On amendments and additions to some legislative acts of the Republic of Kazakhstan on digitalization, transport and entrepreneurship
The Law of the Republic of Kazakhstan dated January 9, 2026 No. 256-VIII SAM
Article 1. To make amendments and additions to the following legislative acts of the Republic of Kazakhstan:
1. To the Land Code of the Republic of Kazakhstan dated June 20, 2003:
throughout the text, the words "information system", "information system", "electronic government", "objects of informatization", "electronic systems", "information systems", "information systems", "information systems", "information resources", "electronic information resources", "information resource" should be replaced Accordingly, the words "digital system", "digital system", "digital government", "digital objects", "digital systems", "digital systems", "digital systems", "digital systems", "digital resources", "digital resources", "digital resource".
2. To the Code of the Republic of Kazakhstan dated December 26, 2011 "On Marriage (Matrimony) and Family":
1) throughout the text, the words "information system", "information system", "information system", "information system", "information systems", "information system" should be replaced respectively with the words "digital system", "digital system", "digital system", "digital systems", "digital system";
2) in subparagraph 29-1) of paragraph 1 of Article 1, the word "informatization" should be replaced by the word "digitalization";
3) in the first paragraph of paragraph 2 of Article 67-1, the word "informatization" should be replaced by the word "digitalization";
4) paragraph 3 of Article 85 should be supplemented with the second part as follows:
"The authorized body in the field of protection of children's rights of the Republic of Kazakhstan verifies information about the commission of a criminal offense by citizens of the Republic of Kazakhstan permanently residing in the territory of the Republic of Kazakhstan through the interaction of digital objects of state bodies.";
5) in paragraph 2 of Article 118-1, the words "electronic information resources" and "electronic information resources" should be replaced, respectively, with the words "digital resources" and "digital resources".;
6) in article 181:
in paragraph 1:
in part one, replace the words "two copies" with the words "one copy";
The second part should be worded as follows:
"The registration books are kept at the place of primary state registration of the act of civil status in the archive of the registering authority.";
Paragraphs 3 and 6 should be deleted;
7) paragraph 4 of Article 184 shall be worded as follows:
"4. The loss of civil status records must be confirmed by the civil status record archive at the place where the lost record was located.";
8) in paragraph 2 of Article 190, replace the words "electronic government" with the words "digital government";
9) in the first part of Article 273, the words "electronic government" should be replaced by the words "digital government".
3. To the Business Code of the Republic of Kazakhstan dated October 29, 2015:
1) throughout the text, the words "objects of informatization", "objects of informatization", "objects of informatization", "information system", "information system", "information system", "information systems", "information systems", "information system", "information systems", "information system", "electronic government", "electronic database" should be replaced respectively by the words "digital objects", "digital objects", "digital objects", "digital system", "digital system", "digital system", "digital systems", "digital systems", "digital system", "digital systems", "digital system", "digital government", "digital database";
2) in the second part of paragraph 3 of Article 25-1, the words "legislation of the Republic of Kazakhstan on informatization" should be replaced by the words "digital legislation of the Republic of Kazakhstan";
3) paragraphs 10-1 and 10-2 of Article 28 shall be worded as follows:
"10-1. A business entity that owns a critically important digital object by right of ownership or other legal basis transfers a backup copy of the digital resource to a single digital resource backup platform in accordance with the procedure established by the legislation of the Republic of Kazakhstan, taking into account the requirements of the legislation of the Republic of Kazakhstan on national security.
10-2. A quasi-public sector entity transmits anonymized data to the digital government operator, which is necessary for data analytics in order for government agencies to carry out activities in accordance with digital data management requirements.";
4) add subparagraph 3-1) to the second part of paragraph 4 of Article 82 as follows:
"3-1) consideration of the results of the analysis of the effectiveness of state support measures for private entrepreneurship;";
5) add article 93-1 as follows:
"Article 93-1. Analysis and monitoring of the effectiveness of government support measures for private entrepreneurship
1. The effectiveness of state support measures for private entrepreneurship is determined by the authorized business body based on the results of their analysis.
2. The central authorized Body for Budget Execution shall ensure monitoring of state support measures for private entrepreneurship and their recipients in accordance with the procedure determined by the central authorized body for budget execution in coordination with the authorized body for entrepreneurship.
3. In order to analyze and monitor the effectiveness of state support measures for private entrepreneurship, the authorized business body forms a register of state support measures for private entrepreneurship (hereinafter referred to as the register).
4. Technical support for maintaining the register is provided by a legal entity whose sole shareholder is the State, designated by the central authorized body for budget execution (hereinafter referred to as the registrar).
Technical support for monitoring the use of state support measures for private entrepreneurship and their recipients is provided by the registrar within the framework of a two-tier system of state support for private entrepreneurship, including:
1) the first level is a registration system integrated with second–level systems containing a reference electronic register of applications from recipients of state support measures for private entrepreneurship, where, through final post-format and logical control, the recipient's compliance with state support measures for private entrepreneurship is determined by the basic requirements determined by the authorized budget execution body within the framework of the rules for monitoring the use of state support measures for private entrepreneurship. entrepreneurship and its recipients;
2) the second level is sectoral state or non–state digital systems through which applications are received from recipients of state support measures for private entrepreneurship, processed using format-logical control and the processed applications are transferred to the first level.
Second-level digital systems ensure that recipients of state support measures for private entrepreneurship consent to the use of information that constitutes a legally protected secret, as well as to the collection, processing, storage, unloading and use of personal data by the registrar.
5. The results of the monitoring conducted through a two-tier system of state support for private entrepreneurship are provided to the authorized body for entrepreneurship.
6. It is not allowed to provide a measure of state support to private entrepreneurship without including it in the register.";
6) in paragraph 1 of Article 97-1, the words "the object of the information and communication infrastructure of the "electronic government" should be replaced by the words "the object of the digital infrastructure of the "digital government";
7) in paragraphs 1 and 3 of Article 112, the words "electronic register of permits and notifications" and "electronic register of permits and notifications" should be replaced, respectively, with the words "digital register of permits and notifications" and "digital register of permits and notifications";
8) in article 138:
in subparagraph 52), replace the word "informatization" with the word "digitalization";
in subparagraph 53), replace the words "legislation of the Republic of Kazakhstan on electronic document and electronic digital signature" with the words "requirements for electronic document and electronic digital signature";
Subparagraph 64) should be worded as follows:
"64) for the use of objects of intellectual property rights in cases established by the laws of the Republic of Kazakhstan;";
9) in parts four and five of paragraph 2 of Article 144, the words "electronic government information and communication infrastructure facility" should be replaced with the words "digital government digital infrastructure facility";
10) in paragraph 1 of article 144-1, the words "electronic information resources" should be replaced by the words "digital resources";
11) in paragraphs 1, 3 and 4 of Article 144-2, the words "the object of the information and communication infrastructure of the "electronic government" should be replaced by the words "the object of the digital infrastructure of the "digital government";
12) in the third part of paragraph 6 of Article 193, the words "operator of the information and communication infrastructure of the electronic government" should be replaced by the words "operator of the digital government";
13) in subparagraph 3) of paragraph 1 of Article 239, the words "information and communication technologies" should be replaced by the words "digital technologies".
4. To the Civil Procedure Code of the Republic of Kazakhstan dated October 31, 2015:
Throughout the text, the words "information system", "information system", "information system", "information and legal systems", "electronic government" should be replaced, respectively, with the words "digital system", "digital system", "digital system", "digital and legal systems", "digital government".
5. To the Labor Code of the Republic of Kazakhstan dated November 23, 2015:
1) in paragraph 1 of article 1:
in subparagraph 35-1), replace the words "information system" with the words "digital system";
In sub-paragraphs 55-2) and 81), replace the words "information and communication technologies" with the words "digital technologies";
2) in subparagraph 6) of paragraph 2 of article 23, the words "information and communication technologies" should be replaced by the words "digital technologies";
3) in paragraph 3 of article 32, the words "information systems" and "electronic government" should be replaced by the words "digital systems" and "digital government", respectively;
4) in the second part of paragraph 2 of Article 65, the words "information and communication technologies" should be replaced by the words "digital technologies";
5) in paragraphs 1, 3, 4 and 7 of Article 138, the words "objects of informatization in accordance with the legislation of the Republic of Kazakhstan on informatization", "objects of informatization in accordance with the legislation of the Republic of Kazakhstan on informatization" should be replaced respectively with the words "digital objects in accordance with the digital legislation of the Republic of Kazakhstan", "digital objects in accordance with the legislation of the Republic of Kazakhstan on informatization". digital legislation of the Republic of Kazakhstan";
6) in the third part of paragraph 3 of Article 159, the words "information and communication technologies" should be replaced by the words "digital technologies";
7) in subparagraph 10) of Article 179, the words "information system" should be replaced by the words "digital system";
8) in the third part of Article 200, the words "information system" should be replaced by the words "digital system".
6. To the Code of the Republic of Kazakhstan dated December 26, 2017 "On Customs Regulation in the Republic of Kazakhstan":
1) throughout the text, the words "electronic government", "information system", "information system", "information systems", "information system", "information and communication technologies", "information and communication technologies", "information systems", "information systems", "information systems", Replace "information systems", "information system" with the words "digital government", "digital system", "digital system", "digital systems", "digital system", "digital technologies", "digital technologies", "digital systems", respectively, "digital systems", "digital systems", "digital systems", "digital system";
2) in the first part of paragraph 6 of Article 19, the words "information security" should be replaced by the word "cybersecurity";
3) in paragraph 2 of Article 438, the words "legislation of the Republic of Kazakhstan on informatization" should be replaced by the words "digital legislation of the Republic of Kazakhstan";
4) in article 441:
In the title, replace the word "informatization" with the word "digitalization";
In paragraph 1, the words "legislation of the Republic of Kazakhstan on informatization" should be replaced by the words "digital legislation of the Republic of Kazakhstan".
7. To the Administrative Procedural Code of the Republic of Kazakhstan dated June 29, 2020:
1) throughout the text, the words "authorized body in the field of informatization", "electronic government", "information systems", "information systems", "information systems", "objects of informatization" should be replaced, respectively, with the words "authorized body in the field of digitalization", "digital government", "digital systems", "digital systems", "digital systems", "digital objects";
2) in subparagraph 13) of the first part of Article 4, the words "information and communication technologies" should be replaced by the words "digital technologies";
3) Articles 43-2, 43-3 and 43-4 should be deleted;
4) in article 45:
in subparagraph 2) of the first paragraph of the second part, the words "state information resources" should be replaced by the words "state digital resources";
Parts five, 5-1, six and seven should be deleted.;
5) in the eighth part of article 47, replace the words "national information security" with the words "national security, cybersecurity";
6) in article 64:
The fourth part should be worded as follows:
"4. Appeals received through publicly available digital systems that comply with the requirements of the digital legislation of the Republic of Kazakhstan are subject to consideration in accordance with the procedure established by this Code.";
In part five, replace the word "informatization" with the word "digitalization";
7) in the first paragraph of the third part of Article 69, the words "information analytical system" should be replaced by the words "digital analytical system";
8) subparagraph 7) of the second part of Article 93, after the word "signature", add the words "or an electronic digital signature".
8. To the Code of the Republic of Kazakhstan dated July 7, 2020 "On the Health of the People and the Healthcare System":
1) throughout the text, the words "electronic government", "information systems", "information systems", "information systems", "information system", "information systems", "information and communication technologies", "information and communication services", "information and communication services", "objects of informatization", "objects of informatization", "information security", "information security", "state electronic information resources", "electronic information resource", "Electronic information resources", "electronic information resource" should be replaced, respectively, with the words "digital government", "digital systems", "digital systems", "digital systems", "digital systems", "digital systems", "digital technologies", "digital services", "digital services", "digital objects", "digital objects", "cybersecurity", "cybersecurity", "state digital resources", "digital resource", "Digital resources", "digital resource";
2) in subparagraph 30) of Article 7, the words "legislation of the Republic of Kazakhstan in the field of informatization" should be replaced by the words "digital legislation of the Republic of Kazakhstan";
3) in subparagraph 8) of Article 9, the words "legislation of the Republic of Kazakhstan on informatization" should be replaced by the words "digital legislation of the Republic of Kazakhstan";
4) in article 59-1, replace the words "information and communication platform" with the words "digital platform";
5) in Article 62, the words "electronic information resources" and "legislation of the Republic of Kazakhstan on informatization" should be replaced, respectively, with the words "electronic digital resources" and "digital legislation of the Republic of Kazakhstan";
6) in the first part of paragraph 3 of Article 233, the words "must comply with the requirements of good pharmacy practice (GPP)" should be replaced by the words "comply with the requirements of good pharmacy practice (GPP) on a voluntary basis";
7) paragraph 3 of Article 250 should be supplemented with the words ", except for the cases provided for in the first part of paragraph 3 of Article 233 of this Code."
9. To the Environmental Code of the Republic of Kazakhstan dated January 2, 2021:
1) throughout the text, the words "electronic information resources", "information system", "Information system", "information system", "information systems", "information system", "information resources", "information system" should be replaced by the words "digital resources", "digital system", "Digital system", "digital system", "digital systems", "digital system", "digital resources", "digital system";
2) in subparagraph 2) of paragraph 6 of article 170, the words "information and communication technologies" should be replaced by the words "digital technologies";
3) in the fourth part of paragraph 4 of Article 186, the words "on informatization" should be replaced by the words "digital legislation of the Republic of Kazakhstan".
10. To the Social Code of the Republic of Kazakhstan dated April 20, 2023:
1) throughout the text, the words "sphere of informatization", "object of informatization", "objects of informatization", "objects of informatization", "electronic government", "information system", "information system", "information systems", "information systems", "information systems", "information technologies", "information security" should be replaced respectively by the words "digitalization sphere", "digital object", "digital objects", "digital objects", "digital government", "digital system", "digital system", "digital systems", "digital systems", "digital systems", "digital technologies", "cybersecurity";
2) in article 12:
In the thirty-fourth paragraph of subparagraph 5), the word "informatization" should be replaced by the word "digitalization".;
Subparagraph 7) should be worded as follows:
"7) provides electronic services using digital systems in accordance with the digital legislation of the Republic of Kazakhstan;";
3) in the first part of paragraph 3 of Article 20, the words "information and communication technologies" should be replaced by the words "digital technologies";
4) in paragraph 1 of Article 24, the words "electronic government information and communication platform" should be replaced by the words "digital government platform";
5) in the second part of paragraph 5 of Article 57, the words "The Law of the Republic of Kazakhstan "On Informatization" should be replaced by the words "digital legislation of the Republic of Kazakhstan";
6) in subparagraph 2) of paragraph 4 of article 66, the words "information and communication technologies" should be replaced by the words "digital technologies";
7) in subparagraph 6) of paragraph 1 of Article 154, the word "informatization" should be replaced by the words "digital objects";
8) in the third paragraph of subparagraph 3) of paragraph 5-1 of Article 263, the word "informatization" should be replaced by the word "digitalization".
11. To the Budget Code of the Republic of Kazakhstan dated March 15, 2025:
1) throughout the text, the words "objects of informatization", "objects of informatization", "objects of information and communication infrastructure", "information security", "information security", "in the field of informatization", "legislation of the Republic of Kazakhstan in the field of informatization", "legislation of the Republic of Kazakhstan on informatization", "informatization", "information system", "information system", "information systems" should be replaced by the words "digital objects", "digital objects", "digital infrastructure objects", "cybersecurity", "cybersecurity", respectively, "in the field of digitalization", "digital legislation of the Republic of Kazakhstan", "digital legislation of the Republic of Kazakhstan", "digital legislation of the Republic of Kazakhstan", "digital system", "digital system", "digital systems";
2) in paragraph 2 of article 9:
add the words "and state guarantees for the support of private entrepreneurship" to Part ten;
In part eleven, the words "state-owned enterprises in the form of a property complex," should be deleted.;
3) subparagraph 13) of paragraph 1 of Article 30 should be supplemented with the fifth paragraph as follows:
"fulfillment of obligations under state guarantees to support private entrepreneurship;";
4) in the eighth paragraph of paragraph 7 of Article 40, the words "and state guarantees for export support", "and state guarantees for export support" should be replaced, respectively, with the words ", state guarantees for export support and state guarantees for private entrepreneurship support", ", state guarantees for export support and state guarantees for private entrepreneurship support";
5) add the words "state-guaranteed obligation to support private entrepreneurship" to the third paragraph of paragraph 1 of Article 49 after the word "export,";
6) paragraph 4 of Article 86 should be supplemented with the thirteenth paragraph as follows:
"the limit on the provision of state guarantees of the Republic of Kazakhstan to support private entrepreneurship;";
7) in paragraph 1 of article 137:
In subparagraph 2), replace the words "State-guaranteed export support debt" with the words "State-guaranteed obligation to support exports, State-guaranteed obligation to support private entrepreneurship";
subparagraph 3) add the following sixth paragraph:
"provision of state guarantees to support private entrepreneurship;";
subparagraph 5) after the word "export," add the words "obligations under state guarantees to support private entrepreneurship,";
8) add articles 144-1 and 144-2 as follows:
"Article 144-1. State guarantee for the support of private entrepreneurship
1. The State guarantee of the Republic of Kazakhstan for the support of private entrepreneurship is the obligation of the Government of the Republic of Kazakhstan to the special fund for the development of entrepreneurship in accordance with the terms of the guarantee agreement for the support of private entrepreneurship to fully or partially repay the amount of its debt to financial and other organizations if the funds of the special fund for the development of entrepreneurship are insufficient to fulfill obligations under the guarantees provided to them for investment projects with the amount of financing over seven billion tenge.
A state-guaranteed obligation to support private entrepreneurship is the amount, as of a certain date, of outstanding obligations under guarantees under the state financial support for private entrepreneurship provided by the State guarantee of the Republic of Kazakhstan for private entrepreneurship support, for which no guarantee payments have been made by the special entrepreneurship development fund.
2. The Government of the Republic of Kazakhstan has the exclusive right to provide state guarantees to support private entrepreneurship on behalf of the Republic of Kazakhstan.
In accordance with the resolution of the Government of the Republic of Kazakhstan, the central authorized body for budget execution provides state guarantees to support private entrepreneurship in the manner and in the form determined by the central authorized body for budget execution.
The state guarantee for the support of private entrepreneurship is provided within the limit established by the law on the republican budget, on the basis of a decree of the Government of the Republic of Kazakhstan.
The limit for the provision of state guarantees is a fixed amount for the relevant fiscal year, within which state guarantees can be issued.
The amount for determining the limit for the provision of a state guarantee to support private entrepreneurship is set in accordance with the procedure determined by the central authorized body for budgetary policy.
The amount of the limit on the provision of state guarantees can only be used within the limits of the relevant financial year for which this limit is set.
3. The following requirements apply to the special fund for the development of entrepreneurship, which claims to receive a state guarantee for the support of private entrepreneurship:
1) have a positive industry opinion from the central authorized body of the relevant industry;
2) have a positive economic opinion from the central authorized body for budgetary policy;
3) have no arrears in the repayment and servicing of previously received government-guaranteed loans and have no overdue debts to creditors;
4) be solvent, not subject to liquidation, his property should not be seized, his financial and economic activities should not be suspended in accordance with the legislation of the Republic of Kazakhstan;
5) the amount of guarantee payments actually made in the last five years prior to the application of the special fund for the development of entrepreneurship for a state guarantee to support private entrepreneurship should not exceed fifteen percent of its own capital. In this case, the amount of guarantee payments is indicated minus the amount of guarantee payments that are reimbursed under the guarantee.
4. The requirements for the development or adjustment of the economic opinion of the central authorized body for budgetary policy and the sectoral opinion of the central authorized body of the relevant industry for the provision of state guarantees to support private entrepreneurship are established by the authorized body for entrepreneurship in coordination with the central authorized body for budget execution and budget planning.
5. The provision of state guarantees to support private entrepreneurship is carried out on the terms of repayment by the special fund for the development of entrepreneurship of budgetary funds spent by the Government of the Republic of Kazakhstan in fulfilling the obligations of the guarantor, in accordance with Article 144-2 of this Code.
For the provision of a state guarantee to support private entrepreneurship, a preliminary one-time fee (fee) in the amount of 0.2 percent of the amount of the state guarantee to support private entrepreneurship is charged from the special fund.
The provision of a state guarantee to support private entrepreneurship is carried out after the registration and registration of an agreement on the provision of a state guarantee to support private entrepreneurship in the state Treasury in accordance with the procedure determined by the Government of the Republic of Kazakhstan.
The agreement on the provision of a state guarantee for the support of private entrepreneurship is an agreement between the central authorized body for budget execution, attorney (agent) and a special fund that establishes the legal relations of the parties to provide a state guarantee for the support of private entrepreneurship, the return of funds from the republican budget diverted in case of fulfillment of obligations under the state guarantee for the support of private entrepreneurship.
6. The state guarantees provided to support private entrepreneurship are subject to registration and accounting in the state Treasury in accordance with the procedure determined by the Government of the Republic of Kazakhstan.
7. The central Authorized Body for Budget Execution shall monitor the state-guaranteed obligation to support private entrepreneurship in accordance with the procedure determined by the central authorized body for budget execution in coordination with the central authorized body for budget policy.
The financial condition of the special fund, which has a state guarantee to support private entrepreneurship, is monitored in accordance with the procedure determined by the central authorized body for budget execution in coordination with the central authorized body for budgetary policy.
Article 144-2. Execution of the state guarantee for the support of private entrepreneurship
1. The state guarantee for the support of private entrepreneurship is subject to execution in case of insufficient funds from the special fund for the development of entrepreneurship to make payments on guarantees provided by the special fund for the development of entrepreneurship within the framework of state financial support for private entrepreneurship.
2. The state guarantee for the support of private entrepreneurship is executed only for a part of the uncovered amount of guarantee payments, minus the balance of funds allocated to the special fund for the formation of a reserve for the purpose of guaranteeing the obligations of private business entities for projects with a financing amount of over seven billion tenge and the equity capital of the special fund.
3. The fulfillment of obligations under the state guarantee for the support of private entrepreneurship is carried out within eighteen months from the date of submission of requirements for the fulfillment of obligations under the state guarantee for the support of private entrepreneurship within the limits of funds provided by the law on the republican budget.
4. The funds allocated for the fulfillment of obligations under the state guarantee for the support of private entrepreneurship are subject to return by the special fund for the development of entrepreneurship to the republican budget at the expense of reimbursement of guarantee payments and other sources.
The terms, deadlines, remuneration rates and the procedure for refunding funds diverted from the republican budget for the implementation of the state guarantee for the support of private entrepreneurship are defined in the agreement on the provision of a state guarantee for the support of private entrepreneurship concluded between the central authorized body for budget execution, the attorney (agent) and the special fund for the development of entrepreneurship.
5. The state guarantee for the support of private entrepreneurship is terminated in the following cases::
1) full fulfillment of the obligations stipulated in the guarantee agreement to support private entrepreneurship;
2) its expiration date.";
9) in subparagraph 1) of paragraph 4 of Article 148, the words "objects of informatization" should be replaced by the words "technologically complex digital objects of the digital government";
10) the third paragraph of subparagraph 2) of paragraph 1 of Article 149 shall be worded as follows:
"a budget investment project providing for the creation and development of technologically complex digital facilities of the digital government, for which technical specifications are being developed in accordance with the digital legislation of the Republic of Kazakhstan;";
11) add the words "state guarantees for the support of private entrepreneurship" to the ninth part of paragraph 2 of Article 168.
12. To the Law of the Republic of Kazakhstan dated September 21, 1994 "On Transport in the Republic of Kazakhstan":
1) in article 1:
in subparagraph 8-3), replace the words "information system" with the words "digital system";
in subparagraph 8-4), replace the words "information system" with the words "digital system";
2) in the eighth paragraph of the second part of Article 6, the words "information and communication technologies" should be replaced by the words "digital technologies";
3) in article 6-2:
in the title and paragraphs 1 and 2, replace the words "information system" with the words "digital system";
in paragraph 3:
Replace the words "information system" with the words "digital system";
replace the words "information system" with the words "digital system";
In paragraphs 4, 5 and 6, replace the words "information system" with the words "digital system";
4) paragraph 1 of article 24-2:
after the words "and by sea", add the words "on the territory of the Republic of Kazakhstan";
after the word "information", add the words ", including digital resources that are provided from digital systems,".
13. To the Law of the Republic of Kazakhstan dated December 21, 1995 "On National Security Agencies of the Republic of Kazakhstan":
1) in subparagraph 3) of Article 1-1, replace the words "information security" with the word "cybersecurity";
2) add article 11-1 to Chapter 2 as follows:
"Article 11-1. Special Expert Council
1. The National Security Committee of the Republic of Kazakhstan shall establish a special expert council.
2. The Special Expert Council considers issues in the field of digitalization of national security agencies and develops proposals and (or) recommendations.
