requirement, the scope of discretion of the authorities must be taken into account. In addition, attention was drawn to the importance of the participation of an independent and impartial body and the fact that the involvement of an impartial body in the implementation of undercover investigative activities is important to the extent that, in this way, the individual will have an adequate means of protection against arbitrary interference.[39]

In addition, since “undercover surveillance or communication monitoring by government bodies does not produce public control regarding interference with the right,[40] “the law should exhaustively define the procedures for the investigation, use and storage of information obtained as a result of covert surveillance, as well as the procedures for transferring information obtained as a result of covert surveillance to third parties”[41]. The mentioned approach excludes “abuse or arbitrary use of authority by government bodies”[42].

Accordingly, interference with the right to respect for private life is not “in accordance with the law” when the national legislation does not provide adequate protection of the applicant against the interference of law enforcement officers in the aforementioned right.[43]

1. b) Does the restriction serve a legitimate purpose?

Regarding the legal objective, the Strasbourg Court explains that the respondent state itself is obliged to determine the objectives of the legal restriction. In most cases, the court believes that the states are acting with a proper purpose, therefore, the claimant’s request in this section is rarely granted.[44]

Even in the case discussed by us, there are such legitimate goals as ensuring the necessary state or public security in a democratic society, protecting the rights of others.[45] However, it is one thing to have said legal objectives and another question is whether the existing legislation is necessary to achieve these objectives in a democratic society.

1. c) Is it necessary in a democratic society?

Regarding digital data obtained through covert investigative action, the European Court of Human Rights explained that the power of secret surveillance under the European Convention is permissible only when it is strictly necessary to protect democratic institutions. However, the concept of necessity implies that the restriction must represent an urgent social necessity, in particular, it must be proportionate to the legitimate aim.[46].

In the case “Klass v. Germany”,[47] German law allowed the opening of letters and wiretapping to protect national security and prevent disorder and crime. The system of state supervision of the implementation of the mentioned actions was carried out not in the court but in the Parliamentary Council, and the body called the G10 Commission, which was approved by the Council. The above-mentioned control system was acceptable to the European Court since both bodies were independent of the supervisory authorities and were given sufficient powers to carry out effective and continuous control. Accordingly, the Strasbourg Court did not find a violation of Article 8 of the European Convention in this case.

The above-mentioned decision is noteworthy in that the European Court here emphasized not only the importance of supervision by an independent body but also noted that judicial control or supervision in the implementation of the above-mentioned actions is desirable but not necessary. Therefore, it is important that the body, which will be equipped with supervisory functions, meets the standards of independence and impartiality. However, it should also be noted here that it would be inappropriate if this authority, without any criteria and in the form of unlimited discretion, is granted even to a judge.[48]

As for determining the appropriateness of storing and destroying the obtained information, in the case of Iodachi v. Moldova[49], the Moldovan legislation did not provide for the procedure for selecting secretly obtained information, which should be kept and which not, what procedure should be implemented in terms of protecting the confidentiality of said information and in what cases such information should be destroyed. The European Court found a violation of Article 8 of the European Convention in this case.

Conclusion

Based on all of the above, it can be said that the Criminal Procedure Legislation of Georgia cannot provide adequate protection of the right to respect for private life in the process of storing identifying data of electronic communication and, therefore, in the presentation of digital evidence during the substantive consideration of the case in court. Despite the standards established by Strasbourg and the Constitutional Court, national legislation still has norms that contain threats to protecting the right. In particular, despite the change in legal form, the operational-technical agency, which collects the identifying data of electronic communication, is still under the authority of the professionally interested body - the State Security Service, which does not correspond to the practice established by the European Court of Human Rights. In addition, the system of supervision over the obtained information has some shortcomings, which creates the danger of creating an “alternative bank” and does not determine the possibility of selecting the data obtained through covert investigative actions based on the need, which also contradicts the right to respect for private life protected by the European Convention.

Under these conditions, if there are no clear and predictable rules that exclude the collection of such information in the hands of the professionally interested body, the issue of using the obtained data for other illegal purposes by unauthorized persons will become uncontrolled under the threat of creating an “alternative bank”. It is clear that such threats will significantly damage the fundamental right of a person to respect for private life protected by the European Convention and the Constitution of Georgia, as well as the principles, goals and interests of criminal procedural law.

Bibliography

1. Carrera S., Stefan M., Mitsilegas, V., (2020). Cross-border data access in criminal proceedings and the future of digital justice.


2. Training of Judges on Computer Crime, (2010). France, Strasbourg <https://rm.coe.int/16802fa028> [Last viewed: April 15, 2024].


