There is probably no introduction to any report written in 2020-2021 that can avoid mentioning the Covid-19. As elsewhere, the global pandemic and related restrictive measures, along with parliamentary election and following political crisis, impacted the personal data protection landscape in Georgia, hindered the expected legislative advancements and fulfillment of GoG's commitments.
This report evaluates the state of the art and progress in implementing the main priorities of the Association Agenda and HR Action Plan related to personal data protection. It also summarizes the significant developments and challenges, identifies possible drives for change, and provides recommendations on the most pressing issues related to data protection.
Article 14 of The AA forms a solid ground for the cooperation of parties to ensure a high level of protection of personal data in accordance with the EU, CoE, and international legal instruments and standards. The Association Agenda's mid-term priorities included further strengthening the capacity of SIS, the continuous implementation of the legal framework on data protection in all sectors, approximation of Georgian legislation, and practice with the latest European data protection standards. The same priorities have been reflected in HR Action Plan, explicitly referring to compliance with the CoE Convention 108+ and EU GDPR.
Privacy is still an area that requires continuing and intensified vigilance. All allegations of illegal surveillance and blackmailing with information related to private life and intimate sphere should be timely and effectively investigated and prosecuted. According to the Public Defender 2020 report, no criminal prosecution has been launched into the privacy infringement cases on which investigations were opened in 2015-2017. The Public Defender of Georgia continues to call on the Prosecutor's Office to ensure transparency, making it possible to assess investigations' effectiveness objectively.
Timely signature and ratification of Convention 108+ should be the priority for Georgia, first from human rights and the rule of law perspectives. However, other important dimensions are worthy of consideration, including Georgia's European integration, international and bilateral cooperation prospects, and new economic development opportunities.
Timely signing and ratification of the Convention 108+ and adoption of GDPR compliant PDP Law giving effect to the provision of Convention and ensuring the careful balance between human rights and interests at stake are seen as essential drivers of change - reinforcing effectiveness of data protection in public and private sectors, strengthening SIS's powers and implementing AA and HR strategy priorities.