3. The position and composition of the special expert council are approved by the order of the first head of the National Security Committee of the Republic of Kazakhstan.
4. The Special Expert Council carries out its activities on an ongoing basis.";
3) in subparagraph 22) of Article 12, replace the words "information systems" with the words "digital systems";
4) in article 13:
In subparagraph 14), the words "electronic information resources" and "information systems" should be replaced by the words "digital resources" and "digital systems", respectively;
in subparagraph 20), replace the words "information systems" with the words "digital systems";
In sub-paragraphs 21-2) and 21-3), replace the words "electronic government" with the words "digital government";
In subparagraph 21-8), replace the words "information security" with the word "cybersecurity".
14. To the Law of the Republic of Kazakhstan dated June 10, 1996 "On Copyright and Related Rights":
1) in subparagraph 14-1) of Article 2, the words "electronic information resource" should be replaced by the words "digital resource";
2) Paragraph 5 of Article 26 shall be worded as follows:
"5. The amount of remuneration, the procedure for collecting, distributing and paying it, as well as the procedure for determining the amount to cover the actual expenses of an expert organization are established by the authorized body.";
3) in the first part of paragraph 4 of Article 43, the words "written contracts" should be replaced by the words "contracts concluded through a single digital platform";
4) in paragraph 5 of article 44:
in part two, replace the words "to the account of the organization" with the words "to the current account of the organization for the collection, distribution, payment and storage of remuneration";
The third part should be worded as follows:
"The amounts of remuneration collected, distributed and accrued to specific copyright and related rights holders, must be kept in the current account for the collection, distribution, payment and storage of remuneration to the collective rights management organization and be paid to the corresponding author and (or) copyright holder as such persons find or apply, regardless of the retention period of such amounts in the current account. an account for collecting, distributing, paying, and storing remuneration.";
5) in article 46:
in the second part of paragraph 1:
Add the following sentences to the first part of subparagraph 2) after the third sentence: the fourth, fifth and sixth sentences:
"The actual costs of the organization for collective rights management include, among other things, the actual costs of using a single digital platform in accordance with the procedure determined by the authorized body. When concluding agreements on mutual representation of interests between organizations for the collective management of rights, the expenses of the organizations are determined by agreement of the parties within the limits of the expenses of the organization established by this subparagraph. Repeated deduction from the amount of the collected remuneration received from another organization is not allowed.";
subparagraph 6) should be worded as follows:
"6) post information on the rights transferred to its management on the Internet resource and the unified digital platform in accordance with the procedure determined by the authorized body;";
add paragraphs 3 and 4 as follows:
"3. The collective rights management organization is obliged to open a current account with the bank for collecting, distributing, paying and storing remuneration and a current account for carrying out its activities and covering the actual expenses of the organization.
Transactions on these accounts are carried out exclusively in non-cash form in accordance with the legislation of the Republic of Kazakhstan and in accordance with the directions established by the authorized body.
4. The collective rights management organization is obliged to ensure that information on the movement of money on the current account is posted on a single digital platform for collecting, distributing, paying and storing remuneration in order to ensure the targeted use of the collected remuneration, as well as ensuring the completeness of taxes to the budget in accordance with the procedure determined by the rules.";
6) paragraph 1 of Article 47 shall be worded as follows:
"1. The organization for the collective management of the rights of authors, performers, producers of phonograms or other holders of copyright and (or) related rights is obliged annually, no later than April 15 of the year following the reporting year, to submit to the authorized body through a single digital platform an annual balance sheet, an annual report, including information on collected, distributed, undistributed, paid, unpaid, unclaimed remuneration, as well as the amounts allocated to cover the costs of collecting, distributing and paying remuneration.
In case of failure to ensure full distribution and payment of royalties in previous years, information on these amounts of remuneration is provided until the royalties are fully paid.
Information on the amounts transferred to foreign organizations and clarifications on the amounts of payments to authors and copyright holders are provided via a single digital platform no later than September 15 of the year following the reporting year.".
15. To the Law of the Republic of Kazakhstan dated April 16, 1997 "On Housing Relations":
1) throughout the text, the words "informatization object", "informatization objects", "informatization objects", "informatization objects", "informatization object", "informatization object", "informatization objects", "information security", "information security", "electronic government information and communication platform", "electronic government informatization facility", "in the field of informatization", "legislation of the Republic of Kazakhstan on informatization" should be replaced, respectively, with the words "digital facility", "digital facilities", "digital facilities", "digital object", "digital object", "digital objects", "cybersecurity", "cybersecurity", "digital government platform", "digital government facility", "in the field of digitalization", "digital legislation of the Republic of Kazakhstan";
2) in article 10-6:
in the title, replace the words "Objects and subjects of informatization" with the words "Digital objects and subjects of the digital environment";
In paragraphs 2 and 2-1, the words "Subjects of informatization" and "Subjects (participants) of informatization" should be replaced, respectively, with the words "Subjects of the digital environment" and "Subjects (participants) of the digital environment".
16. To the Law of the Republic of Kazakhstan dated July 11, 1997 "On Languages in the Republic of Kazakhstan":
1) in article 22:
In the title, replace the word "informatization" with the word "digitalization";
In part two, the words "objects of informatization", "objects of informatization", "state electronic information resources" should be replaced, respectively, with the words "digital objects", "digital objects", "state digital resources";
2) in article 25-6:
in subparagraph 2) of paragraph 4, the words "information systems" should be replaced by the words "digital systems";
In subparagraph 2) of paragraph 6, the words "information systems" should be replaced by the words "digital systems".
17. To the Law of the Republic of Kazakhstan dated July 14, 1997 "On Notary":
1) throughout the text, the words "information system", "information system", "information system", "information system", "information system", "information systems" should be replaced, respectively, with the words "digital system", "digital system", "digital system", "digital system system", "digital systems";
2) in the second part of subparagraph 5-1) of paragraph 10 of Article 3, the words "The Law of the Republic of Kazakhstan "On Personal Data and their Protection" should be replaced by the words "The Digital Code of the Republic of Kazakhstan and the Law of the Republic of Kazakhstan "On Personal Data and their Protection";
3) in paragraph 6 of Article 4-1, the words "informatization" and "information security" should be replaced by the words "digitalization" and "cybersecurity," respectively;
4) in paragraph 2 of Article 4-2, the words "information system" and "informatization" should be replaced by the words "digital system" and "digitalization", respectively;
5) Subparagraph 3-2) of Article 18 should be worded as follows:
"3-2) comply with the requirements of the digital legislation of the Republic of Kazakhstan when working with the unified notarial digital system;";
6) in the second part of Article 99-2, the words "The Law of the Republic of Kazakhstan "On Electronic Document and electronic Digital Signature" should be replaced by the words "The Digital Code of the Republic of Kazakhstan".
18. To the Law of the Republic of Kazakhstan dated June 30, 1998 "On registration of pledge of movable Property":
1) throughout the text, the words "information system", "information systems", "information systems", "information system", "information system" should be replaced by the words "digital system", "digital systems", "digital systems", "digital system", respectively;
2) in the second part of paragraph 2 of Article 9, the words "electronic government" should be replaced by the words "digital government".
19. To the Law of the Republic of Kazakhstan dated July 1, 1998 "On the special status of the city of Almaty":
In subparagraph 18) of Article 3, the word "informatization" should be replaced by the word "digitalization".
20. To the Law of the Republic of Kazakhstan dated July 9, 1998 "On Livestock Breeding":
1) in subparagraph 13-2) of Article 13, replace the words "electronic registry" with the words "digital registry";
2) subparagraph 1) of the first part of paragraph 2-1 of Article 16 should be worded as follows:
"1) digital systems;";
3) in paragraph 10 of article 16-2:
In part one, replace the words "information systems" with the words "digital systems";
In Part two, replace the words "e-government" with the words "digital government".
21. To the Law of the Republic of Kazakhstan dated November 20, 1998 "On Auditing":
1) in subparagraph 6) of article 1, the word "written" should be replaced by the words "written or electronic";
2) in subparagraph 4) of Article 7, replace the words "in the field of informatization" with the words "in the field of digitalization";
3) in paragraph 1 of Article 10, the words "in the field of informatization" should be replaced by the words "in the field of digitalization";
4) in the second part of paragraph 2 of Article 13, the words "in the mass media determined by the Qualification Commission" should be replaced by the words "on the Internet resource of the professional council, the authorized body, and also posted in the financial reporting depository";
5) in the second part of Article 15, replace the words "in the mass media" with the words "on its Internet resource, as well as posted in the financial reporting depository";
6) in paragraph 2 of article 18:
The first part should be worded as follows:
"2. The audit report, drawn up in writing, is signed by the executive auditor indicating the number and date of issue of the qualification certificate, is certified with his personal seal, is approved by the signature of the head of the audit organization, is certified with the seal of the audit organization and is subject to registration with the financial reporting depository within three working days from the date of the audit report.";
add the following part of the second part:
"The audit report is electronically generated in the financial reporting depository. At the same time, registration of the electronic audit report in the financial reporting depository is not required.";
7) paragraph 2 of Article 21 should be supplemented with subparagraph 8-1) as follows:
"8-1) to update information on auditors who carry out their activities as an auditor within this audit organization;".
22. To the Law of the Republic of Kazakhstan dated December 22, 1998 "On the National Archival Fund and Archives":
Subparagraph 25) of Article 1 shall be worded as follows:
"25) the digital government service integrator is a legal entity designated by the Government of the Republic of Kazakhstan, which is entrusted with the functions of methodological support for the development of the digital government architecture, as well as other functions provided for by the digital legislation of the Republic of Kazakhstan.".
23. To the Law of the Republic of Kazakhstan dated December 30, 1998 "On State control over the turnover of certain types of weapons":
1) in the third part of paragraph 2 of Article 14, the words "in the field of informatization" should be replaced by the words "in the field of digitalization";
2) in the fourth part of paragraph 2 of Article 15, the words "in the field of informatization" should be replaced by the words "in the field of digitalization";
3) in subparagraph 13) of the first part of paragraph 4 of Article 19, the words "information systems" should be replaced by the words "digital systems";
4) in subparagraph 3) of paragraph 2 of Article 30, the words "information systems" should be replaced by the words "digital systems".
24. To the Law of the Republic of Kazakhstan dated February 11, 1999 "On Plant Quarantine":
Subparagraph 1) of the first part of paragraph 4 of Article 10 shall be worded as follows:
"1) digital systems;".
25. To the Law of the Republic of Kazakhstan dated March 15, 1999 "On State Secrets":
Throughout the text, the words "information system", "information system", "information systems", "electronic information resource", "electronic information resources", "electronic digital form" should be replaced respectively with the words "digital system", "digital system", "digital systems", "digital resource", "digital resources", "digital form".
26. To the Law of the Republic of Kazakhstan dated July 13, 1999 "On the State special allowance for persons who worked in underground and open-pit mining, in work with particularly harmful and particularly difficult working conditions or in work with harmful and difficult working conditions":
1) in subparagraphs 1) and 3) of paragraph 1 of Article 5-1, the words "information system" and "information systems" should be replaced by the words "digital system" and "digital systems", respectively;
2) in article 5-2, replace the words "information systems" with the words "digital systems".
27. To the Law of the Republic of Kazakhstan dated July 13, 1999 "On Combating Terrorism":
1) in subparagraph 2) of paragraph 1 of Article 23-4, the words "information systems" should be replaced by the words "digital systems";
2) in subparagraph 3) of paragraph 2 of Article 23-5, the words "information systems" should be replaced by the words "digital systems".
28. To the Law of the Republic of Kazakhstan dated October 19, 2000 "On Security Activities":
In the second part of paragraph 3 of Article 18, the word "informatization" should be replaced by the word "digitalization".
29. To the Law of the Republic of Kazakhstan dated December 18, 2000 "On Insurance Activities":
1) throughout the text, the words "electronic government", "The Law of the Republic of Kazakhstan "On Informatization", "electronic information resources", "electronic information resources", "information systems", "information systems", "information systems", "information system", "information technologies", "information technologies", "information security" should be replaced by the words "digital government", "Digital Code of the Republic of Kazakhstan", "digital resources", "digital resources", "digital systems", "digital systems", respectively, "digital systems", "digital systems", "digital system", "digital technologies", "digital technologies", "cybersecurity";
2) in paragraph 7 of article 79:
in subparagraph 4), replace the words "objects of informatization" with the words "digital objects";
In subparagraph 6), replace the words "electronic database" with the words "digital database".
30. To the Law of the Republic of Kazakhstan dated January 23, 2001 "On Local Government and Self-government in the Republic of Kazakhstan":
1) Sub-paragraphs 21-1), 21-2) and 21-4) of paragraph 1 of Article 27 shall be worded as follows:
"21-1), within its competence, provides electronic services using digital systems in accordance with the digital legislation of the Republic of Kazakhstan;
21-2) ensures the maintenance and filling of the digital system "Address Register";";
"21-4) develops and approves, in coordination with the authorized body in the field of digitalization, the regulation on the procedure for registration and the structure of the address in the digital system "Address Register";";
2) subparagraph 17-1) of paragraph 1 of Article 31 shall be worded as follows:
"17-1), within its competence, provides electronic services using digital systems in accordance with the digital legislation of the Republic of Kazakhstan;".
31. To the Law of the Republic of Kazakhstan dated July 17, 2001 "On Highways":
in article 1:
in subparagraph 1), replace the words "technical means, devices and equipment that have passed metrological verification, taking photos and videos, operating in automatic mode," with the words "technical means and devices that have passed metrological verification, taking photos and videos, operating in automatic mode, detecting or";
In sub-paragraphs 15-1) and 15-3), replace the words "information system" with the words "digital system".
32. To the Law of the Republic of Kazakhstan dated December 8, 2001 "On Railway Transport":
1) in the second part of paragraph 1 of Article 43, the words "information systems" should be replaced by the words "digital systems";
2) in the first part of paragraph 1 of Article 88-6, the words "information systems" should be replaced by the words "digital systems";
3) in paragraph 3 of Article 89-1, the words "information systems" should be replaced by the words "digital systems".
33. To the Law of the Republic of Kazakhstan dated January 17, 2002 "On Merchant Shipping":
In paragraph 1 of article 43-1, the words "information systems" should be replaced by the words "digital systems".
34. To the Law of the Republic of Kazakhstan dated March 18, 2002 "On Judicial Authorities":
1) in the second part of paragraph 1 of Article 12, the words "information systems" should be replaced by the words "digital systems";
2) in subparagraph 5) of Article 15, the words "informatization" and "information system" should be replaced, respectively, with the words "digitalization" and "digital system".;
3) Article 22-1 should be worded as follows:
"Article 22-1. State control in the field of intellectual property law
State control over the activities of organizations for the collective management of rights, as well as over the use of intellectual property rights in terms of copyright and related rights, trademarks, service marks, geographical indications, appellations of origin or trade names is carried out in the form of verification and preventive control in accordance with the Business Code of the Republic of Kazakhstan.";
4) Subparagraph 8-1) of Article 24 shall be worded as follows:
"8-1) provide electronic services using digital systems in accordance with the digital legislation of the Republic of Kazakhstan;".
35. To the Law of the Republic of Kazakhstan dated July 3, 2002 "On Plant Protection":
Subparagraph 1) of the first part of paragraph 3 of Article 15-1 should be worded as follows:
"1) digital systems;".
36. To the Law of the Republic of Kazakhstan dated July 10, 2002 "On Veterinary Medicine":
1) in article 10:
in subparagraph 4-1) of paragraph 1, replace the words "electronic registry" with the words "digital registry";
in subparagraph 4-1) of paragraph 1-1, replace the words "electronic registry" with the words "digital registry";
2) in paragraph 7 of Article 13-1, the words "information systems" should be replaced by the words "digital systems";
3) subparagraph 1) of the first part of paragraph 7-1 of Article 14-1 should be worded as follows:
"1) digital systems;".
37. To the Law of the Republic of Kazakhstan dated February 8, 2003 "On Seed Production":
In subparagraph 5) of Article 6-1, the words "electronic register" should be replaced by the words "digital register".
38. To the Law of the Republic of Kazakhstan dated July 1, 2003 "On compulsory insurance of civil liability of the carrier to passengers":
Throughout the text, the words "electronic information resources", "information systems", "information systems", "information systems" should be replaced, respectively, with the words "digital resources", "digital systems", "digital systems", "digital systems".
39. To the Law of the Republic of Kazakhstan dated July 1, 2003 "On compulsory insurance of civil liability of vehicle Owners":
Throughout the text, the words "electronic information resources" should be replaced with the words "digital resources".
40. To the Law of the Republic of Kazakhstan dated July 4, 2003 "On State Regulation, Control and Supervision of the Financial Market and Financial Organizations":
In subparagraph 2) of the first part of paragraph 6 of Articles 15-19, the words "electronic government" should be replaced by the words "digital government".
41. To the Law of the Republic of Kazakhstan dated July 4, 2003 "On Motor Transport":
1) in article 1:
in subparagraph 1), replace the words "automated information system" with the words "automated digital system";
in subparagraph 3-1), replace the words "certified special control and measuring equipment, devices and equipment that have passed metrological verification, taking photos and videos, operating in automatic mode," with the words "certified control and measuring equipment and devices that have passed metrological verification, taking photos and videos, operating in automatic mode.", detecting or";
in subparagraph 17-3), replace the words "transportation activities, including certified special control and measuring equipment, devices and equipment operating in automatic mode, recording offenses in the field of motor transport and traffic" with the words "activities for the transportation of passengers, baggage, cargo and mail, as well as technical means that detect or recording violations of the legislation of the Republic of Kazakhstan on road traffic and on motor transport, operating in automatic mode";
in subparagraph 18), replace the words "information system" with the words "digital system";
2) in paragraph 1 of Articles 19-17, replace the words "information systems" with the words "digital systems";
3) in paragraph 4-1 of Article 21, the words "information system" should be replaced by the words "digital system";
4) in the second part of paragraph 4 of Article 26, the words "electronic register" should be replaced by the words "digital register".
42. To the Law of the Republic of Kazakhstan dated November 4, 2003 "On State Monitoring of Property in sectors of the Economy of strategic importance":
1) Subparagraph 12-1) of Article 13 shall be worded as follows:
"12-1) provides electronic services using digital systems in accordance with the digital legislation of the Republic of Kazakhstan;";
2) Article 18 should be worded as follows:
"Article 18. Digital database of state property monitoring
1. The digital database of state property monitoring contains brief legal, technical and economic information about the monitoring objects. Its management is carried out by the authorized body.
2. State bodies and organizations that create and maintain registers and digital databases on individuals and legal entities shall, free of charge, provide the authorized body with the information necessary for the formation and updating of the digital database of state property monitoring.
3. Access to information on state monitoring of property is provided in accordance with the procedure established by the authorized body.".
43. To the Law of the Republic of Kazakhstan dated December 22, 2003 "On State Legal Statistics and Special Accounting":
1) throughout the text, the words "information systems", "information system", "state legal information statistical system", "state legal information statistical system", "information and communication technologies", "electronic information resources", "electronic information resources", "electronic information resources" should be replaced respectively with the words "digital systems", "digital system", "state digital legal statistical system", "state digital legal statistical system", "digital technologies", "digital resources", "digital resources", "digital resources";
2) in the second paragraph of subparagraph 12-3) of the first part of Article 6, the words "uniform requirements in the field of information and communication technologies and information security" should be replaced by the words "uniform requirements in the fields of digitalization and cybersecurity";
3) in article 16-1:
In paragraph 2, the words "on informatization" should be replaced by the words "digital legislation of the Republic of Kazakhstan";
In paragraph 3, replace the word "informatization" with the word "digitalization";
4) paragraph 2 of Article 16-2 should be worded as follows:
"2. A request in the form of an electronic document that meets the requirements of the digital legislation of the Republic of Kazakhstan is equivalent to a paper document.";
5) paragraphs 1 and 5 of Article 16-3 should be worded as follows:
"1. Users of the information exchange system of law enforcement, special state and other bodies ensure the validity of the request, the use of the information received solely for the purposes stated in the request, as well as compliance with the digital legislation of the Republic of Kazakhstan and the legislation of the Republic of Kazakhstan on personal data and their protection.";
"5. Officials for violating the requirements of the digital legislation of the Republic of Kazakhstan and the legislation of the Republic of Kazakhstan on personal data and their protection are responsible in accordance with the laws of the Republic of Kazakhstan.".
44. To the Law of the Republic of Kazakhstan dated December 31, 2003 "On Compulsory Tourist Insurance":
Throughout the text, "electronic information resources", "information system", "information systems" should be replaced by the words "digital resources", "digital system", "digital systems", respectively.
45. To the Law of the Republic of Kazakhstan dated April 12, 2004 "On Regulation of Trading activities":
1) throughout the text, the words "information system", "information system", "information systems", "information system", "information system", "information resource", "information resources", "information and communication technologies" should be replaced respectively with the words "digital system", "digital system", "digital systems", "digital system", "digital system", "digital resource", "digital resources", "digital technologies";
2) in the first part of paragraph 4 of Article 22-6, the words "electronic information resources" should be replaced by the words "digital resources";
3) in subparagraph 1) of paragraph 3 of Article 29-1, the words "information resources" should be replaced by the words "digital resources";
4) in subparagraph 3) of article 29-2, the words "electronic means of communication" should be replaced by the words "digital means of communication".
46. To the Law of the Republic of Kazakhstan dated July 5, 2004 "On Communications":
1) throughout the text, the words "information security", "electronic government", "information systems", "information and communication infrastructure", "operator of information and communication infrastructure "electronic government", "operator of information and communication infrastructure "electronic government" should be replaced by the words "cybersecurity", "digital government", respectively, "digital systems", "digital environment", "digital government operator", "digital government operator";
2) in article 2:
add subparagraph 13-2) to read as follows:
"13-2) owner of a communication network is an individual or legal entity registered in the territory of the Republic of Kazakhstan, which owns communication facilities and lines intended for telecommunications or postal communications, and provides communication services and (or) provision of communications in the implementation of managerial, organizational, internal production purposes;";
subparagraph 16) after the words "telecom operators" add the words "and (or) owners of communication networks";
add subparagraph 31-1) as follows:
"31-1) authorized body in the field of cybersecurity – the central executive body responsible for leadership and intersectoral coordination in the field of cybersecurity;";
Subparagraph 44-1) should be worded as follows:
"44-1) presidential communications – communications to ensure the activities of the President of the Republic of Kazakhstan;";
3) in article 3:
Paragraph 1 after the words "consists of" should be supplemented with the words "Digital Code of the Republic of Kazakhstan,";
Paragraph 2 should be worded as follows:
"2. International treaties ratified by the Republic of Kazakhstan have priority over this Law. The procedure and conditions of operation in the territory of the Republic of Kazakhstan of international treaties to which the Republic of Kazakhstan is a party are determined by the legislation of the Republic of Kazakhstan.";
4) add article 8-1 as follows:
"Article 8-1. Competence of the authorized body in the field of cybersecurity
The competence of the authorized body in the field of cybersecurity includes:
1) implementation of state regulation of activities in the field of communications within its competence;
2) implementation of state control in the field of digitalization on communication networks;
3) approval of the rules for suspending the provision of communication services when cybersecurity incidents are detected;
4) exercise other powers provided for by this Law, other laws of the Republic of Kazakhstan, acts of the President of the Republic of Kazakhstan and the Government of the Republic of Kazakhstan.";
5) in paragraph 2 of article 9:
subparagraph 1) after the word "distribution", add the words ", redistribution (reorganization of use) of the radio frequency spectrum";
add subparagraph 11) as follows:
"11) revision of the national Table of frequency band allocation between the radio services of the Republic of Kazakhstan and the plan for the prospective use of the radio frequency spectrum.";
6) paragraph 1 of Article 9-1 should be supplemented with sub-paragraphs 9) and 10) as follows:
"9) development of a plan for the prospective use of the radio frequency spectrum;
10) carrying out analytical work on the state of communication quality, as well as the selection of radio frequencies for civil electronic equipment in the Republic of Kazakhstan.";
7) in article 12:
the title after the word "distribution" should be supplemented with the words ", redistribution (reorganization of use)";
in the second part of paragraph 6, after the words "radio electronic means," add the words "the validity period of the permit in accordance with the plan for the prospective use of the radio frequency spectrum";
the second paragraph of subparagraph 6) of paragraph 8-1 should be supplemented with the words ", including in the case of the transition of frequency bands to promising technologies according to the plan for the prospective use of the radio frequency spectrum";
8) in article 15:
Subparagraph 2) of paragraph 1 should be worded as follows:
"2) to collect and store official information about subscribers and (or) users of communication services in accordance with the procedure determined by the authorized body in the field of communications. The storage of official information about subscribers and (or) users of communication services is carried out on the territory of the Republic of Kazakhstan. It is prohibited to transfer official information outside the Republic of Kazakhstan, except in cases of providing communication services to subscribers of the Republic of Kazakhstan located abroad;";
Paragraph 7 should be worded as follows:
"7. Telecom operators are required to have internal anti-fraud systems and block unauthorized traffic (fraud). For this purpose, telecommunications networks are equipped to detect unauthorized traffic and comply with cybersecurity requirements.";
9) in article 21:
In the first paragraph of paragraph 2, replace the words "presidential communications" with the words "presidential and government communications";
The second part of paragraph 3 should be worded as follows:
"Employees of telecom operators and owners of communication networks whose functional responsibilities include the operation and maintenance of switching equipment (stations, substations, hubs) of wired telephone networks, cellular, satellite and other wireless telephone communications, data transmission networks, as well as means of conducting operational search and counterintelligence activities, as well as system maintenance, ensuring the collection and storage of official information must be citizens of the Republic of Kazakhstan. It is prohibited for telecom operators to transfer control of their own communication networks to other persons in any form.";
10) paragraph 4 of article 36 shall be worded as follows:
"4. Receiving official information from the telecom operator and (or) the owner of the communication network is allowed only with the consent of the subscriber and (or) the user and in cases provided for by this Law and the laws of the Republic of Kazakhstan "On operational investigative activities", "On counterintelligence activities".";
11) add article 39-3 to Chapter 9 as follows:
"Article 39-3. Risk management and internal control system
1. Telecom operators form and approve a risk management and internal control system, which should also contain measures aimed at ensuring the quality of communication services and preventing fraud on communication networks.