3. Casey E., (2004). Digital Evidence and Computer Crime, 2004. The admissibility of electronic evidence in court: fighting against high-tech crime, 2005.


4. Council of Europe Convention on Computer Crime (23.11.2001), Article 1 <https://rm.coe.int/16802fa423> [Last accessed: April 15, 2024].


5. Casey, E., (2004). Digital Evidence and Computer Crime, 2004, p. 16; Vacca, Computer Forensics, Computer Crime Scene Investigation, 2005.


6. Moore, To View or not to view: Examining the Plain View Doctrine and Digital Evidence, American Journal of Criminal Justice, Volume 29, #1, 2004.


7. Stephen M., Allison S., (2017). Electronic Evidence.


8. Spiegel Online, (08.01.2007). Fahnder überprüfen erstmals alle deutschen Kreditkarten.


9. Decision No. 1/1/625,640 of the Constitutional Court of Georgia dated April 14, 2016 in the case “Public Defender of Georgia, Citizens of Georgia - Giorgi Burjanadze, Lika Sajaia, Giorgi Gotsiridze, Tatia Kinkladze, Giorgi Chitidze, Lasha Tughushi, Zviad Koridze, “Open Foundation “Society Georgia”, “Transparency International - Georgia”, “Young Lawyers Association of Georgia”, “International Society for Fair Elections and Democracy” and “Human Rights Center” against the Parliament of Georgia.


10. The minutes of the Constitutional Court of Georgia dated December 29, 2017. No. 3/4/885-1231.


11. “On Personal Data Protection” of December 28, 2011, which entered into force on 14.06.2023 N3144.


12. Parliament of Georgia. Explanatory card on the draft law “On personal data protection” <https://info.parliament.ge/file/1/BillReviewContent/222087> [Last viewed: April 15, 2024].


13. “On the Legal Entity of Public Law - Operational-Technical Agency of Georgia”, Law of Georgia. Legislative Gazette of Georgia <https://matsne.gov.ge/ka/document/view/3625121?publication=0> [last viewed: April 15, 2024].


14. The decision of the European Court of Human Rights in the case: Kopp v. Switzerland (25.03.1998).


15. Decision No. 2/1/536 of the Constitutional Court of Georgia dated February 4, 2014 in the case “Georgian citizens Levan Asatiani, Irakli Vacharadze, Levan Berianidze, Beka Buchashvili and Gocha Gabodze against the Minister of Labor, Health and Social Protection of Georgia”, II-55 .


16. Decision of the European Court of Human Rights in the case: Costello-Roberts v. The United Kingdom (25.03.1993).


17. Kilkeli U., The right to respect for private and family life, implementation of Article 8 of the European Convention on Human Rights, Guide, L. Chelidze, B. Bokhashvili, T. Mamukelashvili’s translation, L. Edited by Chelidze, Council of Europe, 2005.


18. Decision of the European Court of Human Rights in the case: A v. France (07.04.2022).


19. Decision of the European Court of Human Rights in the case: Bykov v. Russia (10.03.2008).


20. Decision of the European Court of Human Rights in the case: Huvig v. France (24.04.1990).


21. Decision of the European Court of Human Rights in the case: Amann v. Switzerland (16.02.2000).


22. Decision of the European Court of Human Rights in the case: Klass and Others v. Germany (06.09.1978).


23. Decision of the European Court of Human Rights in the case: Weber and Saravia v. Germany (29.06.2006).


24. Decision of the European Court of Human Rights in the case: Halford v. the United Kingdom (25.06.1997).


25. Decision of the European Court of Human Rights in the case: Handyside v. the United Kingdom (07.12.1976).


26. Constitution of Georgia. Legislative Gazette of Georgia. <https://matsne.gov.ge/ka/document/view/30346?publication=36> [Last viewed: April 15, 2024].


27. Decision of the European Court of Human Rights in the case: Olsson v. Sweden (24.03.1988).


28. Decision of the European Court of Human Rights in the case: Klass v. Germany (06.09.1978).


29. Decision of the European Court of Human Rights in the case: Silver and others v. the United Kingdom (25.03.1983).


30. Decision of the European Court of Human Rights in the case: Iodachi v. Moldova (10.02.2009).

Footnotes

[1] Carrera S., Stefan M., Mitsilegas V., (2020). Cross-border data access in criminal proceedings and the future of digital justice, p. 1.

[2] Training of Judges on Computer Crime, (2010). France, Strasbourg, p.75 <https://rm.coe.int/16802fa028> [Last viewed: April 15, 2024].

[3] In the criminal procedural legislation of Georgia, we do not find the definition of electronic evidence as an independent category of evidence, but the regulatory norms of the mentioned issue are mainly presented in the Criminal Procedure Code of Georgia, the Law of Georgia “On Operative-Search Activity”, the Law of Georgia “On Electronic Communications” and others.

