Working hours: Mon-Fri (10:00 - 18:00)

IRC, GYLA, EMC, AND RIVG: WE ADDRESS THE PARLIAMENT OF GEORGIA TO ADOPT THE LAW ON PERSONAL DATA PROTECTION

2020-06-29 18:47
Featured image

We call on the Parliament of Georgia to resume the review of the draft law of Georgia on Personal Data Protection and to ensure its timely adoption. The draft law was initiated in the Parliament of Georgia on May 22, 2019, however, after the first committee reading, the process of its review has been suspended for undefined reasons and time limits.

We believe that despite some shortcomings and controversial issues, the adoption of the draft law will significantly improve the status of personal data protection and bring the Georgian legal framework closer to the new European regulation (GDPR) while the current law is outdated and fails to meet current challenges. At the same time, we believe that the relevant committees should carefully consider the remarks and proposals of civil society organizations made on the draft law and ensure that the draft law is refined/perfected before voting at the plenary session.

Today the importance of the dangers posed by the disordered and uncontrolled processing of personal data of individuals goes beyond the psychological pain and discomfort inflicted on a person that can be caused by the disclosure of certain personal data. Excessive and uncontrolled processing of personal data contains substantial risks to the restriction of other human rights and freedoms, which is related to the prediction of human behavior and the possibility of manipulating it and this also threatens the existence of modern democratic order. These threats are further exacerbated by the unprecedented growth of technological capabilities.

Under current legal framework in Georgia, a large proportion of public institutions and private companies still neglect the importance of data protection and addresses the issue superficially, information systems that are not pre-analyzed to assess the impact of data protection are still being developed, which will cost the Georgian society much more in the future, both in terms of material and unfair restrictions on human rights.

The current situation is confirmed by the 2019 report of the State Inspector, where, among other important facts, is discussed that e.g. appropriate measures to protect personal data were not taken in the e-programs implemented in the public sector, in particular: access to and facts of viewing of the data is not recorded, no history is recorded about the information found by the user in the system. Also, law enforcement agencies possess very large and sensitive databases about individuals, but in these databases, access to, viewing, or deleting data is not recorded or substantiated improperly. There are similar problems in terms of processing of data of minors or special categories in the field of healthcare.

As we know, the Action Plan on Visa Liberalization with the European Union envisages improvement of the legislation and practice of personal data protection and bringing them closer to EU standards. This commitment has been successfully fulfilled, but our legislation is no longer in compliance with new European standards. If we look at the current reality, we will see that the results achieved by Georgia in the field of data protection are quite fragile and the lack of a specific foreign policy motivation similar to the Action Plan on Visa Liberalization should not lead to a slowdown in the interest of Georgian Parliament in further reforms in areas such as personal data protection.

In view of all the above, the signatory organizations call on the Parliament of Georgia to promote the improvement of the legislation and practice of personal data protection in Georgia and bring the Georgian legislation closer to the new European standards.

We are fully aware of the current political context, the challenges facing the parliament and political groups, the obstacles caused by the pandemic, however, in the presence of the appropriate will, we consider it possible to review the draft law on Personal Data Protection and we consider it unjustified to leave this issue open and postpone it for an indefinite period.