The procedure for forming a risk management and internal control system is determined by the authorized body.
2. The telecom operator provides information on the risk management and internal control system in accordance with the procedure and deadlines determined by the authorized body.";
12) the third paragraph of paragraph 1-4 of Article 40 should be worded as follows:
"when reports are received from the National Cybersecurity Coordination Center, the Cybersecurity Incident Response Service, and the Cybersecurity Operations Center about cybersecurity incidents that may lead to the suspension of critical digital facilities."
47. To the Law of the Republic of Kazakhstan dated July 6, 2004 "On Credit Bureaus and Formation of credit Histories in the Republic of Kazakhstan":
1) throughout the text, the words "electronic government", "electronic information resources", "information and communication technologies", "objects of informatization" should be replaced by the words "digital government", "digital resources", "digital technologies", "digital objects", respectively;
2) in subparagraph 3) of Article 3, the words "information system" should be replaced by the words "digital system";
3) in the second part of paragraph 3 of Article 23, the words "legislation of the Republic of Kazakhstan on informatization, an agreement using an electronic gateway for information exchange of an authorized body in the field of informatization" should be replaced by the words "digital legislation of the Republic of Kazakhstan, an agreement using an electronic gateway for information exchange of an authorized body in the field of digitalization".
48. To the Law of the Republic of Kazakhstan dated July 6, 2004 "On Inland Waterway Transport":
In paragraph 1 of article 17-2, the words "information systems" should be replaced by the words "digital systems".
49. To the Law of the Republic of Kazakhstan dated July 7, 2004 "On compulsory insurance of civil liability of owners of facilities whose activities are associated with the risk of harm to third parties":
Throughout the text, the words "electronic information resources", "information system", "information systems" should be replaced, respectively, with the words "digital resources", "digital system", "digital systems".
50. To the Law of the Republic of Kazakhstan dated July 9, 2004 "On Protection, reproduction and use of wildlife":
Throughout the text, the words "information system", "information systems", "information systems" should be replaced with the words "digital system", "digital systems", "digital systems", respectively.
51. To the Law of the Republic of Kazakhstan dated January 7, 2005 "On Defense and Armed Forces of the Republic of Kazakhstan":
1) throughout the text, the words "information and communication infrastructure" and "information and communication infrastructure" should be replaced by the words "digital infrastructure" and "digital infrastructure", respectively;
2) in subparagraph 11-2) of Article 1, replace the words "information security" with the word "cybersecurity".
52. To the Law of the Republic of Kazakhstan dated February 18, 2005 "On Countering Extremism":
In subparagraph 3) of Article 1, the words "informational" and "informational" should be replaced, respectively, with the words "digital" and "digital".
53. To the Law of the Republic of Kazakhstan dated July 8, 2005 "On State regulation of the development of the agro-industrial complex and rural areas":
Throughout the text, the words "information system", "information system", "information system", "electronic information resources", "electronic information resources", "information and communication technologies" should be replaced respectively with the words "digital system", "digital system", "digital system", "digital resources", "digital resources", "digital technologies".
54. To the Law of the Republic of Kazakhstan dated December 13, 2005 "On Compulsory Environmental Insurance":
1) in paragraph 4-1 of Article 7, the words "electronic information resources" should be replaced by the words "digital resources";
2) in article 7-1:
replace the words "electronic information resources" with the words "digital resources";
Replace the words "information system" with the words "digital system".
55. To the Law of the Republic of Kazakhstan dated January 16, 2006 "On Jurors":
in article 4:
In paragraph 1, the words "authorized body in the field of informatization and electronic government informatization facilities in accordance with the legislation of the Republic of Kazakhstan on informatization" should be replaced by the words "authorized body in the field of digitalization and digital government facilities in accordance with the digital legislation of the Republic of Kazakhstan";
In paragraph 2, replace the words "in the field of informatization" with the words "in the field of digitalization".
56. To the Law of the Republic of Kazakhstan dated December 15, 2006 "On Culture":
Throughout the text, the words "information system", "information system", "information and communication technologies", "electronic information resource", "electronic information resources" should be replaced, respectively, with the words "digital system", "digital system", "digital technologies", "digital resource", "digital resources".
57. To the Law of the Republic of Kazakhstan dated January 12, 2007 "On National Registers of Identification Numbers":
1) in subparagraph 9) of paragraph 1 of Article 1, the words "information systems" should be replaced by the words "digital systems";
2) in article 3:
in paragraph 2:
in subparagraph 1), replace the words "information databases" with the words "digital databases";
in subparagraph 2), replace the words "electronic information resources" with the words "digital resources";
In paragraph 3, replace the words "information systems" with the words "digital systems";
in subparagraph 12) of paragraph 4, replace the words "information systems" with the words "digital systems".
58. To the Law of the Republic of Kazakhstan dated February 28, 2007 "On Accounting and Financial Reporting":
in article 1:
in subparagraph 1), replace the words "in the field of informatization" with the words "in the field of digitalization";
in subparagraph 10):
replace the words "electronic database" with the words "digital database";
after the words "financial statements", add the words "assessment reports in accordance with the legislation of the Republic of Kazakhstan on assessment activities".
59. To the Law of the Republic of Kazakhstan dated July 26, 2007 "On State Registration of Rights to Immovable Property":
1) throughout the text, the words "Electronic registration", "electronic registration", "information system", "information system", "information system", "information system", "information system", "information systems" should be replaced by the words "Digital registration", "digital registration", "digital system", "digital system", "digital system", "digital system", "digital system", "digital systems";
2) Subparagraph 31) of Article 1 shall be worded as follows:
"31) digital registration is a state registration carried out on the basis of a digital copy of the title document received by the registration authority through the digital legal cadastre system.";
3) in paragraph 3-3 of Article 17, the words "electronic government" should be replaced by the words "digital government";
4) in paragraph 2 of article 20:
In subparagraph 2), the words "electronic government payment gateway", "on informatization", and "digital government payment gateway", "in the field of digitalization", and "digital government payment gateway" should be replaced, respectively;
in the second paragraph of subparagraph 3), the word "PSHEP" should be replaced by the words "digital government payment gateway";
5) in paragraph 2-1 of article 21, the words "electronic information resources" should be replaced by the words "digital resources".
60. To the Law of the Republic of Kazakhstan dated July 27, 2007 "On Education":
1) throughout the text, the words "objects of informatization", "objects of informatization", "information and communication technologies", "information systems" should be replaced by the words "digital objects", "digital objects", "digital technologies", "digital systems", respectively;
2) in subparagraph 9) of paragraph 2 of Article 3, the words "information and communication technology" should be replaced by the word "digital";
3) in the first part of Article 5:
in subparagraph 8), replace the words "information support" with the words "digital support";
in sub-paragraphs 10) and 11), replace the words "information security of the information system" with the words "cybersecurity of the digital system";
in subparagraph 12), replace the words "objects of informatization" with the words "digital objects";
In subparagraph 23), replace the words "electronic register of permissions and notifications" with the words "digital register of permissions and notifications";
4) in subparagraph 4) of the first part of Article 5-3, the words "information support" should be replaced by the words "digital support";
5) in subparagraph 22-2) of paragraph 2 of Article 6, the words "objects of informatization" should be replaced by the words "digital objects";
6) in article 7:
in the title, replace the word "Informational" with the word "Digital";
in paragraph 2:
In Part One, the words "Objects of informatization" should be replaced with the words "Digital objects";
The second part should be worded as follows:
"The authorized body in the field of education and the authorized body in the field of science and higher education are obliged to ensure free access of citizens to the data of digital objects in accordance with the digital legislation of the Republic of Kazakhstan and the legislation of the Republic of Kazakhstan on personal data and their protection.";
In paragraph 3, the words "Information system" and "objects of informatization" should be replaced by the words "Digital system" and "digital objects", respectively;
in paragraph 4, replace the words "objects of informatization" with the words "digital objects";
7) in paragraph 2-1 of Article 8, the words "information and communication infrastructure" should be replaced by the words "digital infrastructure";
8) in the second part of paragraph 1 of Article 45, the words "object of informatization" should be replaced by the words "digital object";
9) in paragraph 5-1 of Article 47, the words "information system" should be replaced by the words "digital system";
10) in paragraph 4 of Article 57-1, the words "electronic register of permits and notifications" should be replaced by the words "digital register of permits and notifications";
11) in subparagraph 2) of paragraph 8-6 of Article 59, the words "object of informatization" should be replaced by the words "digital object".
61. To the Law of the Republic of Kazakhstan dated July 5, 2008 "On accreditation in the field of conformity assessment":
Throughout the text, the words "information systems" and "information systems" should be replaced with the words "digital systems" and "digital systems", respectively.
62. Amendments to the Law of the Republic of Kazakhstan dated August 28, 2009 "On Countering the Legalization (Laundering) of Proceeds from Crime, the financing of terrorism and the financing of the proliferation of weapons of mass Destruction":
1) in subparagraph 4) of paragraph 2 of Article 2-1, the words "information system" should be replaced by the words "digital system";
2) in subparagraph 1) of paragraph 3 of Article 6-1, the words "information systems" should be replaced by the words "digital systems";
3) in paragraph 1 of article 14-1, the words "information systems" should be replaced by the words "digital systems";
4) in article 16:
in subparagraph 7), replace the words "information systems" with the words "digital systems";
in subparagraph 13-1), replace the words "electronic registry" with the words "digital registry";
5) in subparagraph 5) of paragraph 1 of Article 17, the words "information systems" should be replaced by the words "digital systems";
6) in subparagraph 3) of paragraph 2 of Article 18, the words "information systems" should be replaced by the words "digital systems".
63. To the Law of the Republic of Kazakhstan dated March 19, 2010 "On State Statistics":
1) throughout the text, replace the words "information system", "information systems", "information system", "information and communication technologies", "electronic government informatization facilities", "electronic government web portal" with the words "digital system", "digital systems", "digital system", "digital technologies", "digital objects of the digital government", "web portal of the digital government";
2) in article 1:
in subparagraph 2):
replace the words "state bodies implementing" with the words "state bodies, as well as owners of state digital facilities implementing";
replace the words "other data in the process" with the words "other data and (or) their processing and (or) formation in the process";
in subparagraph 3):
replace the words "household accounting, generated" with the words "household accounting, collected and (or) processed, and (or) generated";
add the following part of the second part:
"Administrative data may be administrative digital data;";
sub-paragraph 4-1) should be deleted;
3) paragraph 4-1 of Article 26 should be worded as follows:
"4-1. The distribution of the digital data product is ensured in compliance with the legislation of the Republic of Kazakhstan.
When forming a digital data product, the sources are primary statistical and (or) administrative and (or) alternative data and (or) statistical and (or) analytical information in accordance with the legislation of the Republic of Kazakhstan in the field of state statistics. The procedure for the formation of a digital data product is determined by the authorized body.".
64. To the Law of the Republic of Kazakhstan dated April 2, 2010 "On Enforcement proceedings and the Status of Bailiffs":
1) throughout the text, the words "state automated information system of enforcement proceedings", "state automated information system of enforcement proceedings", "automated information system for enforcement proceedings", "state automated information system of enforcement proceedings" should be replaced respectively with the words "state automated digital system of enforcement proceedings", "state automated digital system of enforcement proceedings", "automated digital system for enforcement proceedings", "State automated digital system of enforcement proceedings";
2) in article 1:
Subparagraph 1-1) should be worded as follows:
"1-1) the state automated digital system of enforcement proceedings is a digital system designed to electronically record enforcement proceedings, automate the procedural actions of the bailiff, as well as obtain data on the progress of enforcement proceedings by the parties to the enforcement proceedings;";
in subparagraph 3), replace the words "information system" with the words "digital system";
3) subparagraph 11) of paragraph 1 of Article 9 shall be worded as follows:
"11) orders on the prevention or necessity of payment of a fine issued by the body (official) authorized to impose administrative penalties, as far as payment of the fine is concerned;";
4) in paragraph 5 of Article 10-5, the words "automated information system of enforcement proceedings" should be replaced by the words "automated digital system of enforcement proceedings";
5) in the third part of paragraph 2 of Article 47, the words "electronic government" should be replaced by the words "digital government";
6) in subparagraph 4) of Article 147, replace the words "electronic databases" with the words "digital databases";
7) in subparagraph 4) of paragraph 1 of Article 148, the words "state automated information system for enforcement proceedings" should be replaced by the words "state automated digital system for enforcement proceedings";
8) In subparagraph 10) of Article 167, the words "electronic databases" should be replaced by the words "digital databases".
65. To the Law of the Republic of Kazakhstan dated May 22, 2010 "On Foreign Intelligence":
1) in subparagraph 13) of Article 8, the words "information systems" and "electronic information resources" should be replaced by the words "digital systems" and "digital resources", respectively;
2) in the second part of paragraph 2 of Article 12, the words "information systems" and "electronic information resources" should be replaced, respectively, with the words "digital systems" and "digital resources".
66. To the Law of the Republic of Kazakhstan dated July 15, 2010 "On the Use of the Airspace of the Republic of Kazakhstan and Aviation Activities":
1) in article 1:
Add sub-paragraphs 10-7) and 10-8) to read as follows:
"10-7) authorized accident investigation organization is an organization, the sole founder and participant (shareholder) of which is the Government of the Republic of Kazakhstan, responsible for organizing investigations of aviation accidents and incidents of civil and experimental aviation;
10-8) employees of the authorized organization for the investigation of aviation accidents – employees of the authorized organization for the investigation of aviation accidents, holding the positions of the first head and his deputies, heads of structural divisions and authorized investigators;";
Subparagraph 67-1) should be worded as follows:
"67-1) investigation procedures – a document that includes a description of the processes and procedures intended for the investigation officers of the authorized organization for the investigation of aviation accidents, in order to uniformly apply the legislation of the Republic of Kazakhstan on the use of the airspace of the Republic of Kazakhstan and aviation activities, standards and recommended practices of the International Civil Aviation Organization (ICAO) during the investigation of aviation accidents and incidents;";
add subparagraph 67-2) to read as follows:
"67-2) type certificate – a document issued by an authorized organization in the field of civil aviation, an international organization in the field of civil aviation certifying aircraft, or a foreign state to determine the design of a type of civil aircraft, engine, or propeller and confirming the design's compliance with airworthiness standards;";
2) in subparagraph 17) of Article 10-2, replace the words "information security" with the word "cybersecurity";
3) in paragraph 1 of article 14:
Subparagraph 41-4) should be worded as follows:
"41-4) Approves the composition of the commission for the investigation of an aviation accident or incidents in accordance with article 93 of this Law;";
Sub-paragraphs 41-5), 41-12) and 41-14) should be deleted;
in subparagraph 41-63), replace the words "electronic air waybill" with the words "digital air waybill";
4) in subparagraph 6) of the second part of paragraph 2 of Article 16-3, the words "or authorized" should be replaced by the words "authorized organization for the investigation of aviation accidents and (or) authorized;
5) add chapter 2-2 to read as follows:
"Chapter 2-2. Authorized organization for the investigation of aviation accidents
Article 16-14. Status and competence of the authorized accident investigation organization
1. A legal entity performing the functions of an authorized organization for the investigation of aviation accidents is determined by the Government of the Republic of Kazakhstan.
2. The authorized organization for the investigation of aviation accidents within its competence:
1) provides assistance to the authorized body in the field of civil aviation in the development of draft regulatory legal acts on issues related to the investigation of aviation accidents and incidents in the field of civil and experimental aviation;
2) organizes the investigation of aviation accidents and incidents of civil and experimental aviation in the territory of the Republic of Kazakhstan by the Commission for the Investigation of an aviation accident or incident, established by the authorized body in the field of civil aviation on the recommendation of the authorized organization for the investigation of aviation accidents in accordance with the rules for the submission of data and investigation of aviation accidents and incidents in civil and experimental aviation;
3) participates in the investigation of aviation accidents and civil aviation incidents on the territory of other states that have occurred with aircraft that are registered in the State Register of Civil Aircraft of the Republic of Kazakhstan or operated by individuals or legal entities of the Republic of Kazakhstan, by decision of the authorized body in the field of civil aviation;
4) based on the results of the investigations, issues recommendations and sends them to the authorized body in the field of civil aviation and to the authorized organization in the field of civil aviation in order to prevent accidents and incidents or reduce their consequences, as well as analyzes the implementation of such recommendations;
5) collects, stores and transmits to the authorized body in the field of civil aviation statistical data on aviation accidents and incidents involving aircraft registered in the State Register of Civil Aircraft of the Republic of Kazakhstan or operated by individuals or legal entities of the Republic of Kazakhstan;
6) collects, stores and transmits to the authorized body in the field of civil aviation statistical data on aviation accidents and incidents involving aircraft operated by foreign states on the territory of the Republic of Kazakhstan;
7) jointly with the authorized body in the field of civil aviation participates in the exchange of statistical data with international civil aviation organizations;
8) interacts, within its competence, with the authorities of foreign States and international civil aviation organizations responsible for the investigation of aviation accidents and incidents;
9) interacts with interested government agencies of the Republic of Kazakhstan on the investigation of aviation accidents and incidents;
10) ensures the safety of evidence during the investigation of aviation accidents and incidents;
11) ensures the protection of confidential flight safety information related to the investigation of aviation accidents and incidents;
12) monitors compliance of the legislation of the Republic of Kazakhstan on the use of the airspace of the Republic of Kazakhstan and aviation activities with the standards and recommended practices of the International Civil Aviation Organization (ICAO) on the investigation of aviation accidents and incidents;
13) provides timely notification to the International Civil Aviation Organization (ICAO) on existing differences with the standards and recommended practices of the International Civil Aviation Organization (ICAO) on the investigation of aviation accidents and incidents and their publication in aeronautical information documents;
14) monitors the implementation of recommendations based on the results of investigations of aviation accidents and incidents.
Article 16-15. Financing of the activities of the authorized organization for the investigation of aviation accidents
1. The budget of the authorized accident investigation organization is formed at the expense of deductions for flight safety.
2. The air navigation service provider, which is a state-owned enterprise subordinate to the authorized body in the field of civil aviation, transfers deductions to the authorized organization for the investigation of aviation accidents to ensure flight safety in order to organize and conduct an investigation of aviation accidents and incidents and prevent them in the future.
3. The source of the air navigation service provider's deductions is the portion of net income remaining at the disposal of the air navigation service provider, the distribution standard of which is established by the authorized body in the field of civil aviation.
4. The procedure for transfer and the standard of deductions for flight safety are approved by the authorized body in the field of civil aviation.";
6) in the second part of paragraph 5 of Article 76, the words "information system and information technologies" should be replaced by the words "digital system and digital technologies";
7) in article 92-1:
in the first paragraph of paragraph 5:
replace the words "operator and" with the words "operator and (or)";
after the word "report", add the words "authorized organization for the investigation of aviation accidents,"
In paragraph 9, replace the words "electronic databases" with the words "digital databases";
8) paragraph 4 of Article 92-3, after the words "analyses in", add the words "authorized organization for the investigation of aviation accidents,";
9) in article 93:
in paragraph 2:
The first, second and third parts should be worded as follows:
"2. The sole purpose of investigating an accident or incident is to prevent accidents and incidents in the future.
The purpose of this activity is not to establish anyone's share of blame or responsibility.
In civil and experimental aviation, the investigation of an accident or incident is carried out by the commission for the investigation of an accident or incident, established by the authorized body in the field of civil aviation on the recommendation of the authorized organization for the investigation of accidents and incidents in accordance with the rules for the submission of data and investigation of accidents and incidents in civil and experimental aviation.";
In Part four, the words "authorized body in the field of civil aviation" and "authorized body in the field of civil aviation" should be replaced, respectively, with the words "authorized accident investigation organization" and "authorized accident investigation organization".;
in paragraph 3:
add the following part of the second part:
"The investigation of an aviation accident or incident is carried out by the Commissioner for Investigation in accordance with the standards and recommended practices of the International Civil Aviation Organization (ICAO), with mandatory application of established investigative procedures.";
In part three, the word "others" should be deleted.;
add parts five and seven of the following content:
"The Chairman of the commission for the investigation of an aviation accident or incident in civil and experimental aviation is approved from among the employees of the authorized organization for the investigation of aviation accidents.";
"The final document of the investigation of aviation accidents or incidents in civil and experimental aviation is the final report signed by the commission on the results of the investigation.";
Paragraph 4 should be worded as follows:
"4. An aviation accident or incident involving a foreign civil aircraft on the territory of the Republic of Kazakhstan is subject to investigation by the aviation accident or incident investigation commission established by the authorized body in the field of civil aviation, or is investigated by mutual agreement by a foreign State of the country of registration of the aircraft (operator).";
in paragraph 5:
replace the words "the authorized body in the field of civil aviation carries out" with the words "the authorized organization for the investigation of aviation accidents and the authorized body in the field of civil aviation carry out";
Replace the words "in the field of civil and experimental aviation" with the words "in civil and experimental aviation";
Paragraph 8 after the word "conducted" should be supplemented with the words "commissions created";
10) in article 93-1:
in the first part of paragraph 1:
replace the words "an official of the authorized body in the field of civil aviation, who has passed" with the words "an employee of the authorized organization for the investigation of aviation accidents, who has passed";
replace the words "in the field of civil aviation" with the words "in civil and experimental aviation";
add the following part of the third:
"The qualification requirements for employees of the authorized accident investigation organization who perform the functions of investigating accidents and incidents are established in accordance with the rules for reporting data and investigating accidents and incidents in civil and experimental aviation.";
Paragraph 3 should be supplemented with sub-paragraphs 4-1), 4-2) and 4-3) as follows:
"4-1) request and receive the results of forensic medical examinations;
4-2) require persons involved in an aviation accident or incident to undergo a medical examination to establish the fact of substance use and intoxication.;
4-3) take photos and videos, as well as request and receive photos and videos related to an aviation accident or incident;";
Paragraph 4 should be supplemented with subparagraph 5) as follows:
"5) receive professional training in the investigation of aviation accidents and incidents and other training related to flight safety and aviation safety.";
Paragraph 5 should be worded as follows:
"5. Accident investigation officers are provided with monetary allowances corresponding to levels comparable to the working conditions and remuneration of civil aviation aviation personnel.";
11) in subparagraph 6-3) of paragraph 2 of Article 105, the words "information and connected technologies" should be replaced by the words "digital and connected technologies".
67. To the Law of the Republic of Kazakhstan dated January 6, 2011 "On Law Enforcement Service":
Throughout the text, the words "information system", "information system", "information and communication technologies" should be replaced by the words "digital system", "digital system", "digital technologies", respectively.
68. To the Law of the Republic of Kazakhstan dated January 28, 2011 "On Mediation":
1) in the second part of paragraph 6 of Article 14, the words "information system" should be replaced by the words "digital system";
2) in subparagraph 5) of paragraph 1 of Article 17, the words "information and communication technologies" should be replaced by the words "digital technologies".