[4] Casey E., (2004). Digital Evidence and Computer Crime, p.12. The admissibility of electronic evidence in court: fighting against high-tech crime, 2005.

[5] Council of Europe Convention on Computer Crime (23.11.2001), Article 1 <https://rm.coe.int/16802fa423> [Last accessed: 15 April 2024].

[6] Ibid.

[7] Training of Judges on Computer Crime, (2010). France, Strasbourg, p.76 <https://rm.coe.int/16802fa028> [Last viewed: April 15, 2024].

[8] Casey E., (2004). Digital Evidence and Computer Crime, p.16. Vacca, Computer Forensics, Computer Crime Scene Investigation, 2005.

[9] Moore, (2004). To View or not to View: Examining the Plain View Doctrine and Digital Evidence, American Journal of Criminal Justice, Vol. 29, #1, p. 58.

[10] Training of Judges on Computer Crime, (2010). France, Strasbourg, p.76 <https://rm.coe.int/16802fa028> [Last viewed: April 15, 2024].

[11] Stephen M., Allison S., (2017). Electronic Evidence, p. 193.

[12] A striking example of the need for additional procedural norms regarding the development of electronic evidence into a “new type” of evidence and the acquisition of personally identifiable communications data is the investigation conducted by German law enforcement several decades ago, during which the identities of criminals who purchased and downloaded child pornography were established through credit card companies. from one of the websites (see: Spiegel Online, Fahnder überprüfen erstmals alle deutschen Kreditkarten, 08.01.2007).

[13] Decision No. 1/1/625,640 of the Constitutional Court of Georgia dated April 14, 2016 in the case “Public Defender of Georgia, Citizens of Georgia - Giorgi Burjanadze, Lika Sajaia, Giorgi Gotsiridze, Tatia Kinkladze, Giorgi Chitidze, Lasha Tugushi, Zviad Koridze, “Open Society Foundation Georgia”, “Transparency International - Georgia”, “Young Lawyers Association of Georgia”, “International Society for Fair Elections and Democracy” and “Human Rights Center” against the Parliament of Georgia”.

[14] Acquisition/storage/destruction of digital evidence is carried out according to the standard established by the Constitutional Court for covert investigative actions, since according to the criminal procedural legislation, the rules established for covert investigative actions apply to investigative actions related to computer data.

[15] The minutes of the Constitutional Court of Georgia dated December 29, 2017. No. 3/4/885-1231.

[16] Decision No. 1/1/625,640 of the Constitutional Court of Georgia dated April 14, 2016 in the case “Public Defender of Georgia, Citizens of Georgia - Giorgi Burjanadze, Lika Sajaia, Giorgi Gotsiridze, Tatia Kinkladze, Giorgi Chitidze, Lasha Tugushi, Zviad Koridze, Open Society Foundation Georgia “, AIP “Transparency International - Georgia”, AIP “Young Lawyers Association of Georgia”, AIP “International Society for Fair Elections and Democracy” and AIP “Human Rights Center” against the Parliament of Georgia”, II-100.

[17] We are talking about the Law of Georgia “On Personal Data Protection” of December 28, 2011, which is in force - 14.06.2023 N3144. Here, it should be noted that control over personal data processing has been implemented in Georgia since 2013. Since 2015, there has been direct supervision of covert investigative actions. In 2013-2019, the personal data protection inspector’s office carried out the above-mentioned activities, in 2019-2022, its successor - the state inspector’s office. From March 1, 2022, the said mandate was assigned to the Personal Data Protection Service.

[18] Minutes of the Constitutional Court No. 3/4/885-1231 of December 29, 2017. II-84.

[19] Ibid., II- 96.

[20] Decision No. 1/1/625,640 of the Constitutional Court of Georgia dated April 14, 2016 in the case “Public Defender of Georgia, Citizens of Georgia - Giorgi Burjanadze, Lika Sajaia, Giorgi Gotsiridze, Tatia Kinkladze, Giorgi Chitidze, Lasha Tugushi, Zviad Koridze, “Open Society Foundation Georgia”, “Transparency International - Georgia”, “Young Lawyers Association of Georgia”, “International Society for Fair Elections and Democracy” and “Human Rights Center” against the Parliament of Georgia”, II-104.

[21] Parliament of Georgia. Explanatory card on the draft law “On personal data protection” <https://info.parliament.ge/file/1/BillReviewContent/222087> [Last viewed: April 15, 2024].

