TBILISI, DFWatch – The former Soviet republic of Georgia is to establish a new data-sharing and information protection model.
A new law sets out the rules that will apply to both private and public bodies, the only requirement being that it is a ‘subject of critical infrastructure’ whose information systems it is important to maintain a continuous operation of, for reasons of defense, economic security, and for retaining state government and social life.
The bill about information security now under review in parliament establishes new regulation regarding the gathering and release of information by such bodies.
They will be instructed to protect the security of the information kept there, and assign one person responsible for seeing to this, and be accountable to the Ministry of Justice’s data-sharing agency.
Candidates for these positions will be proposed by Georgia’s National Security Council, and approved by the president.
In addition, this administrative body will be able to receive any information and document, issue or give away using automatic control means, retain electronic copy and issue any document created or archived by them. Private companies will be obliged to provide any kind of information when called for by authorities.
The legal advocacy group Georgian Young Lawyers Association (GYLA) fears that the government’s initiative regarding cyber-security may become a mechanism to close off more information from the public.
Tatuli Todua, GYLA representative, explains that the existing administrative legislation defines three kinds of secret information: commercial, private and state.
But this new bill will add three categories: confidential, restricted and non-classified information.
There is no need to establish these levels of confidentiality, Todua says. She doesn’t exclude that a public body will refuse to give a citizen non-secret information arguing that it can do so under this new legislation.
Mikheil Tavhelidze from a government-leaning group holds the same critical view.