69. To the Law of the Republic of Kazakhstan dated March 1, 2011 "On State Property":
1) in subparagraph 22) of Article 1, the word "information" should be replaced by the word "digital";
2) add paragraph 7 to Article 8 as follows:
"7. In order to improve the management of state property, the authorized body for state property has the right to implement pilot projects in the register of state property in accordance with the procedure and deadlines determined by the authorized body for state property.";
3) in article 14:
in subparagraph 3), the words "enterprises as a property complex" should be replaced by the words "state blocks of shares (participation interests) in organizations";
Add sub-paragraphs 23-1) and 23-2) to read as follows:
"23-1) provides methodological support to authorized bodies of relevant industries for the effective management of state assets and the quasi-public sector using data libraries in accordance with the legislation of the Republic of Kazakhstan on artificial intelligence;
23-2) establishes the procedure and deadlines for the implementation of the pilot project in the register of state property;";
In subparagraph 26-7), replace the words "conducts an open tender" with the words "conducts an open tender through the web portal of the register of State property";
4) in subparagraphs 4) and 25) of Article 17, the words ", as well as enterprises as a property complex" should be deleted;
5) in subparagraphs 4) and 24) of Article 18, the words ", as well as enterprises as a property complex" should be deleted;
6) in the first part of paragraph 2 of Article 75:
the words "property complexes of state-owned enterprises," should be deleted;
the word "money," should be deleted;
7) in article 93:
In the first part of paragraph 3, the words "except for the case provided for in paragraphs 4-1 of this Article" shall be replaced by the words "except for the cases provided for in paragraphs 4 and 4-1 of this Article";
Paragraph 5 should be supplemented with the second part as follows:
"In other cases, the alienation of state property by the seller is carried out using the web portal of the register of State property, unless otherwise provided by this Law.";
8) add paragraph 6 to article 94 as follows:
"6. The alienation of a state-owned enterprise as a property complex is carried out through its reorganization (transformation) into a joint-stock company (limited liability partnership) with subsequent privatization of shares (participation shares in the authorized capital).";
9) delete subparagraph 1) of paragraph 1 of Article 96;
10) delete article 97;
11) in the third part of paragraph 1 of Article 100, the words "electronic form" should be replaced by the words "digital form";
12) paragraphs 2, 3 and 5 of Article 100-1 should be worded as follows:
"2. The valuation of privatisation facilities in the form of state-owned controlling stakes (stakes in the authorized capital) of joint-stock companies (limited liability partnerships), the book value of which is more than 2,500,000 times the monthly calculation index established by the law on the republican budget and effective on January 1 of the relevant financial year, is carried out by independent consultants in accordance with with international assessment standards.
3. The evaluation of privatisation facilities, with the exception of the case provided for in paragraph 2 of this Article, is carried out in accordance with the legislation of the Republic of Kazakhstan on valuation activities.";
"5. The involvement of independent consultants and an appraiser is carried out in accordance with the legislation of the Republic of Kazakhstan on public procurement.";
13) paragraph 9 of Article 101 after the numbers "102," add the words "103 and";
14) in article 103:
Paragraphs 2 and 3 should be worded as follows:
"2. The competition includes the following action plan:
1) engaging an independent consultant in accordance with the procedure established by Article 100-1 of this Law;
2) carrying out work by an independent consultant to conduct a comprehensive analysis of the privatisation facility and assess its value, develop requirements (if necessary) for potential buyers (investors) and conditions of privatisation, and provide information about the privatisation facility to potential buyers (investors).;
3) publication by the seller of a notice on the sale of the privatisation object in Kazakh and Russian on the web portal of the register of state property, as well as distribution by an independent consultant of a sale proposal to potential buyers (investors) who meet the requirements (if any);
4) the formation by an independent consultant of a list of applications containing proposals from potential buyers (investors);
5) the seller, with the participation of an independent consultant, opens applications from potential buyers (investors) in order to identify at least two potential buyers (investors) who have submitted the best offers (the first stage of the competition);
6) bidding by the seller with the participation of an independent consultant between the winners of the first stage to improve the previously proposed prices and (or) conditions (the second stage of the competition);
7) summing up the results of the competition.
3. Following the results of each stage of the competition, the seller, the independent consultant and the participants of the competition sign a protocol on its results.";
add paragraph 3-1 as follows:
"3-1. When conducting a tender through two-stage procedures, the starting price of the privatisation object is equal to the initial price of the privatisation object determined in accordance with paragraph 1 of Article 100-1 of this Law.
It is not allowed to reduce the starting price of a privatisation facility at a tender through two-stage procedures.";
15) in article 107:
in subparagraph 2) of paragraph 2, the words ", as well as on the amount of accounts payable and receivables, contracts concluded by the privatized enterprise, if the object of privatization is an enterprise as a property complex" should be deleted;
Add the words ", as well as for the safety of the privatisation object before the transfer of ownership rights to the buyer" to the second part of paragraph 3 after the word "information".;
16) in paragraph 3 of Article 112, the words "six months from the date of its signing" should be replaced by the words "three years from the date of its signing";
17) in subparagraph 8) of paragraph 2 of Article 134, the words "information databases" should be replaced by the words "digital databases";
18) paragraph 6 of Article 182 after the words "competitive procedure" should be supplemented with the words "in electronic form through the web portal of the register of state property";
19) add paragraph 2-1 to Article 196 as follows:
"2-1. Monitoring of the effectiveness of state property management is carried out through:
1) digital monitoring of the state property register;
2) data from remote sensing of the Earth, including monitoring the use of land plots, subsurface use areas, forest and hunting grounds, water management facilities and water bodies.";
20) in paragraph 1 of article 198:
in subparagraph 5-1), replace the words "objects of informatization" with the words "digital objects";
add subparagraph 5-2) to read as follows:
"5-2) digital assets owned by the state;";
21) in the first part of paragraph 9 of Article 200:
subparagraph 4) should be worded as follows:
"4) provides electronic services to users of the register of state property using digital systems in accordance with the digital legislation of the Republic of Kazakhstan;";
add subparagraph 9-2) to read as follows:
"9-2) ensures accounting of digital assets owned by the state in accordance with the procedure established by the Government of the Republic of Kazakhstan in coordination with the National Bank of the Republic of Kazakhstan;";
22) in paragraph 1 of article 213:
in part one:
Subparagraph 1) should be worded as follows:
"1) food products with a limited shelf life (storage) are sold through trade organizations on the basis of a public procurement contract (commission);";
in subparagraph 3), replace the words "subparagraph 1) of this part" with the words "subparagraphs 1) and 2) of this paragraph";
exclude part two.
70. To the Law of the Republic of Kazakhstan dated January 6, 2012 "On National Security of the Republic of Kazakhstan":
1) in paragraph 1 of article 15:
in subparagraph 8-2):
Replace the word "informatization" with the word "digitalization";
Replace the words "informatization" and "e-government" with the word "digitalization";
in subparagraph 9), replace the words "information security" with the word "cybersecurity";
2) in article 23:
in subparagraph 8) of paragraph 1:
replace the words "information resources" with the words "digital resources";
replace the words "information systems" with the words "digital systems";
In paragraph 2, the words "electronic information resources", "information systems", "information and communication infrastructure", "critical information and communication infrastructure facilities" should be replaced, respectively, with the words "digital data", "digital systems", "digital infrastructure", "critical digital facilities";
in paragraph 5:
in subparagraph 2), replace the word "informatization" with the words "digital environment";
In subparagraph 3), the words "information resources" and "information systems" should be replaced, respectively, with the words "digital resources" and "digital systems".;
In the third part of subparagraph 5) of paragraph 6, the words "2026" should be replaced by the words "2027".
71. To the Law of the Republic of Kazakhstan dated January 6, 2012 "On Space Activities":
1) in subparagraph 17-3) of article 1, replace the words "information resources" with the words "digital resources";
2) in subparagraph 2) of paragraph 2 of Article 19-1, the words "information and communication systems" should be replaced by the words "digital systems".
72. To the Law of the Republic of Kazakhstan dated January 9, 2012 "On Gas and Gas Supply":
Throughout the text, the words "information system" and "information system" should be replaced with the words "digital system" and "digital system", respectively.
73. To the Law of the Republic of Kazakhstan dated February 1, 2012 "On the National Welfare Fund":
Paragraph 1 of Article 8 should be supplemented with the second part as follows:
"The activities of the Board of Directors of the Foundation use an artificial intelligence system related to local artificial intelligence systems in accordance with the legislation of the Republic of Kazakhstan in the field of artificial intelligence.".
74. To the Law of the Republic of Kazakhstan dated November 26, 2012 "On Microfinance Activities":
1) throughout the text, the words "electronic government", "objects of informatization", "information systems", "objects of informatization" should be replaced, respectively, with the words "digital government", "digital objects", "digital systems", "digital objects";
2) in subparagraphs 4-4) and 4-5) of Article 27, the words "in the field of informatization" should be replaced by the words "in the field of digitalization".
75. To the Law of the Republic of Kazakhstan dated January 16, 2013 "On the State Border of the Republic of Kazakhstan":
1) in article 2:
Sub-paragraph 1) should be deleted;
add subparagraph 24-1) to read as follows:
"24-1) digital queue system (hereinafter referred to as the digital queue system) is a software and hardware complex designed to book the time of entry of motor vehicles at automobile checkpoints upon departure from the Republic of Kazakhstan;";
2) in paragraph 8-1 of Article 19:
replace the word "electronic" with the word "digital";
Add the words "warning or" to the second part after the words "prescription about".
76. To the Law of the Republic of Kazakhstan dated April 15, 2013 "On State and socially responsible Services":
1) throughout the text, the words "sphere of informatization", "electronic government", "object of informatization", "information systems", "information systems", "information systems", "objects of informatization", "information system", "object of informatization" should be replaced respectively with the words "sphere of digitalization", "digital government", "digital facility", "digital systems", "digital systems", "digital systems", "digital facilities", "digital system", "digital facility";
2) in article 1:
Sub-paragraphs 1-1) and 1-5) should be deleted;
subparagraph 3) should be worded as follows:
"3) service recipient – individuals and legal entities, branches and representative offices of legal entities who have the right and (or) intention to apply for a state or socially responsible service or who receive a state or socially responsible service or who have received the result of providing a state or socially responsible service to realize their rights, freedoms and legitimate interests by providing them with relevant tangible or intangible benefits;";
Subclauses 4-1) and 4-2) should be worded as follows:
"4-1) service provider – individuals and legal entities involved in one or more stages of the provision of public or socially responsible services and providing the service provider with documents and information necessary for the provision of public services;
4-2) socially significant service is a public service provided on a continuous basis and aimed at satisfying the legitimate interests of society;";
add subparagraph 4-3) to read as follows:
"4-3) a mobile application of a State Corporation is a digital object for the provision of public services via video communication with a State Corporation;";
in subparagraph 10):
replace the words "information system" with the words "digital system";
Replace the word "automation" with the word "digitalization";
in subparagraph 15), replace the word "automation" with the word "digitalization";
Sub-paragraph 17-1) should be deleted;
Subparagraph 17-4) should be worded as follows:
"17-4) technical failure – an unplanned temporary failure of a software and hardware complex or a separate component of a digital system, resulting in the inability of one or more users to use the digital system;";
Add sub-paragraphs 17-5) and 17-6) to read as follows:
"17-5) cellular subscriber device is a means of communication for individual use that generates electrical communication signals for transmitting or receiving information specified by the subscriber and is connected to the network of a cellular operator that does not have a permanent geographically defined location within the serviced territory, operating in cellular networks;
17-6) authorized body in the field of digitalization – the central executive body responsible for the management and inter-sectoral coordination in the field of digitalization;";
Subparagraph 19) should be worded as follows:
"19) the digital government web portal is a digital object that provides a single window of access to consolidated information posted by government agencies and other entities involved in the provision of public services, including the regulatory framework, as well as to government and other services provided in electronic form.";
3) the fifth paragraph of the second part of Article 3 should be worded as follows:
"customer orientation, quality and accessibility of government and socially responsible services;";
4) in article 4:
in paragraph 1:
Sub-paragraphs 4-1) and 5) should be deleted;
add subparagraph 8) as follows:
"8) receive government or socially responsible services personally or through a legal representative, with the exception of restrictions established by the laws of the Republic of Kazakhstan.";
Paragraph 2 after the words "foreign legal entities" should be supplemented with the words "and their branches and representative offices";
5) in the first part of paragraph 2 of Article 5:
in subparagraph 2), replace the words "for persons with disabilities" with the words "for persons with disabilities";
add subparagraph 10-1) as follows:
"10-1) accept applications for the provision of public services using a digital waiting list;";
in subparagraph 11):
replace the words "information system" with the words "digital system";
replace the word "established" with the word "defined";
add sub-paragraphs 15) and 16) as follows:
"15) to prevent the manifestation of bureaucracy and red tape;
16) take measures to ensure the stability of digital facilities used to provide government or socially responsible services.";
6) add article 5-1 to Chapter 1 as follows:
"Article 5-1. Rights and obligations of co-service providers
1. Service providers have the right to receive from service providers documents and information necessary for the provision of government or socially responsible services.
2. Co-service providers are required to:
1) comply with the requirements of subordinate regulatory legal acts defining the procedure for the provision of public or socially responsible services;
2) provide a negative response to the request for approval, which is required for the provision of public or socially responsible services, as well as a negative expert opinion, research or verification if deficiencies are not eliminated within the prescribed period.;
3) timely provide service providers and the State Corporation with documents and information necessary for the provision of public or socially responsible services, including through the integration of digital systems, in accordance with the legislation of the Republic of Kazakhstan.";
7) in article 9:
add subparagraph 11-1) as follows:
"11-1) coordinates the transfer of public services to digital and proactive formats;";
in subparagraph 12-4), replace the word "automation" with the word "digitalization";
Add sub-paragraphs 13-2), 13-3) and 13-4) as follows:
"13-2) approves the rules for classifying public services in electronic form to determine the method of service recipient authentication;
13-3) approves the mandatory details of the results of the provision of government and other services in electronic form obtained through a cellular subscriber device, as well as the procedure for verifying their reliability;
13-4) approves the rules for the display and use of electronic documents in the digital documents service;";
8) in article 10:
add subparagraph 9-2) to read as follows:
"9-2) ensure the translation of public services into digital and proactive formats in accordance with the legislation of the Republic of Kazakhstan in coordination with the authorized body in the field of digitalization;";
Subparagraph 11) should be worded as follows:
"11) ensure the provision of information to the authorized body in the field of digitalization on the measures taken to digitalize the process of providing public services in order to assess the process of digitalization of public services and develop recommendations for the transfer of public services to digital format in accordance with the procedure and deadlines established by the legislation of the Republic of Kazakhstan;";
subparagraph 15) after the word "service providers" add the word ", service providers";
add subparagraph 15-1) as follows:
"15-1) take measures to transfer to proactive, composite and extraterritorial types of public service provision in accordance with the rules of digital transformation of public administration;";
9) in subparagraph 9) of Article 11, replace the word "automation" with the word "digitalization";
10) in subparagraph 2) of paragraph 1 of Article 11-2, the words "information security" should be replaced by the word "cybersecurity";
11) add article 11-3 to Chapter 2 as follows:
"Article 11-3. Unified Contact Center
Unified Contact Center:
1) provides round-the-clock consulting support to individuals and legal entities on the provision of government and other services;
2) provides round-the-clock consulting support to individuals and legal entities, government agencies on issues of "digital government";
3) sends requests to government agencies and other organizations for clarification on issues raised by the recipient of government and other services, including the digital document service;
4) systematically sends information to government agencies and other organizations on received appeals from individuals and legal entities, as well as their branches and representative offices.";
12) add paragraph 1-1 to Article 12 as follows:
"1-1. Public services, with the exception of socially significant services, are characterized by the following features::
1) is one of the forms of implementation of individual state functions or their combination;
2) it is provided individually to an individual or a legal entity, branches and representative offices of legal entities upon request or without request;
3) is carried out through the interaction of the service recipient with the service provider and (or) the co-provider;
4) assumes the realization of the right of the service recipient to apply (demand) for the provision of public services;
5) it is aimed at providing a result.
Subitems 2), 3), 4) and 5) of the first part of this paragraph apply to socially responsible services.";
13) in article 13:
Paragraph 1 should be supplemented with the second part as follows:
"Draft subordinate regulatory legal acts defining the procedure for the provision of public services are being developed in accordance with the rules of digital transformation of public administration.";
Delete paragraph 2;
Add paragraphs 4 and 5 to read as follows:
"4. A subordinate regulatory legal act defining the procedure for the provision of public services is developed and approved no later than three months from the date of approval of the register of public services or amendments and additions to it.
5. The approval of subordinate regulatory legal acts defining the procedure for the provision of socially significant services is not required.";
14) delete article 15;
15) add articles 18-1 and 18-2 as follows:
"Article 18-1. Deadlines for the provision of government or socially responsible services
1. The time limit is determined by a calendar date indicating an event that is about to occur, or a period of time that is calculated in years, months, days, hours, or minutes provided for by legislation in the field of public or socially responsible services.
Government or socially responsible services are provided within the time limits established by subordinate regulatory legal acts defining the procedure for the provision of government or socially responsible services.
The expiration of the term does not exempt service providers from providing government or socially responsible services.
2. The term calculated in years expires on the corresponding month and date of the last year of the term.
The term, calculated in months, expires in the corresponding last month of the term. If the end of the period calculated in months falls on a month that does not have a corresponding date, the period expires on the last day of that month.
The period, calculated in days, expires on the last day of the established period. If an application for the provision of a state or socially responsible service is received two hours before the end of the service provider's working day, the deadline begins on the next working day.
In cases where the last day of the term falls on a non-working day, the day of the end of the term, calculated in years, months and days, is considered to be the next working day.
The period of rendering state or socially responsible services, calculated in days, is calculated in working days.
The time limit, calculated in hours or minutes, expires in the last hour or minute of the established period.
Article 18-2. Suspension of public or socially responsible services
1. The grounds for suspending the provision of public or socially responsible services are established by a subordinate regulatory legal act defining the procedure for the provision of public services.
The suspension of the period for the provision of public or socially responsible services begins on the date of notification to the recipient of the service about the decision of the service provider to suspend the process of providing public services. The duration of the provision of public or socially responsible services is resumed from the date of the decision by the service provider to resume the process of providing public or socially responsible services.
2. The service provider is obliged to suspend the process of providing public or socially responsible services in the following cases::
1) the death of a citizen (including the declaration of deceased) or the reorganization or liquidation of a legal entity, if the rights of service recipients to receive appropriate tangible or intangible benefits are allowed by succession;
2) recognition of a citizen as legally incompetent and (or) with limited legal capacity in accordance with the procedure established by the laws of the Republic of Kazakhstan;
3) the impossibility of providing public or socially responsible services before resolving issues considered by state bodies or in court.
3. The process of rendering public or socially responsible services is suspended.:
1) in the cases provided for in subitems 1) and 2) of paragraph 2 of this Article – until the legal successor of the deceased person is determined or a guardian is appointed to the incapacitated person.;
2) in the cases provided for in subparagraph 3) paragraph 2 of this article, – before the position is determined by a state body or before the entry into force of a judicial act.
4. The service provider, at the request of the service recipient or on his own initiative, has the right to suspend the process of providing state or socially responsible services in the following cases::
1) acts of force majeure temporarily preventing the further process of rendering the service. Force majeure, which temporarily impedes the further process of providing public services, is understood to mean the introduction of a state of emergency, the threat or occurrence of an emergency situation of a natural and man-made nature.;
2) the service recipient is on a business trip, in a medical organization for inpatient treatment, exceeding the period of provision of public services, except in cases where the service is received by his legal representatives.";
16) in article 19-1:
Paragraph 1 should be supplemented with the second part as follows:
"The response contains a complete list of grounds with justifications for which the service provider decided to provide a reasoned refusal to provide a state or socially responsible service, as well as the time and procedure for appealing.";
Paragraph 5 should be worded as follows:
"5. The grounds for refusal to provide state or socially responsible services may also be established by the sectoral laws of the Republic of Kazakhstan, depending on the specifics of the state or socially responsible service received.";
17) in article 21:
In paragraph 2-2, the words "legislation of the Republic of Kazakhstan on informatization" should be replaced by the words "digital legislation of the Republic of Kazakhstan";
In paragraph 5, replace the words "electronic information resources" with the words "digital resources";
add paragraph 6 as follows:
"6. Public services can be provided using a digital waiting list, including through the functionality of the digital government portal and digital facilities that allow applications to be submitted during technical failures of digital systems, with subsequent notification to the service recipient.";
18) Article 21-1 should be worded as follows:
"Article 21-1. Provision of proactive services
Proactive services are provided without a statement from the service recipient on the initiative of the service provider through digital systems of government agencies when registering the telephone number of the service recipient's cellular subscriber device on the digital government web portal and include:
1) sending notifications to the service recipient with a request for the provision of public services;
2) obtaining the consent of the service recipient to provide a proactive service, as well as other necessary information from the service recipient, including limited access, through the service recipient's cellular subscriber device.
In cases stipulated by the legislation of the Republic of Kazakhstan, it is not required to send a notification to the service recipient requesting the provision of a proactive service, while it is mandatory to inform the service recipients about its provision by sending a text message to a cellular subscriber number registered on the digital Government web portal or to the user's account on the digital government web portal.";
19) add article 21-3 as follows:
"Article 21-3. Types of public services
1. According to the degree of digitalization, public services provided in electronic form are:
1) fully digitized – a public service that excludes paper document management and the participation of the service provider and (or) the co-provider of public services in the process of its provision;
2) partially digitized – a public service that contains, in the process of its provision, a sequence of paper and electronic document management involving the service provider and (or) a co-provider of public services.
2. The types of public service provision are:
1) composite;
2) proactive;
3) extraterritorial.
A composite service is a public service that provides a combination of several public services provided on the basis of a single application.
A proactive service is a public service provided without a request from the service recipient on the initiative of the service provider.
An extraterritorial service is a public service that provides for the possibility of receiving services regardless of the place of registration of the service recipient.";
20) in article 22:
The second part should be worded as follows:
"The implementation of pilot projects in the field of public services is carried out by the developer of a subordinate regulatory legal act defining the procedure for the provision of public services for up to one year, in coordination with the authorized body in the field of public services and interested government agencies.";
add the following part of the third:
"The implementation of pilot projects in the field of socially responsible services is carried out by the developer of a subordinate regulatory legal act defining the procedure for providing socially responsible services for up to one year, in coordination with interested government agencies.";
21) Article 30:
after the word "Violation", add the words "service providers and co-service providers";
replace the word "attracts" with the words "attracts them."
77. To the Law of the Republic of Kazakhstan dated May 21, 2013 "On Personal Data and their Protection":
1) throughout the text, the words "objects of informatization", "objects of informatization", "objects of informatization", "electronic government", "electronic information resources", "electronic information resources", "objects of informatization" should be replaced respectively with the words "digital objects", "digital objects", "digital objects", "digital government", "digital resources", "digital resources", "digital objects";
2) in article 1:
Sub-paragraph 1) should be deleted;
Subparagraph 2) should be worded as follows:
"2) personal data – information or a set of information about the subject of personal data supplemented by one or more personal data identifiers;";
3) in paragraph 7 of Article 7, the words "legislation of the Republic of Kazakhstan on informatization" should be replaced by the words "digital legislation of the Republic of Kazakhstan";
4) add subparagraph 9-5) to Article 9 as follows:
"9-5) the formation and maintenance of the register of state property by a single operator in the field of accounting for state property;";
5) in paragraph 2 of Article 17, the words "operator of the information and communication infrastructure of the "electronic government" should be replaced by the words "operator of the "digital government";
6) in Article 23, the words "legislation of the Republic of Kazakhstan on informatization" should be replaced by the words "digital legislation of the Republic of Kazakhstan";
7) in subparagraph 6-2) of paragraph 1 of Article 27-1, the words "information and communication infrastructure" should be replaced by the words "digital infrastructure";
8) in article 27-3:
in subparagraph 2) of paragraph 4, the words "information systems" should be replaced by the words "digital systems";
In subparagraph 2) of paragraph 6, the words "information systems" should be replaced by the words "digital systems".
78. To the Law of the Republic of Kazakhstan dated March 7, 2014 "On Rehabilitation and Bankruptcy":
1) in the first part of paragraph 3 of Article 12, the words "information system" should be replaced by the words "digital system";
2) Subparagraph 18) of Article 15 shall be worded as follows:
"18) provides electronic services using digital systems in accordance with the legislation of the Republic of Kazakhstan in the field of digitalization;";
3) in subparagraph 5) of paragraph 1 of Article 71, the words "information system" should be replaced by the words "digital system".
79. To the Law of the Republic of Kazakhstan dated April 11, 2014 "On Civil Protection":
1) in article 37-1:
in subparagraph 2) of the first part of paragraph 17, the words "information systems" should be replaced by the words "digital systems";
in subparagraph 2) of paragraph 19, the words "information systems" should be replaced by the words "digital systems";
2) in paragraph 2 of Article 53-1, the words "information system" should be replaced by the words "digital system".