[22] “On the Legal Entity of Public Law - Operational-Technical Agency of Georgia”, Law of Georgia. Article 15. Legislative Gazette of Georgia <https://matsne.gov.ge/ka/document/view/3625121?publication=0> [last viewed: April 15, 2024].

[23] Decision No. 1/1/625,640 of the Constitutional Court of Georgia dated April 14, 2016 in the case “Public Defender of Georgia, Citizens of Georgia - Giorgi Burjanadze, Lika Sajaia, Giorgi Gotsiridze, Tatia Kinkladze, Giorgi Chitidze, Lasha Tugushi, Zviad Koridze, “Open Society Foundation Georgia”, “Transparency International - Georgia”, “Young Lawyers Association of Georgia”, “International Society for Fair Elections and Democracy” and “Center for Human Rights” against the Parliament of Georgia”, II-91.

[24] Article 15 of the Law of Georgia “On Legal Entity of Public Law - Operational-Technical Agency of Georgia”.

[25] The minutes of the Constitutional Court of Georgia dated December 29, 2017. No. 3/4/885-1231.

[26] “On the Legal Entity of Public Law - Operational-Technical Agency of Georgia”, Law of Georgia. Article 20, Paragraph 2. Legislative Gazette of Georgia <https://matsne.gov.ge/ka/document/view/3625121?publication=0> [Last viewed: April 15, 2024].

[27] Ibid. Article 29, Paragraph 2.

[28] Ibid. Article 20, Paragraph 2, subsection 1.

[29] Ibid. Article 29, Paragraph 1. Legislative Gazette of Georgia <https://matsne.gov.ge/ka/document/view/3625121?publication=0> [last viewed: April 15, 2024].

[30] Decision No. 1/1/625,640 of the Constitutional Court of Georgia dated April 14, 2016 in the case “Public Defender of Georgia, Citizens of Georgia - Giorgi Burjanadze, Lika Sajaia, Giorgi Gotsiridze, Tatia Kinkladze, Giorgi Chitidze, Lasha Tughushi, Zviad Koridze, “Foundation Open Society Georgia”, “Transparency International - Georgia”, “Young Lawyers Association of Georgia”, “International Society for Fair Elections and Democracy” and “Human Rights Center” against the Parliament of Georgia”, II-55.

[31] Ibid.

[32] Ibid., II-95.

[33] Decision of the European Court of Human Rights in the case: Kopp v. Switzerland (25.03.1998), §46.

[34] Decision No. 2/1/536 of the Constitutional Court of Georgia dated February 4, 2014 in the case “Citizens of Georgia Levan Asatiani, Irakli Vacharadze, Levan Berianidze, Beka Buchashvili and Gocha Gabodze against the Minister of Labor, Health and Social Protection of Georgia” II-55.

[35] Decision of the European Court of Human Rights in the case: Costello-Roberts v. The United Kingdom (25.03.1993), §36.

[36] Kilkeli U., (2005). The right to respect for private and family life, implementation of Article 8 of the European Convention on Human Rights, Guide, L., Chelidze, B., Bokhashvili, T., (Trans. Mamukelashvili) Edited by Chelidze, Council of Europe, p.14.

[37] Decision of the European Court of Human Rights in the case: A v. France (07.04.2022).

[38] Decision of the European Court of Human Rights in the case: Bykov v. Russia (10.03.2009).

[39] Decision of the European Court of Human Rights in the case: Huvig v. France (24.04.1990), § 29; Decision of the European Court of Human Rights in the case: Amann v. Switzerland (16.02.2000), §56.

[40] Decision of the European Court of Human Rights in the case: Klass and Others v. Germany (06.09.1978), §54-56.

[41] Decision of the European Court of Human Rights in the case: Weber and Saravia v. Germany (29.06.2006), § 95.

[42] Decision of the European Court of Human Rights in the case: Klass and Others v. Germany (06.09.1978), § 54-56.

[43] Decision of the European Court of Human Rights in the case: Halford v. the United Kingdom (25.06.1997).

[44] For example,  The judgment of the European Court of Human Rights in Handyside v. the United Kingdom (07.12.1976).

[45] Constitution of Georgia. Article 15, Paragraph 1. Legislative Gazette of Georgia. <https://matsne.gov.ge/ka/document/view/30346?publication=36> [Last viewed: April 15, 2024].

[46] Decision of the European Court of Human Rights in the case: Olsson v. Sweden (24.03.1988).

[47] Decision of the European Court of Human Rights in the case: Klass v. Germany (06.09.1978).

[48] Decision of the European Court of Human Rights in the case: Silver and others v. the United Kingdom (25.03.1983).

[49] Decision of the European Court of Human Rights in the case: Iodachi v. Moldova (10.02.2009).