80. To the Law of the Republic of Kazakhstan dated April 17, 2014 "On Road Traffic":
1) throughout the text, the words "information system", "information system", "information systems", "information system", "information system" should be replaced by the words "digital system", "digital system", "digital system", "digital system", "digital system", respectively;
2) in article 1:
in subparagraph 26-1):
replace the words "certified special control and measuring equipment, devices and equipment operating in automatic mode, detecting violations" with the words "technical means detecting or detecting violations";
add the words "operating in automatic mode";
In subparagraph 27-2), the words "information resources" and "information technology" should be replaced, respectively, with the words "digital resources" and "digital technology".;
in subparagraph 40), replace the words "electronic database" with the words "digital database";
3) the second part of subparagraph 24-2) of Article 10 should be worded as follows:
"The integration of digital systems in the field of traffic includes measures to organize and ensure interaction between digital systems of digitalization facilities in a single digital space;";
4) in subparagraph 5-5) of Article 11:
the word "informational" should be deleted;
replace the words "information system" with the words "digital system";
5) in subparagraph 9) of paragraph 1 of Article 23, the words "instruction on the need to pay a fine" should be replaced by the words "instruction on warning or the need to pay a fine";
6) in article 42-1:
The title should be worded as follows:
"Article 42-1. Parking in places designated by the local executive authorities of the cities of Astana and Almaty as paid communal parking";
in paragraph 1:
Replace the words "equipped with special certified devices designed to collect parking fees and keep track of vehicle parking times" with the words "placement of paid communal parking";
replace the words "regions, cities of republican significance and the capital" with the words "cities of Astana, Almaty";
in paragraph 2:
replace the words "parking in places equipped with special certified devices designed to collect parking fees and take into account the parking time of vehicles" with the words "traffic management in a part not regulated by traffic rules";
replace the words "executive bodies of regions, cities of republican significance and the capital" with the words "representative bodies of Astana and Almaty";
Delete paragraph 3;
The first part of paragraph 4 should be worded as follows:
"4. Parking in paid communal parking lots without payment is prohibited, except for the cases provided for in parts two and three of this paragraph and the rules of traffic management in the part not regulated by the rules of the road.";
Paragraph 5 should be worded as follows:
"5. Control over compliance with the rules of traffic management in the part not regulated by the rules of the road is carried out by the local executive bodies of the cities of Astana and Almaty.";
7) in article 52:
in subparagraph 1) of paragraph 1, replace the words "detected by a certified special technical means and device" with the words "detected or recorded in automatic mode";
in subparagraph 4) of paragraph 3, the words "detected by certified special technical means and devices" should be replaced by the words "detected or detected in automatic mode";
8) in the second part of subparagraph 16) of paragraph 4 of Article 54, the words "fixing or calculating the average speed of a vehicle by certified specialists" should be replaced by the words "detecting or fixing or calculating the average speed of a vehicle by certified;
9) in subparagraph 5) of Article 71-1, the words "information systems" should be replaced by the words "digital systems";
10) in paragraph 2 of article 89, the words "in the field of informatization" should be replaced by the words "in the field of digitalization".
81. To the Law of the Republic of Kazakhstan dated April 23, 2014 "On Internal Affairs Bodies of the Republic of Kazakhstan":
in article 6:
in paragraph 1:
In subparagraph 45), replace the words "information security" with the word "cybersecurity";
in subparagraph 48), replace the words "information systems" with the words "digital systems";
In subparagraph 31) of paragraph 2, the words "information systems, information and communication" should be replaced by the words "digital systems, digital".
82. To the Law of the Republic of Kazakhstan dated May 16, 2014 "On Permits and Notifications":
1) throughout the text, the words "electronic register of permits and notifications", "information system", "electronic register of permits and notifications", "electronic government", "in the field of informatization", "information system", "information systems", "information systems", "information security", "information replace the words "digital register of permits and notifications", "digital systems", "digital register of permits and notifications", "digital government", "in the field of digitalization", respectively, "digital system", "digital systems", "digital systems", "cybersecurity", "digital systems", "digital registry of permissions and notifications";
2) in article 1:
subitem 1-1) should be deleted;
subparagraph 25) should be worded as follows:
"25) the state digital system of permits and notifications is a digital system that is a component of the "digital government", designed to digitally perform licensing and licensing procedures in terms of obtaining a permit with an identification number, sending a notification to the applicant and ensuring these processes;";
add subparagraph 29-1) as follows:
"29-1) authorized body in the field of digitalization – the central executive body responsible for the management and inter-sectoral coordination in the field of digitalization;";
3) in paragraph 3 of Article 7, the words "objects of informatization" should be replaced by the words "digital objects";
4) in subparagraph 7) of paragraph 1 of Article 28, the word "informatization" should be replaced by the word "digitalization";
5) in paragraph 3 of article 29:
Sub-paragraphs 3) and 4) should be deleted;
subparagraph 6) should be worded as follows:
"6) a document confirming the payment of the license fee, with the exception of payment through the digital government payment gateway;";
6) paragraph 1 of Article 33 should be supplemented with parts three and four as follows:
"The submission of applications for license renewal in the cases provided for in subitems 1) and 2) of Part one of this paragraph is not required for renewal through a proactive service in accordance with the Law of the Republic of Kazakhstan "On State and Socially Responsible Services."
The day of applying for a license renewal through a proactive service is considered to be the day of receiving consent to provide this service.";
7) paragraph 8 of Article 36 after the words "appendices to the license" should be supplemented with the words ", as well as suspension of the license";
8) in article 46:
in paragraph 2, replace the words "objects of informatization" with the words "digital objects";
in the first part of paragraph 5, replace the words "electronic information resources" with the words "digital resources";
9) in the title of Chapter 9, replace the words "Information and communication technologies" with the words "Digital technologies";
10) the third part of paragraph 7 of Article 48 shall be worded as follows:
"The list of permits for which the applicant is checked for compliance with qualification or licensing requirements and the issuance of a permit or reasoned refusal is carried out automatically by checking the applicant and issuing a permit in the state digital system of permits and notifications is determined by the authorized body in the field of digitalization on the basis of an approved regulatory legal act of the licensing authority.";
11) Annex 3 should be supplemented with paragraph 66 as follows:
"66. Notification of the beginning or termination of the platform for the exchange and turnover of digital data products."
83. To the Law of the Republic of Kazakhstan dated June 10, 2014 "On the Astana Hub Innovation Cluster":
Throughout the text, the words "information and communication technologies", "in the field of informatization", "information and communication and innovative technologies" should be replaced, respectively, with the words "digital technologies", "in the field of digitalization", "digital and innovative technologies".
84. To the Law of the Republic of Kazakhstan dated January 10, 2015 "On the National Guard of the Republic of Kazakhstan":
In subparagraph 27) of paragraph 1 of Article 5, the words "information security" should be replaced by the word "cybersecurity".
85. To the Law of the Republic of Kazakhstan dated October 31, 2015 "On Public-Private Partnership":
1) in subparagraph 6-1) of Article 1, the words "information and communication platform" and "electronic information resources" should be replaced by the words "digital platform" and "digital resources", respectively;
2) in article 26-1:
In subparagraph 3), the words "information security" and "electronic information resources" should be replaced, respectively, with the words "cybersecurity" and "digital resources".;
in subparagraph 4):
replace the words "information systems" with the words "digital systems";
replace the words "electronic information resources" with the words "digital resources";
Replace the words "information security" with the word "cybersecurity".
86. To the Law of the Republic of Kazakhstan dated November 2, 2015 "On Public Councils":
In the second part of paragraph 2 of Article 10, the words "information systems" should be replaced by the words "digital systems".
87. To the Law of the Republic of Kazakhstan dated November 12, 2015 "On Self-regulation":
In subparagraph 10) of the first part of paragraph 1 of Article 19, the words "information system" should be replaced by the words "digital system".
88. To the Law of the Republic of Kazakhstan dated November 12, 2015 "On State Audit and Financial Control":
Throughout the text, the words "information technologies", "information", "information systems", "information systems", "electronic government", "information systems", "information systems" should be replaced respectively with the words "digital technologies", "digital", "digital systems", "digital systems", "digital government", "digital systems", "digital systems".
89. To the Law of the Republic of Kazakhstan dated November 16, 2015 "On Access to Information":
1) throughout the text, replace the words "information systems", "information systems", "electronic information resources", "electronic government" with the words "digital systems", "digital systems", "digital resources", "digital government", respectively;
2) in article 1:
In sub-paragraphs 4), 6), 6-1) and 7), replace the words "informatization facility" with the words "open government component";
Subparagraph 7-1) should be worded as follows:
"7-1) open government is a digital object that provides access to information about government activities and citizens' participation in discussion and decision-making through interconnected Internet portals of open data, open budgets, and open regulatory legal acts;";
add subparagraph 7-2) to read as follows:
"7-2) socially significant information – information of public interest, established by Article 6 of this Law;";
In sub-paragraphs 8-1) and 11), the words "informatization object" should be replaced by the words "open government component";
3) in paragraph 2 of article 6-2:
in the first paragraph, replace the words "in the field of informatization" with the words "in the field of digitalization";
in subparagraph 1), replace the words "objects of informatization" with the words "digital objects";
in subparagraph 2):
replace the words "informatization objects" with the words "digital objects";
replace the words "in the field of informatization" with the words "in the field of digitalization";
4) in paragraph 9 of Article 11, the words "legislation of the Republic of Kazakhstan on electronic document and electronic digital signature" should be replaced by the words "digital legislation of the Republic of Kazakhstan".
90. To the Law of the Republic of Kazakhstan dated November 16, 2015 "On Compulsory social Health Insurance":
1) throughout the text, the words "information system", "information systems", "information systems", "information systems", "information systems", "information systems", "information system", "electronic information resources", "electronic information resources", "electronic information resources" should be replaced accordingly the words "digital system", "digital systems", "digital systems", "digital systems", "digital systems", "digital systems", "digital system", "digital resources", "digital resources", "digital resources";
2) in the first and second parts of paragraph 3 of Article 17, the words "legislation of the Republic of Kazakhstan on informatization and on state secrets" should be replaced by the words "digital legislation of the Republic of Kazakhstan and legislation of the Republic of Kazakhstan on state secrets".
91. To the Law of the Republic of Kazakhstan dated November 18, 2015 "On Combating Corruption":
1) subparagraph 4) of Article 1, after the words "and its departments; employees", add the words "authorized organization for the investigation of aviation accidents and";
2) in subparagraph 9) of paragraph 2 of Article 21, the words "information systems" should be replaced by the words "digital systems".
92. To the Law of the Republic of Kazakhstan dated November 23, 2015 "On the Civil Service of the Republic of Kazakhstan":
1) throughout the text, the words "information system", "information system", "information systems", "information systems" should be replaced by the words "digital system", "digital system", "digital systems", "digital systems", respectively;
2) in subparagraph 16) of the first part of Article 10, the words "information security in the process of working with information resources" should be replaced by the words "cybersecurity in the process of working with digital resources".
93. To the Law of the Republic of Kazakhstan dated November 24, 2015 "On Informatization":
1) the title should be worded as follows:
"About cybersecurity";
2) delete the preamble;
3) delete the heading of section 1;
4) Article 1 should be worded as follows:
"Article 1. The basic concepts used in this Law
The following basic concepts are used in this Law:
1) information protection means – software, technical and other means designed and used to ensure the protection of information;
2) a user with privileged rights is a user with enhanced access rights to a digital object that ensures its normal operating conditions.;
3) Critical digital objects – digital objects, the violation or termination of which leads to the illegal collection and processing of personal data with limited access and other information containing legally protected secrets, the occurrence of social and (or) man-made emergencies, or significant negative consequences for defense, security, international relations, the economy, certain areas of the economy or for the livelihoods of the population, resident in the relevant territory, including infrastructure: heat supply, electricity, gas supply, water supply, industry, healthcare, communications, banking, transport, hydraulic structures, law enforcement, "digital government";
4) National Source Code Repository – a repository of source codes and executable codes of digital objects compiled from them;
5) domain name is a symbolic (alphanumeric) designation formed in accordance with the rules of Internet addressing, corresponding to a specific network address and intended for named access to an Internet object.;
6) malicious program – a created or existing program or software product with changes that allows unauthorized access, destruction, blocking, modification or copying of digital data, as well as disrupting the functioning of digital objects.;
7) a single Internet access gateway is a hardware and software package designed to protect a digital object when accessing the Internet and (or) communication networks with Internet access;
8) cybersecurity – the state of protection of digital objects from violation of their confidentiality, integrity or accessibility;
9) cybersecurity audit – assessment of the security status of digital objects for compliance with cybersecurity requirements;
10) A cybersecurity researcher is a specialist in the field of cybersecurity who participates in a program of interaction with cybersecurity researchers.;
11) cybersecurity threat – a set of conditions and factors that create prerequisites for a cybersecurity incident;
12) cybersecurity event management system – software or hardware and software package designed for automated detection of cybersecurity events by collecting and analyzing event logs of a digital object;
13) cybersecurity event monitoring – continuous monitoring of a digital object in order to identify and identify cybersecurity events through a cybersecurity event management system;
14) cybersecurity event – an identified occurrence of a digital object state, indicating a possible cybersecurity violation or a previously unknown situation that may be relevant to ensuring cybersecurity;
15) program of interaction with cybersecurity researchers – organizational and technical measures that ensure the interaction of cybersecurity researchers with digital objects to identify vulnerabilities in them;
16) cybersecurity monitoring system – organizational and technical measures aimed at monitoring the safe use of digital technologies;
17) cybersecurity center – a legal entity or a structural subdivision of a legal entity that is a resident of the Republic of Kazakhstan without the participation of foreign legal entities and individuals engaged in the protection of digital objects;
18) the authorized body in the field of cybersecurity (hereinafter referred to as the authorized body) is the central executive body responsible for leadership and intersectoral coordination in the field of cybersecurity;
19) the National Institute for Development in the field of cybersecurity is a legal entity designated by the Government of the Republic of Kazakhstan for the development of the cybersecurity industry;
20) cybersecurity incident response service – a legal entity or a structural subdivision of a legal entity that is a resident of the Republic of Kazakhstan without the participation of foreign legal entities and individuals, responding to a cybersecurity incident in accordance with the competence established by this Law;
21) a cybersecurity incident is an event or a set of events that negatively affect the cybersecurity of a digital object.;
22) responding to a cybersecurity incident – actions taken to minimize or eliminate a cybersecurity incident, including actions taken to protect and restore the normal functioning of digital objects and the digital data contained therein, a process that includes identifying, analyzing and taking measures to counter events or violations that may pose a threat to the cybersecurity of digital assets. objects;
23) the cybersecurity industry center is a legal entity or a structural subdivision of a government body that organizes and coordinates cybersecurity measures in relation to subordinate organizations and (or) a regulated management area.;
24) internal cybersecurity audit is an objective, documented process of monitoring the qualitative and quantitative characteristics of the current state of cybersecurity of digital objects in an organization, carried out by the organization itself in its own interests;
25) cyberculture is a set of norms and values of safe and responsible behavior in a digital environment;
26) protection profile – a list of minimum security requirements for software and hardware components of digital objects;
27) state technical service is a state–owned legal entity established by decision of the Government of the Republic of Kazakhstan;
28) vulnerability – a flaw in a digital object that poses a threat to cybersecurity;
29) technical means – devices used for collecting, processing, storing, switching and transmitting digital data;
30) automated process control system is a digital infrastructure facility designed for automation, management, control and monitoring of production processes in real time;
31) the classifier of digital objects (hereinafter referred to as the classifier) is a systematic list of categories aimed at identifying, categorizing, describing and accounting for digital objects.;
32) digital event logging is the process of systematically recording, collecting and storing digital records of events occurring in digital objects for the purpose of subsequent analysis, identification of deviations and investigation of cybersecurity incidents.;
33) The unified digital government e–mail gateway is a hardware and software package that ensures the protection of digital government e-mail in accordance with cybersecurity requirements.";
5) Articles 2, 3, 4 and 5 should be worded as follows:
"Article 2. Legislation of the Republic of Kazakhstan on cybersecurity
1. The legislation of the Republic of Kazakhstan on cybersecurity is based on the Constitution of the Republic of Kazakhstan, consists of this Law and other regulatory legal acts of the Republic of Kazakhstan.
2. International treaties ratified by the Republic of Kazakhstan have priority over this Law. The procedure and conditions of operation in the territory of the Republic of Kazakhstan of international treaties to which the Republic of Kazakhstan is a party are determined by the legislation of the Republic of Kazakhstan.
Article 3. Scope of this Law
The scope of this Law is public relations in the field of cybersecurity that arise in the territory of the Republic of Kazakhstan between government agencies, individuals and legal entities at all stages of the life cycle of digital objects.
Article 4. Purpose and principles of state regulation of public relations in the field of cybersecurity
1. The purpose of state regulation of public relations in the field of cybersecurity is to achieve and maintain the security of digital objects that ensure the sustainable development of the Republic of Kazakhstan.
2. Government regulation in the field of cybersecurity is based on the following basic principles:
1) legality;
2) ensuring the security of individuals, society and the state in the application of digital technologies;
3) the balance of the rights, freedoms and legitimate interests of the individual, society and the state, and their mutual responsibility in the digital environment;
4) respect for the rights, freedoms and legitimate interests of individuals, as well as the rights and legitimate interests of legal entities;
5) equality of rights, freedoms and legitimate interests of individuals and legal entities to participate in activities in the field of cybersecurity and the use of its results.
Article 5. Objectives of state regulation in the field of cybersecurity
The objectives of state regulation in the field of cybersecurity are:
1) protection of digital objects and critical digital objects at all stages of their life cycle;
2) promoting the formation and development of the cybersecurity industry;
3) providing conditions for the development and implementation of modern cybersecurity solutions in production processes;
4) the rise of cyberculture;
5) formation and implementation of a unified scientific, technical, and state technological policy in the field of cybersecurity;
6) monitoring the cybersecurity of digital objects of government agencies, individuals and legal entities;
7) prevention and prompt response to cybersecurity incidents, including in the context of social, natural and man-made emergencies, the imposition of a state of emergency or martial law;
8) development of cybersecurity solutions and human resources;
9) participation in international cooperation;
10) improvement of the legislation of the Republic of Kazakhstan on cybersecurity.";
6) the title of chapter 2 should read as follows:
"Chapter 2. State regulation in the field of cybersecurity";
7) Article 6 should be worded as follows:
"Article 6. Competence of the Government of the Republic of Kazakhstan in the field of cybersecurity
Government of the Republic of Kazakhstan:
1) develops the main directions of state policy in the field of cybersecurity and organizes their implementation;
2) defines the national Institute for development in the field of cybersecurity;
3) approves uniform requirements in the areas of digitalization and cybersecurity;
4) Approves the national anti-crisis cybersecurity incident response plan;
5) performs other functions assigned to him by the Constitution of the Republic of Kazakhstan, this Law, other laws of the Republic of Kazakhstan and acts of the President of the Republic of Kazakhstan.";
8) delete article 7;
9) Articles 7-1, 7-2, 7-3, 7-4 and 7-5 should be worded as follows:
"Article 7-1. Competence of the authorized body
Authorized body:
1) on the basis of and in pursuance of the main directions of the internal and foreign policy of the state, defined by the President of the Republic of Kazakhstan, and the main directions of the socio-economic policy of the state, its defense capability, security, and public order, developed by the Government of the Republic of Kazakhstan, forms a state policy in the field of cybersecurity in accordance with the legislation of the Republic of Kazakhstan;
2) performs strategic, regulatory, implementation and control functions;
3) develops common requirements in the areas of digitalization and cybersecurity;
4) approves the list of critically important digital objects, as well as the rules and criteria for classifying digital objects as critically important;
5) approves the methodology and rules for testing digital objects of the "digital government" and critical digital objects for compliance with cybersecurity requirements;
6) approves the rules for monitoring cybersecurity events of digital objects of state bodies in coordination with the National Security Committee of the Republic of Kazakhstan;
7) approves the rules for monitoring the cybersecurity of digital facilities of the digital government and critical digital facilities in coordination with the National Security Committee of the Republic of Kazakhstan;
8) approves the rules for monitoring the implementation of uniform requirements in the areas of digitalization and cybersecurity;
9) monitors the implementation of uniform requirements in the areas of digitalization and cybersecurity;
10) carries out state control in the field of digitalization, as well as over compliance with the requirements for an electronic document and an electronic digital signature;
11) sends instructions for execution when violations of the requirements of the legislation of the Republic of Kazakhstan in the fields of digitalization and cybersecurity are detected.;
12) coordinates the management of digital facilities in emergency situations of a social, natural and man-made nature, the introduction of a state of emergency or martial law;
13) participates in the commissioning of digital facilities of the digital government;
14) organizes assistance to owners, owners and users of digital objects in the safe use of digital technologies, including the prevention of illegal actions to obtain, copy, distribute, modify, destroy or block digital resources;
15) develops a national anti-crisis cybersecurity incident response plan;
16) determines the administrator and registrar of domain names, approves the rules for registration, use and distribution of domain names in the space of the Kazakhstan segment of the Internet;
17) approves the rules of operation of the unified national backup platform for storing digital resources, the frequency of backup of digital resources of critical digital objects;
18) approves the rules of operation of the unified Internet access gateway and the unified digital government e-mail gateway in coordination with the National Security Committee of the Republic of Kazakhstan;
19) approves the rules of operation of the National Source Code Repository;
20) approves protection profiles and the methodology for developing protection profiles;
21) approves rules for the exchange of information necessary to ensure cybersecurity between cybersecurity centers, industry cybersecurity centers and the National Cybersecurity Coordination Center;
22) issues conclusions in the field of cybersecurity on investment proposals and financial and economic justifications for budget investments based on the expertise of the state technical service;
23) approves technical documentation, including terms of reference, for the creation or development of digital facilities of the "digital government" for compliance with cybersecurity requirements based on the expertise of the state technical service, with the exception of digital facilities of special state bodies of the Republic of Kazakhstan;
24) approves the rules for the functioning of the program of interaction with cybersecurity researchers;
25) coordinates the activities of the National Institute for Development in the field of cybersecurity;
26) in case of non-fulfillment of the instruction or act on the elimination of violations in terms of compliance with requirements in the fields of digitalization and cybersecurity within the prescribed period, submits a lawsuit to the court to compel the subject to commit the actions specified in the instruction or act.;
27) processes personal data whose security has been violated in order to inform the subjects of personal data on the digital government web portal through a personal account;
28) exercise other powers provided for by this Law, other laws of the Republic of Kazakhstan, acts of the President of the Republic of Kazakhstan and the Government of the Republic of Kazakhstan.
Article 7-2. The competence of central executive bodies and government bodies directly subordinate and accountable to the President of the Republic of Kazakhstan in the field of cybersecurity
Central executive bodies and state bodies directly subordinate and accountable to the President of the Republic of Kazakhstan:
1) ensure compliance with uniform requirements in the areas of digitalization and cybersecurity;
2) ensure compliance with the basic principles of cyberculture recommended by the authorized body;
3) define digital objects related to critically important digital objects within their competence;
4) provide workplaces with access to digital objects for employees of the National Cybersecurity Coordination Center, with the exception of the authorized body for regulation, control and supervision of the financial market and financial organizations, special government agencies and the Armed Forces of the Republic of Kazakhstan;
5) exercise other powers provided for by this Law, other laws of the Republic of Kazakhstan and acts of the President of the Republic of Kazakhstan.
The competence of the central executive bodies is also determined by acts of the Government of the Republic of Kazakhstan.
Article 7-3. Competence of local executive bodies in the field of cybersecurity
Local executive bodies:
1) ensure compliance with uniform requirements in the areas of digitalization and cybersecurity, data management requirements;
2) monitor the implementation of uniform requirements in the areas of digitalization and cybersecurity;
3) create conditions for enhancing cyberculture;
4) define digital objects related to critically important digital objects within their competence;
5) exercise state control in the field of digitalization in relation to private business entities within the relevant administrative-territorial unit;
6) promote the development of the cybersecurity industry, including by attracting investments;
7) exercise, in the interests of local government, other powers assigned to local executive bodies by the legislation of the Republic of Kazakhstan.
2. Local executive bodies of the region, the city of republican significance and the capital shall carry out state control over compliance with the requirements for an electronic document and an electronic digital signature, with the exception of the sources of acquisition of the National Archive of the Republic of Kazakhstan and the central state archives.;
Article 7-4. The State Operational Cybersecurity Center
1. The State Operational Cybersecurity Center:
1) monitors the cybersecurity of digital objects of the "digital government" through the cybersecurity monitoring system of the National Cybersecurity Coordination Center;
2) monitors cybersecurity events at digital facilities of government agencies;
3) carries out measures to identify, combat and investigate cybersecurity threats and incidents at digital facilities of the "digital government" and forms recommendations for their elimination or prevention;
4) coordinates measures to ensure the cybersecurity of digital objects of the "digital government", as well as responding to cybersecurity incidents;
5) ensures the functioning of the program of interaction with cybersecurity researchers on digital objects of government agencies;
6) carries out, together with the operator of the digital government, measures to ensure the cybersecurity of the digital government platform in accordance with the regulations for ensuring the cybersecurity of the digital government platform, approved by the authorized body in coordination with the National Security Committee of the Republic of Kazakhstan;
7) notify the authorized body in the field of personal data protection of a violation of personal data security within three hours from the moment of its discovery.
2. Employees of the State Operational Center for Cybersecurity are responsible for disclosing commercial or other legally protected secrets obtained by them as a result of their activities, in accordance with the laws of the Republic of Kazakhstan.
Article 7-5. Cybersecurity Center
1. Cybersecurity Center:
1) carries out activities related to the detection, assessment, forecasting, localization, neutralization and prevention of cybersecurity threats to digital objects connected to the cybersecurity center;
2) takes measures to minimize cybersecurity threats, immediately informs the owner and (or) the owner of the digital facility, as well as the National Cybersecurity Coordination Center about the facts of detecting incidents and threats to cybersecurity;
3) monitors the cybersecurity of critical digital facilities that are not part of the digital facilities of the digital government;
4) exchanges information necessary to ensure the cybersecurity of digital objects connected to the cybersecurity center with the Cybersecurity industry Center, the National Cybersecurity Coordination Center and other cybersecurity centers;
5) collects, consolidates, analyzes, and stores information about cybersecurity events and incidents.;
6) provides owners and (or) owners of critical digital facilities with information necessary to ensure the cybersecurity of digital facilities, including information on cybersecurity threats, vulnerabilities in software, devices and technologies, ways to implement cybersecurity threats, prerequisites for cybersecurity incidents, as well as methods for their prevention and elimination;
7) ensures the safety of information of limited distribution that has become known to the cybersecurity center in the framework of its activities;
8) provides the National Cybersecurity Coordination Center with access to the event logs of digital objects of the "digital government" connected to the cybersecurity center;
9) has the right to create its own program of interaction with cybersecurity researchers or purchase the service of using the program of interaction with cybersecurity researchers from third parties in accordance with the Civil Code of the Republic of Kazakhstan;
10) ensures cybersecurity of automated process control systems;
11) notifies the authorized body in the field of personal data protection of a violation of personal data security within three hours from the moment of its discovery;
12) has the right, with the consent of the authorized body in the field of personal data protection, to process personal data whose security has been violated in order to inform personal data subjects on the digital government web portal through a personal account;
13) conducts a national technical audit of data centers;
14) ensures compliance with uniform requirements in the areas of digitalization and cybersecurity at its digital facilities;
15) conducts a cybersecurity audit;
16) monitors and logs digital cybersecurity events of digital objects, including those that collect and process personal data.
2. The Cybersecurity Center carries out its activities on the basis of a license to provide services for the identification of technical channels of information leakage and special technical means intended for operational search activities.
3. Employees of the cybersecurity center are responsible for disclosing commercial or other legally protected secrets obtained by them as a result of their activities, in accordance with the laws of the Republic of Kazakhstan.
4. The requirement of paragraph 2 of this article does not apply to law enforcement and special state bodies of the Republic of Kazakhstan, second-tier banks of the Republic of Kazakhstan, in which the functions of the cybersecurity center are performed by their structural divisions.";
10) delete article 7-6;
11) Articles 7-7 and 7-8 should be worded as follows:
"Article 7-7. National Cybersecurity Computer Incident Response Service
1. National Cybersecurity Computer Incident Response Service:
1) carries out intersectoral coordination on cybersecurity monitoring, protection and safe functioning of digital objects of the "digital government", the Kazakh segment of the Internet, as well as critical digital objects, responding to cybersecurity incidents with joint measures to ensure cybersecurity in accordance with the procedure established by the legislation of the Republic of Kazakhstan;
2) assists the owners, owners and users of digital objects on cybersecurity issues;
3) notify the authorized body in the field of personal data protection of a violation of personal data security within three hours from the moment of its discovery.
2. Employees of the National Cybersecurity Computer Incident Response Service are responsible for disclosing commercial or other legally protected secrets obtained by them as a result of their activities, in accordance with the laws of the Republic of Kazakhstan.
Article 7-8. Cybersecurity Incident Response Service
1. Cybersecurity Incident Response Service:
1) collects and analyzes information about cybersecurity incidents and current cybersecurity threats, as well as provides recommendations for their elimination;
2) develops recommendations aimed at countering cybersecurity threats;
3) informs the owners and owners of digital facilities, as well as the National Cybersecurity Coordination Center about reported incidents and threats to cybersecurity;
4) has the right to create its own program of interaction with cybersecurity researchers or purchase the service of using the program of interaction with cybersecurity researchers from third parties in accordance with the Civil Code of the Republic of Kazakhstan;
5) notifies the authorized body in the field of personal data protection of a violation of personal data security within three hours from the moment of its discovery;
6) ensures compliance with uniform requirements in the areas of digitalization and cybersecurity at its digital facilities.
2. The Cybersecurity Incident Response Service carries out its activities on the basis of a license to provide services for the identification of technical channels of information leakage and special technical means intended for operational search activities.
3. Employees of the cybersecurity incident response service are responsible for disclosing commercial or other legally protected secrets obtained by them as a result of their activities, in accordance with the laws of the Republic of Kazakhstan.
4. The requirement of paragraph 2 of this article does not apply to second-tier banks of the Republic of Kazakhstan, in which the functions of the cybersecurity incident response service are performed by their structural divisions.";
12) delete article 8;
13) Article 9 should be worded as follows:
"Article 9. National Cybersecurity Coordination Center
1. National Cybersecurity Coordination Center:
1) collects, analyzes, and summarizes information from industry cybersecurity centers and cybersecurity centers about cybersecurity incidents at digital government facilities and critical digital facilities;
2) implements the tasks and functions of the National Cybersecurity Computer Incident Response Service;
3) implements the tasks and functions of the State Operational Center for Cybersecurity;
4) notify the authorized body in the field of personal data protection of a violation of personal data security within three hours from the moment of its discovery.
2. Employees of the National Cybersecurity Coordination Center are responsible for disclosing commercial or other legally protected secrets obtained by them as a result of their activities, in accordance with the laws of the Republic of Kazakhstan.";
14) delete article 9-1;
15) Article 10 should be worded as follows:
"Article 10. Cybersecurity Industry Center
1. The Cybersecurity Industry Center organizes and coordinates the provision of cybersecurity by the owners or owners of digital objects of the relevant industry (sphere) of state regulation, including:
1) carries out activities related to the analysis, assessment, forecasting and prevention of threats to the cybersecurity of organizations;
2) exchanges information necessary to ensure cybersecurity with the National Cybersecurity Coordination Center;
3) collects, consolidates, analyzes and stores information about cybersecurity events and incidents received from owners or owners of digital objects in the relevant industry (sphere);
4) provides information necessary to ensure cybersecurity to the owners or owners of digital objects of the relevant industry (sphere), including information on cybersecurity threats, vulnerabilities in digital objects of the relevant industry (sphere), prerequisites for the occurrence of cybersecurity incidents, as well as methods of their prevention and elimination.;
5) ensures the safety of information of limited distribution that has become known to the industry cybersecurity center in the framework of its activities;
6) notifies the authorized body in the field of personal data protection of a violation of personal data security within three hours from the moment of its discovery;
7) coordinates the provision of cybersecurity of automated process control systems and process control systems that are part of critical digital facilities, in accordance with the procedure and deadlines established by the internal regulations of the cybersecurity industry center.;
8) develops, on the basis of uniform requirements in the fields of digitalization and cybersecurity, additional requirements for ensuring cybersecurity in the relevant branch (sphere) of state regulation.
2. Employees of the cybersecurity industry center are responsible for disclosing commercial, banking or other legally protected secrets obtained by them as a result of their activities, in accordance with the laws of the Republic of Kazakhstan.
3. To carry out its functions, the Cybersecurity Industry Center uses a digital facility for collecting, processing and exchanging information on cybersecurity events and incidents, the procedure for connecting and using which by industry organizations is determined by the authorized body of the relevant industry (sphere) of state regulation.";
16) articles 11, 12, 13, 13-3 and 13-4 should be deleted;
17) Articles 14 and 14-1 should be worded as follows:
"Article 14. State Technical Service
1. The State Technical Service carries out the following types of activities in the fields of digitalization and cybersecurity, classified as a state monopoly:
1) ensures the functioning of a single Internet access gateway and a single digital government e-mail gateway;
2) conducts tests for compliance with the cybersecurity requirements of digital objects of the "digital government";
3) conducts an expert examination of the investment proposal and the financial and economic justification of budget investments and the terms of reference for the creation or development of a digital facility of the "digital government" for compliance with cybersecurity requirements;
4) monitors Internet resources, as well as monitoring the functioning of the domain name system in the space of the Kazakh segment of the Internet;
5) implements the tasks and functions of the National Cybersecurity Coordination Center;
6) administers access rights, monitors the functioning and cybersecurity of the National Video Monitoring System;
7) carries out a security survey of the processes of storage, processing and dissemination of personal data contained in digital objects;
8) ensures the functioning of digital facilities of the National Cybersecurity Coordination Center;
9) ensures the functioning of the unified national backup platform for storing digital resources, establishes the frequency of backup of digital resources of critical digital objects in accordance with the procedure determined by the authorized body;
10) participates in the implementation of state control in the field of digitalization;
11) provides services for using the National Source Code Repository;
2. The prices for the goods (works, services) specified in paragraph 1 of this Article, produced and (or) sold by the state technical service, are established by the National Security Committee of the Republic of Kazakhstan in coordination with the antimonopoly authority.
Article 14-1. National Institute for Cybersecurity Development
National Institute for Cybersecurity Development:
1) participates in the implementation of state policy in the field of cybersecurity;
2) develops documents on standardization in the field of cybersecurity;
3) carries out scientific and technical activities in the field of cybersecurity;
4) conducts scientific and technical expertise of projects in the field of cybersecurity;
5) provides training, retraining and advanced training in the field of cybersecurity.";
18) delete article 15;
19) the title of chapter 3 should read as follows:
"Chapter 3. Rights and obligations of owners and owners of digital objects in the field of cybersecurity, duties of the owner and (or) owner of critical digital objects";
20) Articles 16, 17 and 18 shall be worded as follows:
"Article 16. Rights and obligations of owners of digital objects
1. The owner of digital objects has the right:
1) transfer digital objects to lease, trust management, economic management or operational management and otherwise dispose of them;
2) establish, within its competence, the regime and rules for processing, protecting and accessing digital objects;
3) determine the conditions for the disposal of digital objects during their storage, copying and distribution;
4) determine the conditions of ownership and use of digital objects;
5) enjoy other rights established by this Law and the laws of the Republic of Kazakhstan.
2. The owner of digital objects is obliged to:
1) ensure the cybersecurity of digital objects;
2) distribute, provide, restrict or prohibit access to digital resources and digital infrastructure facilities in accordance with this Law and other laws of the Republic of Kazakhstan;
3) perform other duties in accordance with this Law and other laws of the Republic of Kazakhstan.
3. The owner of a digital object containing personal data is obliged to take measures provided for by the legislation of the Republic of Kazakhstan on personal data and their protection.
4. The owner of a digital facility is responsible to the owner and/or owner of digital resources for the security of storage and protection of digital resources located on digital facilities owned by him.
Article 17. Rights and obligations of the owner of digital objects
1. The owner of a digital object has the right:
1) to own and use digital objects on the terms determined by the owner;
2) determine the conditions of access and use of digital objects in accordance with subparagraph 1) of this paragraph;
3) determine the conditions for processing digital resources in a digital system;
4) enjoy other rights established by this Law and the laws of the Republic of Kazakhstan.
2. The owner of digital objects must:
1) ensure the cybersecurity of digital objects;
2) to respect the rights, freedoms and legitimate interests of the owner of digital objects and third parties;
3) perform other duties in accordance with this Law and other laws of the Republic of Kazakhstan.
3. The owner of a digital object containing personal data is obliged to take measures provided for by the legislation of the Republic of Kazakhstan on personal data and their protection.
4. The owner of a digital object is responsible to the owner and (or) the owner of digital resources and digital objects for the security of storage and protection of digital resources and digital objects located on the objects belonging to him.
Article 18. Duties of the owner and (or) the owner of critical digital objects
1. The owner or owner of critical digital facilities must:
1) create your own cybersecurity center and ensure its operation or purchase the services of a cybersecurity center from third parties in accordance with the Civil Code of the Republic of Kazakhstan in the amount (in a set) established by uniform requirements in the fields of digitalization and cybersecurity;
2) ensure that for critically important digital objects that are digital objects of the "digital government", the connection of digital cybersecurity event logging systems to the technical means of the cybersecurity monitoring system of the National Cybersecurity Coordination Center independently or by purchasing services from third parties in accordance with the civil legislation of the Republic of Kazakhstan;
3) notify the National Cybersecurity Coordination Center and the Cybersecurity center, to which critical digital facilities are connected, of independently identified cybersecurity incidents in the manner and within the time limits specified by the rules for monitoring the cybersecurity of digital facilities of the digital government and critical digital facilities, unless otherwise established by the laws of the Republic of Kazakhstan;
4) transfer backup copies of digital resources to the unified national backup platform for storing digital resources in accordance with the procedure and terms determined by the authorized body, unless otherwise established by the laws of the Republic of Kazakhstan.
Access to a copy of digital resources stored on the unified national backup platform for storing digital resources is prohibited, with the exception of the owner or owner of the digital resource.
2. The owner and (or) the owner of critical digital objects that process data containing legally protected secrets shall conduct a cybersecurity audit at least once a year. The cybersecurity audit of second-tier banks is conducted in accordance with the requirements of the banking legislation of the Republic of Kazakhstan.";
21) Articles 19 and 20 should be deleted;
22) delete the heading of section 2;
23) Chapter 4 should be worded as follows:
"Chapter 4. Subjects and objects of cybersecurity";
24) articles 21, 22, 25, 26, 27 and 28 should be deleted.;
25) add articles 28-1 and 28-2 as follows:
"Article 28-1. Cybersecurity Researcher
1. Cybersecurity Researcher:
1) searches for vulnerabilities within the boundaries established by the owner and (or) the owner of the digital object;
2) submits a report describing the identified vulnerabilities;
3) informs the owners and (or) owners of digital objects about the identified vulnerabilities;
4) does not disclose information about the identified vulnerability until it is completely eliminated and officially authorized by the owner and (or) the owner of the digital object.;
5) does not use the discovered vulnerabilities for personal or illegal purposes;
6) does not disrupt the normal functioning of the digital facility when searching for vulnerabilities.
2. A cybersecurity researcher is responsible for disclosing commercial or other legally protected secrets obtained by him as a result of his activities, in accordance with the laws of the Republic of Kazakhstan.
Article 28-2. Licensing in the field of cybersecurity
1. Activities in the field of cybersecurity are subject to licensing in accordance with the procedure established by the legislation of the Republic of Kazakhstan on permits and notifications.
2. Licensees in the field of cybersecurity shall submit to the licensor reports, notices, a list, forms and frequency of which are determined by the licensor within the framework of qualification requirements.";
26) Articles 29, 30 and 30-1 should be worded as follows:
"Article 29. Unified transport environment of government agencies
1. Unified transport environment of government agencies is a telecommunications network included in the infrastructure of the "digital government" and designed to ensure the interaction of local (with the exception of local networks with Internet access), departmental and corporate telecommunications networks of government agencies, their subordinate organizations and local governments, as well as other subjects of the digital environment identified by the authorized body, while maintaining the required level of cybersecurity.
2. State bodies, their subordinate organizations and local self-government bodies, as well as other subjects of the digital environment designated by the authorized body, are obliged to use exclusively the unified transport environment of state bodies for the interaction of local (with the exception of local networks with Internet access), departmental and corporate networks.
3. In order to ensure cybersecurity, local, departmental and corporate networks connected to the unified transport environment of government agencies, public telecommunications networks and other telecommunications networks are connected in accordance with common requirements in the areas of digitalization and cybersecurity.
Article 30. A single Internet access gateway and a single digital Government e-mail gateway
1. The connection of digital facilities of state bodies, local governments, state legal entities, quasi-public sector entities, as well as owners or owners of critical digital facilities to the Internet is carried out by telecom operators through a single Internet access gateway.
2. The connection of digital objects of state bodies and local governments to the Internet is carried out in accordance with the uniform requirements in the areas of digitalization and cybersecurity.
3. Special state and law enforcement agencies of the Republic of Kazakhstan and military intelligence agencies of the Ministry of Defense of the Republic of Kazakhstan may establish Internet connections without using a single Internet access gateway for operational purposes, as well as the National Bank of the Republic of Kazakhstan.
The authorized body for regulation, control and supervision of the financial market and financial organizations can arrange Internet connections without using a single Internet access gateway, taking into account the implementation of the functions of the industry cybersecurity center.
4. Electronic interaction of the e-mail of government agencies and owners and (or) owners of critical digital objects with the external e-mail of other persons is carried out by redirecting electronic messages.
Article 30-1. National video monitoring system
1. The National Video Monitoring System is a digital system that is a set of software and hardware tools that collect, process and store video images to solve the tasks of ensuring national security and public order.
2. It is not allowed to use the information obtained by the National Video Monitoring System to solve problems not provided for in paragraph 1 of this Article.
3. The categories of objects subject to mandatory connection to the National Video Monitoring System are:
1) video surveillance systems of central state and local executive bodies;
2) video surveillance systems for objects vulnerable to terrorism;
3) video surveillance systems for public and road safety.
The list of facilities subject to mandatory connection to the National Video Monitoring System is determined by the National Security Committee of the Republic of Kazakhstan in coordination with the State Security Service of the Republic of Kazakhstan.
4. Users of the National Video Monitoring System are special state bodies and internal affairs bodies of the Republic of Kazakhstan.
The list of services, divisions and categories of employees authorized to use the National Video Monitoring System is determined by the heads of special state bodies and internal affairs bodies of the Republic of Kazakhstan.
Information obtained as a result of the functioning of the National Video Monitoring System may be submitted to other government agencies in cases established by the laws of the Republic of Kazakhstan.
5. The rules of operation of the National Video Monitoring System are approved by the National Security Committee of the Republic of Kazakhstan.";
27) add article 30-2 as follows:
"Article 30-2. Digital event logging
1. Digital event logging is provided by collecting, recording and storing digital event logs and their immutability.
2. Digital event logging is used to ensure the monitoring, analysis and storage of digital event logs resulting from the actions of users with privileged rights in digital facilities of government agencies and digital facilities of other persons used by government agencies to digitalize their activities.
3. The procedure for logging digital events is determined by the authorized body.";
28) delete article 31;
29) delete the title of chapter 5;
30) articles 32, 33, 34, 35 and 36 should be deleted.;
31) delete the title of chapter 6;
32) delete article 37;
33) Article 38 should be worded as follows:
"Article 38. Cybersecurity requirements for the digital object of the digital Government
1. The digital facility of the "digital government" is created, operated and developed in accordance with the legislation of the Republic of Kazakhstan, the standards in force in the territory of the Republic of Kazakhstan, the lifecycle of the digital facility of the "digital government" and taking into account the provision of:
1) uniform requirements in the areas of digitalization and cybersecurity;
2) the architecture of the "digital government", as well as data management requirements;
3) integration (if necessary) with other digital objects of the "digital government";
4) information interaction of the digital facility of the "digital government" with the cybersecurity event monitoring system of the National Cybersecurity Coordination Center;
5) creation of its own cybersecurity center and ensuring its operation or purchase of cybersecurity center services from third parties in accordance with the Civil Code of the Republic of Kazakhstan in the scope (set) established by uniform requirements in the fields of digitalization and cybersecurity;
6) the priority of free software;
7) assigning a class according to the classifier;
8) access for users with disabilities.
2. The digital system of a state-owned legal entity and a non-governmental digital system intended for the formation of state digital resources are created, operated and developed in accordance with the legislation of the Republic of Kazakhstan, standards in force in the territory of the Republic of Kazakhstan, the lifecycle of the digital system and subject to the following requirements:
1) technical specifications agreed with the authorized body and the authorized body in the field of digitalization;
2) test reports with positive test results for compliance with cybersecurity requirements;
3) integration of the digital system of a government agency with a non-governmental digital system only through an external gateway of the "digital government", put into commercial operation;
4) uniform requirements in the areas of digitalization and cybersecurity.
3. The information contained in the digital resource, regulatory and technical documentation, as well as other related documents of the digital system of government agencies are created and stored in Kazakh and Russian languages.
4. The owner or owner of the digital system of a state body or a person authorized by him shall provide the National Cybersecurity Coordination Center with access to the digital system of a state body at its location for monitoring cybersecurity.";
34) articles 39, 39-1, 40, 41 and 41-1 should be deleted;
35) Article 42 should be worded as follows:
"Article 42. Mandatory requirements for the means of processing, storing and backing up digital resources in the digital infrastructure of the digital government
1. To ensure the reliability and safety of the digital infrastructure of the digital government, the technical means used to store, process and transfer digital resources must comply with the requirements of the legislation of the Republic of Kazakhstan in the field of technical regulation.
2. The owner or owner of the digital infrastructure facility of the "digital government", as well as the operator of the "digital government", store and, if necessary, ensure the restoration of state digital resources contained in the digital infrastructure facilities of the "digital government", and are responsible for the loss, modification or other failure to ensure the safety of state digital resources in accordance with the procedure established by the Legislation of the Russian Federation. established by the laws of the Republic of Kazakhstan and the agreement of the parties.
3. Ensuring the production of a backup copy of state digital resources is mandatory for the owner and owner of the digital infrastructure facility of the "digital government" or the operator of the "digital government".
The method of making and storing a backup containing government digital resources should ensure the safety of digital resources until the next backup is made.
The frequency of backup of state digital resources is established by the technical documentation for the digital object of the "digital government".";
36) Articles 43 and 44 should be deleted;
37) the title of chapter 8 should read as follows:
"Chapter 8. Cybersecurity compliance tests, cybersecurity audit";
38) delete article 48;
39) Articles 49 and 50 shall be worded as follows:
"Article 49. Cybersecurity compliance tests
1. Testing of digital objects for compliance with cybersecurity requirements is mandatory and/or initiated by the owner or proprietor.
2. The test objects subject to mandatory tests for compliance with cybersecurity requirements include:
1) platform software product;
2) The digital government platform;
3) an online resource of a government agency, a state-owned legal entity, or a quasi-public sector entity;
4) the digital system of a government agency, a state-owned legal entity, or a quasi-public sector entity;
5) Critical digital objects;
6) a non-governmental digital system designed for the formation of state digital resources, the implementation of state functions and the provision of public services.
3. The digital system of a government agency and a non-governmental digital system do not require cybersecurity compliance tests to use the services of the national certification center of the Republic of Kazakhstan for verifying the authenticity of an electronic digital signature.
4. Tests of digital objects (with the exception of digital objects owned (owned) and (or) ordered by a government agency) for compliance with cybersecurity requirements are conducted by accredited testing laboratories in accordance with this Law and the legislation of the Republic of Kazakhstan in the field of technical regulation.
5. Digital objects are tested to assess their quality in accordance with the legislation of the Republic of Kazakhstan in the field of technical regulation.
Article 50. Cybersecurity audit
1. The cybersecurity audit of digital objects is carried out on the initiative of their owner and (or) owner.
2. The owner and (or) the owner of digital objects has the right to conduct an internal audit or purchase a service in accordance with the Civil Code of the Republic of Kazakhstan from legal entities licensed in the field of cybersecurity.
3. The owner of critical digital facilities, digital facilities that process digital data containing legally protected secrets, conducts a cybersecurity audit at least once a year. The audit results are sent to the authorized body and the National Cybersecurity Coordination Center.";
40) in article 52, the words "informatization sphere" should be replaced by the words "digital environment";
41) the title of chapter 9 should be worded as follows:
"Chapter 9. Protection of digital objects";
42) Articles 53 and 54 should be worded as follows:
"Article 53. Objectives of the protection of digital objects
1. The protection of digital objects is the implementation of a set of legal, organizational and technical measures aimed at the safety of digital objects, preventing unlawful and (or) unintended access and (or) impact on them.
2. The protection of digital objects is carried out in accordance with the legislation of the Republic of Kazakhstan and the standards in force on the territory of the Republic of Kazakhstan in order to:
1) ensuring the operation of digital resources;
2) ensuring the confidentiality of digital resources with limited access;
3) realization of the right of cybersecurity entities to access digital resources;
4) preventing unauthorized and (or) unintended access, leakage and other actions in relation to digital resources, as well as unauthorized and (or) unintended impact on digital infrastructure facilities;
5) preventing disruptions to the functioning of digital facilities and critical digital facilities;
6) preventing unauthorized and (or) unintentional access to official information about subscribers of telecommunications networks and telecommunications messages;
7) preventing unauthorized and (or) unintentional blocking of the operation of subscriber devices of telecommunications networks.
3. Other unauthorized and/or unintended actions in relation to digital objects are:
1) blocking of digital resources and objects of digital infrastructure, committed in the form of actions leading to restriction or closure of access to them;
2) unauthorized and/or unintentional modification of digital objects;
3) unauthorized and/or unintentional copying of digital resources;
4) unauthorized and/or unintentional destruction or loss of digital resources;
5) disruption of digital objects;
6) the use of malware.
4. Digital objects are protected according to the class assigned in accordance with the classifier.
Article 54. Organization of protection of digital objects
1. Digital objects are protected:
1) in relation to digital resources – by their owners, owners and users;
2) in relation to digital infrastructure facilities and critical digital facilities – by their owners or owners.
2. The owners or owners of the digital infrastructure of the "digital government" and critical digital facilities are required to take measures to ensure:
1) preventing unauthorized access;
2) timely detection of unauthorized access, if such unauthorized access could not be prevented;
3) minimizing the adverse consequences of access violations;
4) prevention of unauthorized influence on the means of processing and transferring digital resources;
5) elimination of cybersecurity incidents and vulnerabilities;
6) prompt recovery of digital resources modified or destroyed due to unauthorized access to them;
7) immediately informing the National Cybersecurity Coordination Center about the cybersecurity incident, followed by sending digital data on the measures taken to eliminate the cybersecurity incident, with the exception of the owners and (or) owners of digital resources containing information constituting state secrets;
8) information interaction with the National Cybersecurity Coordination Center on cybersecurity monitoring of digital government digital facilities;
9) providing access to the National Cybersecurity Coordination Center to digital facilities of the digital government and cybersecurity centers to critical digital facilities for organizational and technical measures aimed at monitoring cybersecurity in accordance with the rules for monitoring cybersecurity of digital facilities of the digital government and critical digital facilities.
3. Owners or owners of digital objects of state bodies are obliged to take measures to ensure:
1) participation of digital objects with access to the Internet in the program of interaction with cybersecurity researchers for digital objects of the "digital government";
2) elimination of vulnerabilities identified within the framework of the program of interaction with cybersecurity researchers for digital objects of the "digital government";
3) performing other duties in accordance with this Law and other laws of the Republic of Kazakhstan.
4. Owners or owners of non-governmental digital facilities intended to digitalize the activities of government agencies, prior to integration with digital facilities of government agencies:
1) take measures to ensure compliance with uniform requirements in the areas of digitalization and cybersecurity;
2) establish their own cybersecurity center and ensure its operation or purchase the services of a cybersecurity center from third parties in accordance with the Civil Code of the Republic of Kazakhstan.
5. Owners or owners of critically important digital facilities, with the exception of government agencies, local governments, state-owned legal entities, and quasi-public sector entities, within six months from the date of inclusion in the list of critically important digital facilities:
1) take measures to comply with uniform requirements in the areas of digitalization and cybersecurity related to the field of cybersecurity;
2) establish their own cybersecurity center and ensure its operation or purchase the services of a cybersecurity center from third parties in accordance with the Civil Code of the Republic of Kazakhstan;
3) undergo a test procedure for compliance with cybersecurity requirements;
4) provide information on the conducted cybersecurity audit to the authorized body in the field of cybersecurity.
6. Management of Internet resources and digital infrastructure facilities in emergency situations of a social, natural and man-made nature, the introduction of a state of emergency or martial law is carried out by the authorized body in accordance with the legislation of the Republic of Kazakhstan.";
43) add article 54-1 as follows:
"Article 54-1. Common requirements in the areas of digitalization and cybersecurity
1. Uniform requirements in the fields of digitalization and cybersecurity are approved by a decree of the Government of the Republic of Kazakhstan.
2. The provisions of the uniform requirements in the fields of digitalization and cybersecurity related to the field of cybersecurity are mandatory for application by state bodies, local governments, state legal entities, quasi-public sector entities, owners and owners of non-governmental digital facilities integrated with digital facilities of state bodies or intended for the formation of state digital resources, as well as owners and owners of critical digital facilities.
3. The provisions of the uniform requirements in the fields of digitalization and cybersecurity do not apply to secure digital systems classified as state secrets, digital objects containing information constituting state secrets, as well as special-purpose telecommunications networks and (or) presidential, government and secure communications.";
44) Article 55 should be worded as follows:
"Article 55. Measures to protect digital objects
1. Legal measures to protect digital objects include:
1) the requirements of the legislation of the Republic of Kazakhstan and the standards in force in the Republic of Kazakhstan in the field of digitalization;
2) responsibility for violation of the digital legislation of the Republic of Kazakhstan;
3) agreements concluded by the owner or owner of digital objects, which establish the working conditions, access or use of these objects, as well as responsibility for their violation.
2. Organizational measures to protect digital objects include establishing and ensuring access to the territory (buildings, premises) where access to digital objects can be carried out, as well as restricting access to them.
3. Technical (software and technical) measures for the protection of digital objects include:
1) the use of information protection means, and in relation to information constituting state secrets – exclusively with the use of information protection means constituting state secrets, developed, manufactured and (or) put into operation in accordance with the legislation of the Republic of Kazakhstan;
2) the use of access control systems and registration of access facts to digital objects;
3) development of a security assignment to determine protection measures by owners or owners of digital objects based on approved protection profiles.
4. The use of technical (software-technical) measures to protect digital objects should not cause harm or create a threat of harm to the life, health and property of individuals, as well as the property of legal entities and state property.";
45) in article 56:
in the title, replace the words "electronic information resources" with the words "digital resources";
In part one, replace the words "information systems" with the words "digital systems";
In part two, replace the words "electronic information resources" with the words "digital resources";
46) delete the heading of section 3;
47) delete the title of chapter 10;
48) delete article 57;
49) in article 59:
In the title, replace the words "informatization and information security" with the words "digital environment and cybersecurity";
Paragraphs 1 and 3 should be worded as follows:
"1. The approval of the technical specifications for the creation and development of the digital facility of the digital government is carried out by the authorized body in the field of cybersecurity in accordance with the procedure and deadlines defined by the rules for the preparation and review of technical specifications for the creation and development of digital facilities of the digital government, approved by the authorized body in the field of digitalization.";
"3. When creating and developing digital objects of the "digital government" within the framework of republican and local public-private partnership projects in the field of digitalization, in accordance with the legislation of the Republic of Kazakhstan in the field of public-private partnership, the authorized body in the field of cybersecurity coordinates the tender documentation of the public-private partnership project, the business plan for the public-private partnership project direct negotiations to determine a private partner.";
50) delete article 60;
51) add chapter 10-1 to read as follows:
"Chapter 10-1. State control in the field of digitalization, as well as over compliance with the requirements for an electronic document and an electronic digital signature
Article 60-1. State control in the field of digitalization
1. State control in the field of digitalization is carried out in the form of inspections, preventive control with a visit to the subject (object) of control and preventive control without visiting the subject (object) of control.
2. Inspection and preventive control with a visit to the subject (object) of control are carried out in accordance with the Business Code of the Republic of Kazakhstan.
3. Preventive control without visiting the subject (object) of control is carried out in accordance with this Law and the Business Code of the Republic of Kazakhstan.
4. State control in the field of digitalization in relation to state bodies is carried out in accordance with Article 60-3 of this Law.
5. The requirements of this article do not apply to the National Bank of the Republic of Kazakhstan and the organizations included in its structure, as well as special state bodies of the Republic of Kazakhstan, unless otherwise provided by the laws of the Republic of Kazakhstan.
Article 60-2. The procedure for conducting preventive control without visiting the subject (object) of control in the field of digitalization
1. Preventive control without visiting the subject (object) of control is carried out by the authorized body without visiting the subjects (objects) of control on the basis of analysis and data from digital systems, open sources, mass media, as well as other information about the activities of the subject (object) of control.
2. The objectives of preventive control without visiting the subject (object) of control are the timely suppression and prevention of violations, granting the subject of control the right to independently eliminate violations identified by the results of preventive control without visiting the subject (object) of control, and reducing the administrative burden on the subject of control.
3. In order to grant the right to independently eliminate violations to the subjects of control, preventive control without visiting the subject (object) of control is carried out only for those violations, the consequences of which can be eliminated in accordance with the legislation of the Republic of Kazakhstan.
4. Based on the results of preventive control without visiting the subject (object) of control, a recommendation is made to eliminate the identified violations without initiating an administrative offense case with a mandatory explanation to the subject of control of the procedure for their elimination.
5. The recommendation to eliminate the identified violations must be handed over to the subject of control personally against signature or in any other way confirming the fact of sending and receiving.
6. A recommendation to eliminate the identified violations, sent in one of the following ways, is considered to have been served in the following cases::
1) on purpose – from the date of the mark in the receipt recommendation;
2) by mail – by registered mail with notification;
3) electronically – from the date of sending by the authorized body to the e-mail address of the subject of control specified in the letter upon request by the authorized body.
7. The recommendation to eliminate the identified violations must be executed within thirty working days from the day following the day of its delivery.
8. In case of disagreement with the violations specified in the recommendation on the elimination of identified violations, the control entity has the right to send an objection to the authorized body that sent the recommendation on the elimination of identified violations within five working days from the day following the day of its delivery.
9. Failure to comply with the recommendation on the elimination of identified violations within the prescribed period entails the inclusion of the subject (object) of control in the semi-annual list of preventive control with a visit to the subject (object) of control.
10. Preventive monitoring without visiting the subject (object) of control is carried out no more than once a quarter.
Article 60-3. The procedure for conducting state control in the field of digitalization in relation to government agencies
1. State control in the field of digitalization in relation to state bodies (hereinafter referred to as the audited state bodies) is carried out by the authorized body in the form of inspections.
Inspections are divided into periodic and unscheduled ones.
Periodic inspections of the audited State bodies are carried out according to the following sources of information:
1) the results of previous inspections;
2) the results of monitoring reports and information;
3) the results of the analysis of the Internet resources of government agencies;
4) information from the State technical service.
2. Periodic inspections are carried out at intervals of no more than once a year in accordance with the periodic inspection plan approved by the first head of the authorized body in the field of cybersecurity.
The authorized body shall approve a plan for periodic inspections no later than December 1 of the year preceding the year of inspections.
The plan for periodic inspections is posted on the authorized body's Internet resource no later than December 20 of the year preceding the year of inspections.
The periodic inspection plan includes:
1) the number and date of the plan approval;
2) the name of the state body;
3) the name of the state body being audited;
4) the location of the government agency under review;
5) the timing of the audit;
6) the subject of verification;
7) the signature of the person authorized to sign the plan.
Amendments and additions to the periodic inspection plan are carried out in cases of liquidation, reorganization of the audited state body, change of its name or redistribution of powers between the audited state bodies.
3. An unscheduled inspection is an inspection appointed by an authorized body in the following cases::
1) the presence of confirmed complaints against the audited state body received from individuals and legal entities about violations of the requirements of the legislation of the Republic of Kazakhstan on cybersecurity;
2) appeals from individuals and legal entities whose rights and legitimate interests have been violated;
3) the prosecutor's demands on specific facts of harm or threat of harm to the rights and legitimate interests of individuals and legal entities, the state;
4) appeals from state bodies on specific facts of harm to the rights and legitimate interests of individuals and legal entities, the state, as well as on specific facts of violations of the requirements of the legislation of the Republic of Kazakhstan, failure to eliminate which entails harm to the rights and legitimate interests of individuals and legal entities;
5) instructions of the criminal prosecution body on the grounds provided for by the Criminal Procedure Code of the Republic of Kazakhstan;
6) the need to monitor the execution of the act on the results of the audit.
4. When conducting an inspection, officials of the authorized body have the right to:
1) unhindered access to the territory and premises of the inspected state body in accordance with the subject of the inspection upon presentation of the documents specified in paragraph 8 of this Article;
2) receive documents (information) on paper and digital media or copies thereof for attachment to the act on the results of the audit, as well as access to automated databases (digital systems) in accordance with the subject of the audit;
3) to carry out audio, photo and video shooting;
4) involve specialists, consultants and experts from government agencies, subordinate and other organizations.
5. The state body under review or its authorized representative may, during the audit,:
1) to prevent the inspection of officials of the authorized body who arrived to conduct the inspection, in the following cases::
exceeding or expiring the time limits specified in the act on the appointment of an inspection (additional act on extension, if any) that do not correspond to the time limits established by this article;
absence of documents provided for in paragraph 8 of this Article;
2) appeal the act on the results of the audit in accordance with the procedure established by the legislation of the Republic of Kazakhstan.
6. The state body under review or its authorized representative during the audit is obliged to:
1) to ensure unhindered access of officials of the authorized body to the territory and premises;
2) submit to the officials of the authorized body documents (information) on paper and digital media or copies thereof for attachment to the act on the results of the audit, as well as access to automated databases (digital systems) in accordance with the subject of the audit;
3) make a note on the second copy of the act on the appointment of the inspection and the act on the results of the inspection on the day of its completion.
7. The inspection is carried out on the basis of the inspection appointment act.
The act on the appointment of the inspection shall specify:
1) date and number of the act;
2) the name of the state body;
3) last name, first name, patronymic (if it is indicated in the identity document) and the position of the person(s) authorized to conduct the audit;
4) information about specialists, consultants and experts of government agencies, subordinate and other organizations involved in the audit;
5) the name of the state body being audited and its location.
In the case of an inspection of a structural subdivision of a state body, its name and location are indicated in the act on the appointment of the inspection.;
6) the subject of verification;
7) type of verification;
8) the deadline for the audit;
9) the grounds for conducting the audit;
10) the period under review;
11) the rights and obligations of the audited state body;
12) the signature of the head of the state body under review or his authorized person on receipt or refusal to receive the act;
13) the signature of the person authorized to sign the act.
When conducting an inspection, the authorized body is obliged to notify the inspected state body of the start of the inspection at least one day before it begins, indicating the subject of the inspection.
The date of delivery of the act on the appointment of an inspection to the audited state body is considered to be the beginning of the inspection.
8. Officials of the authorized body who have arrived at the facility for inspection are required to present to the inspected state body:
1) an act on the appointment of an inspection;
2) official identification card or identification card;
3) if necessary, a permit from the competent authority to visit sensitive facilities.
9. The time limit for conducting an inspection is set taking into account the subject of the inspection, as well as the amount of work to be done, and should not exceed ten working days.
The verification period may be extended only once for no more than fifteen working days. The extension is carried out by the decision of the head of the authorized body.
The extension of the inspection period is formalized by an additional act on the extension of the inspection period with notification of the state body being audited, which specifies the date and number of the order of the previous act on the appointment of the inspection and the reasons for the extension.
The notification of the extension of the inspection period is handed over to the state body being checked by the authorized body one working day before the extension with the notification of delivery.
10. Based on the results of the inspection, an act on the results of the inspection is drawn up by the officials of the authorized body carrying out the inspection.
The first copy of the act on the results of the audit in electronic form is submitted to the state body carrying out activities in the field of state legal statistics and special accounting within its competence, the second copy with copies of appendices, with the exception of copies of documents available in the original from the audited state body, on paper against signature or in electronic form is handed over to the audited state body to the body (the head or his authorized person) for familiarization and taking measures to eliminate the identified violations and other actions., the third copy remains with the authorized body.
11. The inspection results report states:
1) date, time and place of drawing up the act;
2) the name of the state body;
3) the number and date of the act on the appointment of the inspection (additional act on the extension of the period, if any);
4) last name, first name, patronymic (if it is indicated in the identity document) and the position of the person(s) who conducted the inspection;
5) information about specialists, consultants and experts of government agencies, subordinate and other organizations involved in the audit;
6) the name of the inspected state body, its location;
7) the subject of verification;
8) type of verification;
9) the time and period of the audit;
10) information about the results of the audit, including the identified violations and their nature;
11) requirements for the elimination of identified violations of the requirements of the legislation of the Republic of Kazakhstan on cybersecurity, indicating the deadline for their execution;
12) information on familiarization or refusal to familiarize with the act of the head of the state body under review or his authorized person, as well as persons who were present during the inspection, their signatures or a record of refusal to sign;
13) the signature of the officials who conducted the inspection.
Documents related to the results of the audit (if any) and their copies are attached to the act on the results of the audit.
12. If there are comments and (or) objections based on the results of the audit, the state body under review shall state them in writing. Comments and (or) objections are attached to the act on the results of the audit, which is marked accordingly.
The authorized body must consider the comments and (or) objections of the audited state body to the act on the results of the audit and give a reasoned response within fifteen working days.
In case of refusal to adopt an act on the results of the audit, an act is drawn up, which is signed by the officials carrying out the audit and the head of the state body being audited or his authorized representative.
The state body under review has the right to refuse to sign the act by giving a written explanation of the reason for the refusal.
13. The end of the inspection period is considered to be the day when the inspection results report is handed over to the state body being checked no later than the deadline for the end of the inspection specified in the inspection appointment act or the additional act extending the inspection period.
14. The deadlines for the execution of the act on the results of the audit are determined taking into account the circumstances affecting the actual possibility of its execution, but not less than ten calendar days from the date of delivery of the act on the results of the audit.
15. When determining the deadlines for the execution of the inspection report, the following factors are taken into account:
1) the availability of organizational and technical capabilities of the inspected state body to eliminate violations;
2) the deadlines for obtaining mandatory opinions, approvals and other documents from state bodies established by the laws of the Republic of Kazakhstan.
16. Upon the expiration of the period for the elimination of the identified violations established in the act on the results of the audit, the inspected state body is obliged, within the period established in the act on the results of the audit, to provide the authorized body with information on the elimination of the identified violations with supporting documents.
In case of failure to provide information on the elimination of identified violations, the authorized body has the right to appoint an unscheduled inspection in accordance with subparagraph 6) of paragraph 3 of this Article.
17. In case of violation of the rights and legitimate interests of the inspected state body during the inspection, the inspected state body has the right to appeal the decisions, actions (inaction) of officials of the authorized body to a higher official or to a court in accordance with the procedure established by the legislation of the Republic of Kazakhstan.
Article 60-4. State control over compliance with the requirements for an electronic document and an electronic digital signature
State control over compliance with the requirements for an electronic document and an electronic digital signature is carried out in the form of an unscheduled inspection and preventive control with a visit to the subject (object) of control in accordance with the Business Code of the Republic of Kazakhstan, unless otherwise established by part two of this paragraph.
State bodies are subject to state control over compliance with the requirements for an electronic document and an electronic digital signature in accordance with this Law.
The requirement of this paragraph does not apply to the National Bank of the Republic of Kazakhstan and organizations included in its structure, and legal entities, fifty or more percent of the voting shares (participation shares in the authorized capital) of which belong to the National Bank of the Republic of Kazakhstan or are in its trust management, as well as special state bodies of the Republic of Kazakhstan.
Article 60-5. The procedure for conducting state control over state bodies for compliance with the requirements for an electronic document and an electronic digital signature
1. State control over compliance with the requirements for an electronic document and an electronic digital signature in relation to state bodies (hereinafter referred to as control subjects) is carried out by the authorized body in the form of inspections.
Inspections are divided into periodic and unscheduled ones.
Periodic inspections of control subjects are carried out according to the following sources of information:
1) the results of previous inspections;
2) the results of monitoring reports and information;
3) the results of the analysis of the Internet resources of government agencies;
4) information from the digital government operator.
2. Periodic inspections are carried out at intervals of no more than once a year in accordance with the periodic inspection plan approved by the first head of the authorized body.
The authorized body shall approve a plan for periodic inspections no later than December 1 of the year preceding the year of inspections.
The plan for periodic inspections is posted on the authorized body's Internet resource no later than December 20 of the year preceding the year of inspections.
The periodic inspection plan includes:
1) the number and date of the plan approval;
2) the name of the state body;
3) name of the control entity;
4) location of the subject (object) of control;
5) the timing of the audit;
6) the subject of verification;
7) the signature of the person authorized to sign the plan.
Amendments and additions to the periodic inspection plan are made in cases of liquidation, reorganization of the control entity, change of its name or redistribution of powers between the control entities.
3. An unscheduled inspection is an inspection appointed by an authorized body in the following cases::
1) the presence of confirmed complaints to the subject of control received from individuals and legal entities about violations of the requirements of the digital legislation of the Republic of Kazakhstan;
2) appeals from individuals and legal entities whose rights and legitimate interests have been violated;
3) the prosecutor's demands on specific facts of harm or threat of harm to the rights and legitimate interests of individuals and legal entities, the state;
4) appeals from state bodies on specific facts of harm to the rights and legitimate interests of individuals and legal entities, the state, as well as on specific facts of violations of the requirements of the legislation of the Republic of Kazakhstan, failure to eliminate which entails harm to the rights and legitimate interests of individuals and legal entities;
5) instructions of the criminal prosecution body on the grounds provided for by the Criminal Procedure Code of the Republic of Kazakhstan;
6) the need to monitor the execution of the act on the results of the audit.
4. When conducting an inspection, officials of the authorized body have the right to:
1) unhindered access to the territory and premises of the subject (object) of control in accordance with the subject of verification upon presentation of the documents specified in paragraph 8 of this Article;
2) receive documents (information) on paper and electronic media or copies thereof for attachment to the act on the results of the audit, as well as access to automated databases (digital systems) in accordance with the subject of the audit;
3) to carry out audio, photo and video shooting;
4) involve specialists, consultants and experts from government agencies, subordinate and other organizations.
5. The subjects of control or their authorized representatives during the audit have the right:
1) to prevent the inspection of officials of the authorized body who arrived to conduct the inspection, in the following cases::
exceeding or expiring the time limits specified in the act on the appointment of an inspection (additional act on the extension of the time limit, if any), which do not correspond to the time limits established by this Article.;
absence of documents provided for in paragraph 8 of this Article;
2) appeal the act on the results of the audit in accordance with the procedure established by the legislation of the Republic of Kazakhstan.
6. When conducting an audit, the subjects of control or their authorized representatives must:
1) to ensure unhindered access of officials of the authorized body to the territory and premises of the subject (object) of control;
2) provide officials of the authorized body with documents (information) on paper and electronic media or copies thereof for attachment to the act on the results of the audit, as well as access to automated databases (digital systems) in accordance with the subject of the audit;
3) make a note on the second copy of the act on the appointment of the inspection and the act on the results of the inspection on the day of its completion.
7. The inspection is carried out on the basis of the inspection appointment act.
The act on the appointment of the inspection shall specify:
1) date and number of the act;
2) the name of the state body;
3) last name, first name, patronymic (if it is indicated in the identity document) and the position of the person(s) authorized to conduct the audit;
4) information about specialists, consultants and experts of government agencies, subordinate and other organizations involved in the audit;
5) the name of the control entity and its location.
In the case of an inspection of a structural subdivision of a state body, its name and location are indicated in the act on the appointment of the inspection.;
6) the subject of verification;
7) type of verification;
8) the deadline for the audit;
9) the grounds for conducting the audit;
10) the period under review;
11) rights and obligations of the subject of control;
12) the signature of the head of the control entity or his authorized person on receipt or refusal to receive the act;
13) the signature of the person authorized to sign the act.
When conducting an inspection, the authorized body is obliged to notify the control entity of the start of the inspection at least one day before it begins, indicating the subject of the inspection.
The date of delivery of the inspection appointment certificate to the subject of control is considered to be the beginning of the inspection.
8. Officials of the authorized body who have arrived at the facility for inspection are required to present to the subject of control:
1) an act on the appointment of an inspection;
2) official identification card or identification card;
3) if necessary, a permit from the competent authority to visit sensitive facilities.
9. The time limit for conducting an inspection is set taking into account the subject of the inspection, as well as the amount of work to be done, and should not exceed ten working days.
The verification period may be extended only once for no more than fifteen working days. The extension is carried out by the decision of the head of the authorized body.
The extension of the inspection period is formalized by an additional act on the extension of the inspection period with notification to the control entity, which specifies the date and number of the order of the previous act on the appointment of the inspection and the reasons for the extension.
The notification of the extension of the inspection period is delivered to the subject of control by the authorized body one working day before the extension with the notification of delivery.
10. Based on the results of the inspection, an act on the results of the inspection is drawn up by the officials of the authorized body carrying out the inspection.
The first copy of the act on the results of the audit in electronic form is submitted to the state body that carries out activities in the field of state legal statistics and special accounting within its competence, the second copy with copies of appendices, with the exception of copies of documents available in the original to the subject of control, on paper against signature or in digital form is handed over to the subject of control (to the head or his authorized person) for familiarization and taking measures to eliminate the identified violations and other actions., the third copy remains with the authorized body.
11. The inspection results report states:
1) date, time and place of drawing up the act;
2) the name of the state body;
3) the number and date of the act on the appointment of the inspection (additional act on the extension of the period, if any);
4) last name, first name, patronymic (if it is indicated in the identity document) and the position of the person(s) who conducted the inspection;
5) information about specialists, consultants and experts of government agencies, subordinate and other organizations involved in the audit;
6) the name of the control entity, its location;
7) the subject of verification;
8) type of verification;
9) the time and period of the audit;
10) information about the results of the audit, including the identified violations and their nature;
11) requirements for the elimination of identified violations of the requirements of the digital legislation of the Republic of Kazakhstan, indicating the deadline for their implementation;
12) information on familiarization or refusal to familiarize with the act of the head of the control entity or his authorized person, as well as persons present during the inspection, their signatures or a record of refusal to sign;
13) the signature of the officials who conducted the inspection.
Documents related to the results of the audit (if any) and their copies are attached to the act on the results of the audit.
12. If there are comments and/or objections based on the results of the audit, the control entity shall state them in writing. Comments and (or) objections are attached to the act on the results of the audit, which is marked accordingly.
The authorized body must consider the comments and (or) objections of the subject of control to the act on the results of the audit and give a reasoned response within fifteen working days.
In case of refusal to adopt an act on the results of the audit, an act is drawn up, which is signed by the officials carrying out the audit and the head of the control entity or his authorized representative.
The subject of control has the right to refuse to sign the act by giving a written explanation of the reason for the refusal.
13. The end of the inspection period is considered to be the day when the inspection results report is handed over to the control entity no later than the deadline for the end of the inspection specified in the inspection appointment act or the additional act extending the inspection period.
14. The deadlines for the execution of the act on the results of the audit are determined taking into account the circumstances affecting the actual possibility of its execution, but not less than ten calendar days from the date of delivery of the act on the results of the audit.
15. When determining the deadlines for the execution of the inspection report, the following factors are taken into account:
1) the subject of control has organizational and technical capabilities to eliminate violations;
2) the deadlines for obtaining mandatory opinions, approvals and other documents from state bodies established by the laws of the Republic of Kazakhstan.
16. Upon expiration of the period for the elimination of identified violations set out in the inspection results report, the control entity is obliged, within the period set out in the inspection results report, to provide the authorized body with information on the elimination of identified violations with supporting documents.
In case of failure to provide information on the elimination of identified violations, the authorized body has the right to appoint an unscheduled inspection in accordance with subparagraph 6) of paragraph 3 of this Article.
17. In case of violation of the rights and legitimate interests of the subject of control during the inspection, the subject of control has the right to appeal the decisions, actions (inaction) of officials of the authorized body to a higher official or to a court in accordance with the procedure established by the legislation of the Republic of Kazakhstan.";
52) the title of chapter 11 should be worded as follows:
"Chapter 11. Industry development and international cooperation in the field of cybersecurity";
53) Article 61 should be worded as follows:
"Article 61. State support for the development of the cybersecurity industry
1. State support for the development of the cybersecurity industry is provided by authorized state bodies, the National Institute for Development in the field of cybersecurity and other national development institutions in order to stimulate the development of the cybersecurity industry in the Republic of Kazakhstan.
2. The National Institute for Development in the Field of Cybersecurity shall carry out its activities in accordance with this Law.
3. Basic principles of state support for the development of the cybersecurity industry:
1) development of the cybersecurity industry based on private entrepreneurship and public-private partnership;
2) the priority of domestic legal entities when receiving orders for the development of cybersecurity;
3) stimulating the development of the production of domestic software, software products and the production of technical equipment;
4) development of the cybersecurity market structure;
5) Support fair competition in the cybersecurity market.
4. In accordance with the principles of state support, measures for the development of the cybersecurity industry, in addition to the measures provided for by the Business Code of the Republic of Kazakhstan, are:
1) formation and development of a regulatory and methodological framework for activities in the cybersecurity industry, including the introduction of international standards;
2) financing of projects in the cybersecurity industry;
3) creating conditions for venture capital and other extra-budgetary reimbursable financing of projects in the cybersecurity industry;
4) making investments in projects in the field of cybersecurity by participating in the authorized capitals of legal entities, creating legal entities, including with foreign participation, and by other means provided for by the legislation of the Republic of Kazakhstan.";
54) in article 62, replace the words "information and communication technologies" with the words "digital technologies";
55) delete the title of chapter 12;
56) in article 63, the words "in the field of informatization", "Subjects of informatization", "information and communication technologies", "information and communication infrastructure" should be replaced, respectively, with the words "in the field of cybersecurity", "Subjects of the digital environment", "digital technologies", "digital infrastructure";
57) Articles 64, 64-1 and 64-2 should be deleted;
58) in article 65, replace the words "legislation of the Republic of Kazakhstan on informatization" with the words "legislation of the Republic of Kazakhstan on cybersecurity";
59) delete article 66.
94. To the Law of the Republic of Kazakhstan dated December 4, 2015 "On the Supreme Judicial Council of the Republic of Kazakhstan":
In paragraph 9 of article 13, the words "electronic system" and "electronic system" should be replaced, respectively, with the words "digital system" and "digital system".
95. To the Law of the Republic of Kazakhstan dated January 14, 2016 "On Precious Metals and Precious Stones":
In subparagraph 2) of paragraph 5-2 of Article 6, the words "information systems" should be replaced by the words "digital systems".
96. To the Law of the Republic of Kazakhstan dated April 6, 2016 "On Legal Acts":
1) in article 1:
in subparagraph 1-4), replace the words "information system" with the words "digital system";
in subparagraph 15), replace the words "electronic system" with the words "digital system";
2) add subparagraph 22) to Article 8 as follows:
"22) in a digital environment.";
3) in paragraph 4 of Article 15, the words "information system" should be replaced by the words "digital system".
97. To the Law of the Republic of Kazakhstan dated April 9, 2016 "On Mail":
1) throughout the text, the words "information systems", "information system", "information system", "information systems", "information system" should be replaced by the words "digital systems", "digital system", "digital system", "digital system", "digital system", respectively;
2) in paragraph 7 of article 33:
in Part two, the words "The Law of the Republic of Kazakhstan "On Informatization" should be replaced by the words "digital legislation of the Republic of Kazakhstan";
In Part three, the words "The Law of the Republic of Kazakhstan "On electronic document and electronic digital signature" should be replaced by the words "digital legislation of the Republic of Kazakhstan".
98. To the Law of the Republic of Kazakhstan dated July 26, 2016 "On Payments and Payment Systems":
1) throughout the text, the words "information system", "information system", "information systems", "information system", "information security", "information technology", "information resources" should be replaced by the words "digital system", "digital system", "digital systems", "digital system", "cybersecurity", "digital technologies", "digital resources";
2) in paragraph 10 of article 25:
Replace the words "e-government" with the words "digital government";
the words "mandatory pension contributions from the employer," should be deleted;
replace the words "in the field of informatization" with the words "in the field of digitalization";
3) in the first part of paragraph 9 of Article 42, the words "The Law of the Republic of Kazakhstan "On Informatization" and other legislation of the Republic of Kazakhstan" should be replaced by the words "The Digital Code of the Republic of Kazakhstan and other laws of the Republic of Kazakhstan";
4) in paragraph 5 of article 50, the words "electronic government" should be replaced by the words "digital government".
99. To the Law of the Republic of Kazakhstan dated December 28, 2016 "On Counterintelligence activities":
1) throughout the text, the words "objects of informatization", "objects of informatization", "objects of informatization" should be replaced, respectively, with the words "digital objects", "digital objects", "digital objects";
2) in subparagraph 4) of Article 1, the words "electronic information resources" should be replaced by the words "digital resources".
100. To the Law of the Republic of Kazakhstan dated December 30, 2016 "On Fingerprint and Genomic Registration":
1) in subparagraph 13) of Article 1, the word "electronic" should be replaced by the word "digital";
2) in article 8:
In paragraph 2, replace the words "electronic information resources" with the words "digital resources";
in the second part of paragraph 3, the words "legislation of the Republic of Kazakhstan on informatization, on personal data and their protection, state secrets" should be replaced by the words "digital legislation of the Republic of Kazakhstan, legislation of the Republic of Kazakhstan on personal data and their protection, on state secrets";
3) in article 14, replace the words "electronic information resource" with the words "digital resource";
4) in article 27, replace the words "electronic information resources" with the words "digital resources".
101. To the Law of the Republic of Kazakhstan dated December 30, 2016 "On Volunteer activities":
1) in subparagraph 3) of Article 11, the words "information system" should be replaced by the words "digital system";
2) in subparagraph 7) of paragraph 3 of Article 12, the words "information resources" should be replaced by the words "digital resources".
102. To the Law of the Republic of Kazakhstan dated February 20, 2017 "On Pastures":
In the second paragraph of the second part of paragraph 1 of Article 13, the words "information system" should be replaced by the words "digital system".
103. To the Law of the Republic of Kazakhstan dated May 6, 2017 "On Collection activities":
1) throughout the text, replace the words "objects of informatization" with the words "digital objects";
2) in the third part of paragraph 2 of Article 6-1, the words "information systems" should be replaced by the words "digital systems";
3) in subparagraph 3) of paragraph 2 of Article 12, the word "informatization" should be replaced by the word "digitalization".
104. To the Law of the Republic of Kazakhstan dated January 10, 2018 "On Evaluation Activities in the Republic of Kazakhstan":
1) in article 1:
in subparagraph 8), replace the word "written" with the words "written or electronic";
in subparagraph 9), replace the word "written" with the words "written or electronic";
2) paragraphs 1 and 2 of Article 9 shall be worded as follows:
"1. The assessment report is signed by the appraiser, and if the appraiser enters into an employment contract with a legal entity, it is approved by the head of the legal entity.
2. A written assessment report is drawn up in at least two copies, one of which is sent to the customer, the second copy is kept by the appraiser or the legal entity with which the appraiser has concluded an employment contract, in accordance with the procedure determined by the Chamber of Appraisers, and is also registered with the financial reporting depository within three working days from the date of the report. assessment.
The evaluation report is electronically generated by the appraiser in the financial reporting depository. At the same time, registration of the electronic assessment report in the financial reporting depository is not required.";
3) in paragraph 1 of article 15:
subitem 12-1) of the first part should be deleted;
in part of the third digit, "12-1)" should be deleted;
4) delete subparagraph 11-1) of the first part of paragraph 2 of Article 17.
105. To the Law of the Republic of Kazakhstan dated July 2, 2018 "On Currency Regulation and Currency Control":
in subparagraph 2) of the second part of paragraph 4 of Article 20-1:
in the second paragraph, replace the words "information system" with the words "digital system";
In the third paragraph, replace the words "e-government" with the words "digital government".
106. To the Law of the Republic of Kazakhstan dated July 2, 2018 "On the protection of children from information harmful to their health and development":
1) in article 1:
In subparagraph 6), replace the words "information security" with the word "cybersecurity".;
in subparagraph 9), replace the words "information security" with the word "cybersecurity";
2) in the first paragraph of paragraph 2 of Article 7, the words "and informatization" should be deleted.
107. To the Law of the Republic of Kazakhstan dated July 5, 2018 "On Advocacy and Legal Assistance":
1) throughout the text, the words "electronic government", "Unified information System", "unified information system", "unified information system", "Unified information system", "unified information system", "unified information system", "unified information system", "unified information system", "information system" should be replaced respectively with the words "digital government", "Unified digital system", "unified digital system", "unified digital system", "Unified digital system", "unified digital system", "unified digital system", "unified digital system", "digital system";
2) in the third part of Article 24, the words "Objects of informatization" should be replaced by the words "Digital objects".
108. To the Law of the Republic of Kazakhstan dated October 5, 2018 "On Standardization":
1) in article 1:
in sub-paragraphs 6) and 17), replace the words "information resource" with the words "digital resource";
in subparagraph 33), replace the words "information resource" with the words "digital resource";
2) in article 14:
In paragraph 2, replace the words "information system" with the words "digital system";
In subparagraph 4) of paragraph 3, the words "information systems" should be replaced by the words "digital systems".
109. To the Law of the Republic of Kazakhstan dated December 27, 2018 "On Natural Monopolies":
1) throughout the text, the words "information system", "information system", "information systems", "information systems", "information system", "information system", "electronic government" should be replaced by the words "digital system", "digital systems", "digital systems systems", "digital system", "digital system", "digital government";
2) in subparagraph 14-1) of the first part of paragraph 7 of Article 15, the words "objects of informatization" should be replaced by the words "digital objects";
3) in paragraph 2-2 of Article 23, the words "electronic platform" should be replaced by the words "digital platform".
110. To the Law of the Republic of Kazakhstan dated January 3, 2019 "On Cinematography":
Throughout the text, the words "Unified Automated Information System", "Unified Automated Information System", "Unified Automated Information System" should be replaced, respectively, with the words "Unified Automated Digital System", "Unified Automated Digital System", "Unified Automated Digital System".
111. To the Law of the Republic of Kazakhstan dated March 18, 2019 "On the Defense Industry and the State Defense Order":
1) in subparagraph 1) of Article 1, the word "informational" should be replaced by the word "digital";
2) in subparagraph 5) of Article 3, the words "information security" should be replaced by the word "cybersecurity".
112. To the Law of the Republic of Kazakhstan dated April 3, 2019 "On Special Economic and Industrial Zones":
1) in the second part of subparagraph 7) of the first part of paragraph 3 of Article 18, the word "information and communication technology" should be replaced by the word "digital";
2) in paragraph 1 of article 58, the words "information and communication technologies" should be replaced by the words "digital technologies".
113. To the Law of the Republic of Kazakhstan dated December 30, 2020 "On Technical Regulation":
1) throughout the text, the words "information system", "information system", "information system", "information system", "information systems" should be replaced by the words "digital system", "digital system", "digital system", "digital systems", respectively;
2) in subparagraph 10) of Article 1, the words "electronic database" should be replaced by the words "digital database";
3) in subparagraph 13) of paragraph 1 of Article 7, the words "sphere of informatization" should be replaced by the words "sphere of digitalization".
114. To the Law of the Republic of Kazakhstan dated June 8, 2021 "On Procurement of certain entities of the quasi-public sector":
Throughout the text, the words "information system", "information system", "information system", "information systems" should be replaced by the words "digital system", "digital system", "digital system", "digital systems", respectively.
115. To the Law of the Republic of Kazakhstan dated December 27, 2021 "On Industrial Policy":
1) throughout the text, the words "information system", "information system", "information systems", "information system", "information system", "information and communication infrastructure" of electronic government", "information and communication technologies", "information and communication services" should be replaced, respectively, with the words "digital system", "digital system", "digital systems", "digital system", "digital system", "digital infrastructure" of digital government", "digital technologies", "digital services";
2) in article 1:
in subparagraph 8-1), replace the words "electronic database" with the words "digital database";
Add sub-paragraphs 26), 27) and 28) as follows:
"26) electronic industry – an industry that includes the development, assembly, testing and manufacture of devices such as computers, computer peripherals, communication equipment, electronic devices for consumers, measuring, testing and aviation, radiation-resistant components for space, electromedical and electrotherapeutic equipment, optical devices and equipment, equipment for the study of magnetic and optical environment, as well as the production of components (integrated circuits, electronic components ("active" and "passive") and spare parts for electronic industry products;
27) products of the electronic industry – electronic components and products made from them for various purposes;
28) authorized body in the field of electronic industry – the central executive body responsible for state regulation in the field of electronic industry, as well as, within the limits provided for by the legislation of the Republic of Kazakhstan, intersectoral coordination in the field of electronic industry.";
3) in subparagraph 31) of Article 9, the words "information services" should be replaced by the words "digital services";
4) add article 10-1 as follows:
"Article 10-1. Competence of the authorized body in the field of electronic industry
Authorized body in the field of electronic industry:
1) on the basis of and in pursuance of the main directions of the internal and foreign policy of the state, defined by the President of the Republic of Kazakhstan, and the main directions of the socio-economic policy of the state, its defense capability, security, and public order, developed by the Government of the Republic of Kazakhstan, forms the state policy in the field of electronic industry in accordance with the current legislation of the Republic of Kazakhstan;
2) performs strategic, regulatory and implementation functions within its competence;
3) ensures the implementation of projects and programs in the field of electronic industry, including research and development work;
4) develops and approves the rules for the implementation of industry expertise in the field of electronic industry;
5) carries out industry expertise of projects in the field of electronic industry;
6) develops and approves, within its competence, regulatory legal acts in the field of the electronic industry;
7) carries out international cooperation in the field of electronic industry and represents the interests of the Republic of Kazakhstan in international organizations and foreign countries;
8) develops and approves the rules for the formation and maintenance of the register of trusted software and products of the electronic industry, as well as criteria for the inclusion of software and products of the electronic industry in the register of trusted software and products of the electronic industry;
9) exercise other powers provided for by this Law, other laws of the Republic of Kazakhstan, acts of the President of the Republic of Kazakhstan and the Government of the Republic of Kazakhstan.";
5) in subparagraph 6) of paragraph 3 of Article 16, the words "information services" should be replaced by the words "digital services";
6) in paragraph 1 of Article 50, the words "on informatization" should be replaced by the words "digital legislation of the Republic of Kazakhstan";
7) in paragraphs 2, 3, 4 and 5 of Article 51-2, the words "in the field of informatization" should be replaced by the words "in the field of digitalization".
116. To the Law of the Republic of Kazakhstan dated May 21, 2022 "On Biological Safety of the Republic of Kazakhstan":
1) throughout the text, the words "information system", "information systems", "information systems", "information system", "information system" should be replaced, respectively, with the words "digital system", "digital systems", "digital systems", "digital system", "digital system";
2) in article 17:
In paragraph 2, the words "Objects of informatization", "electronic information resources", "information and communication infrastructure" should be replaced, respectively, with the words "Digital objects", "digital resources", "digital infrastructure";
In paragraph 3, the words "Subjects of informatization" should be replaced by the words "Subjects of the digital environment";
In paragraph 4, the words "subjects of informatization" should be replaced by the words "subjects of the digital environment".
117. To the Law of the Republic of Kazakhstan dated December 21, 2022 "On Geodesy, Cartography and Spatial Data":
1) throughout the text, the words "information system", "information systems", "information systems", "information systems", "information systems", "information system", "electronic information resource", "electronic information resources", "information resources", "information resources" should be replaced respectively with the words "digital system", "digital systems", "digital systems", "digital systems", "digital systems", "digital system", "digital resource", "digital resources", "digital resources";
2) in article 2:
subparagraph 16) should be supplemented with the words "not exceeding the border of the administrative-territorial unit of the Republic of Kazakhstan";
subparagraph 40) should be supplemented with the words "extending to the entire territory of the Republic of Kazakhstan";
3) in paragraph 3 of article 9:
in part one, replace the words "indicating its geographical coordinates," with the words "in paper and electronic form in the format of geographic information systems indicating coordinates in established state or local coordinate reference systems,";
exclude part two;
4) in article 13:
in subparagraph 20), replace the words "electronic registry" with the words "digital registry";
add subparagraph 32-1) to read as follows:
5) delete the second part of paragraph 7 of Article 20;
6) in paragraph 3 of Article 26, the words "objects of informatization" should be replaced by the words "digital objects".
118. To the Law of the Republic of Kazakhstan dated December 28, 2022 "On Control of specific goods":
1) in article 25:
in paragraph 6:
in subparagraph 3) of Part one, replace the words "electronic government" with the words "digital government";
In part three, replace the words "electronic information resources" with the words "digital resources";
in subparagraph 4) of paragraph 8, the words "information systems" should be replaced by the words "digital systems";
in subparagraph 2) of paragraph 12, replace the words "information systems" with the words "digital systems";
2) in subparagraph 4) of paragraph 2 of article 26, the words "information systems" should be replaced by the words "digital systems";
3) in paragraph 2 of article 28, the words "information systems" should be replaced by the words "digital systems".
119. To the Law of the Republic of Kazakhstan dated December 30, 2022 "On Restoration of Solvency and Bankruptcy of Citizens of the Republic of Kazakhstan":
1) throughout the text, replace the words "e-government" with the words "digital government";
2) in article 11:
In paragraph 2, replace the words "information systems and electronic information resources" with the words "digital systems and digital resources";
In part four of paragraph 3, the words "legislation of the Republic of Kazakhstan on electronic document and electronic digital signature" should be replaced by the words "digital legislation of the Republic of Kazakhstan".
120. To the Law of the Republic of Kazakhstan dated January 2, 2023 "On Flora":
In subparagraph 4) of the second paragraph of the second part of paragraph 1 of Article 34, the words "electronic government" should be replaced by the words "digital government".
121. To the Law of the Republic of Kazakhstan dated February 6, 2023 "On Digital Assets in the Republic of Kazakhstan":
1) in article 1:
in subparagraph 2), replace the words "information and communication technologies" with the words "digital technologies";
in subparagraph 9), replace the words "information and communication infrastructure" with the words "digital infrastructure";
2) in subparagraph 4) of paragraph 2 of Article 3, the words "electronic information resources" should be replaced by the words "digital resources";
3) in subparagraph 2) of paragraph 2 of Article 10, the words "information security" should be replaced by the word "cybersecurity".
122. To the Law of the Republic of Kazakhstan dated July 4, 2023 "On Professional Qualifications":
Throughout the text, the words "information system" and "information systems" should be replaced with the words "digital system" and "digital systems", respectively.
123. To the Law of the Republic of Kazakhstan dated July 12, 2023 "On the return of Illegally Acquired Assets to the State":
In subparagraph 3) of the first part of paragraph 2 of Article 15, the words "electronic government" should be replaced by the words "digital government".
124. To the Law of the Republic of Kazakhstan dated June 10, 2024 "On the production and turnover of organic products":
In subparagraph 3) of article 1, the words "information system" should be replaced by the words "digital system".
125. To the Law of the Republic of Kazakhstan dated June 19, 2024 "On Mass Media":
In subparagraph 6) of paragraph 1 of article 25, the words "electronic government" should be replaced by the words "digital government".
126. To the Law of the Republic of Kazakhstan dated July 1, 2024 "On Public Procurement":
1) throughout the text, the words "information system", "information systems", "information systems", "information system", "information systems", "information systems", "information security", "information security", "information subsystem" should be replaced by the words "digital system", "digital systems", "digital systems", "digital system", "digital systems", "digital systems", "cybersecurity", "cybersecurity", "digital subsystem";
2) in paragraph 13 of Article 8, the words "electronic databases" should be replaced by the words "digital databases";
3) in the first part of paragraph 4 of Article 11, the words "legislation of the Republic of Kazakhstan on informatization" should be replaced by the words "digital legislation of the Republic of Kazakhstan";
4) paragraph 8 of Article 17 should be supplemented with the following third part:
"The provision of the first part of this paragraph does not apply to cases of concluding public procurement contracts with the digital government operator.";
5) in sub-paragraphs 5) and 7) of article 22, the words "electronic information resources" should be replaced by the words "digital resources";
6) in subparagraph 1) of paragraph 3 of Article 23, the words "legislation of the Republic of Kazakhstan on electronic document and electronic digital signature" should be replaced by the words "digital legislation of the Republic of Kazakhstan".
127. To the Law of the Republic of Kazakhstan dated July 1, 2024 "On Science and Technology Policy":
Throughout the text, the words "information system", "information system", "object of informatization" should be replaced, respectively, with the words "digital system", "digital system", "digital object".
128. To the Law of the Republic of Kazakhstan dated July 5, 2024 "On Combating Human Trafficking":
In subparagraph 3) of paragraph 2 of article 12, the words "information systems" should be replaced by the words "digital systems".
129. To the Law of the Republic of Kazakhstan dated March 3, 2025 "On the special Status of the City of Turkestan":
Throughout the text, the words "informatization sphere" should be replaced with the words "digitalization sphere".
130. To the Law of the Republic of Kazakhstan dated June 12, 2025 "On Aquaculture":
Throughout the text, the words "information system", "information system", "information system", "information system", "information systems and electronic information resources" should be replaced, respectively, with the words "digital system", "digital system", "digital system", "digital systems and digital resources". resources".
131. To the Law of the Republic of Kazakhstan dated June 30, 2025 "On Territorial Defense of the Republic of Kazakhstan":
in article 23:
in subparagraph 2) of the first part of paragraph 7, the words "information systems" should be replaced by the words "digital systems";
In subparagraph 2) of the second part of paragraph 8, the words "information systems" should be replaced by the words "digital systems".
Article 2. This Law shall enter into force six months after the date of its first official publication, with the exception of:
1) subparagraph 8) of paragraph 7 of Article 1, which shall enter into force from the date of its first official publication.;
2) sub-paragraphs 6) and 7) of paragraph 8, paragraph nine of subparagraph 2) of paragraph 70 of Article 1, which will enter into force on January 1, 2026;
3) paragraph of the twelfth subparagraph (5) of paragraph 3 of Article 1, which will enter into force on January 1, 2027.
President
Republic of Kazakhstan
© 2012. RSE na PHB "Institute of Legislation and Legal Information of the Republic of Kazakhstan" of the Ministry of Justice of the Republic of Kazakhstan
Constitution Law Code Standard Decree Order Decision Resolution Lawyer Almaty Lawyer Legal service Legal advice Civil Criminal Administrative cases Disputes Defense Arbitration Law Company Kazakhstan Law Firm Court Cases
