On the ratification of the Agreement on Cooperation of the Member States of the Commonwealth of Independent States in Combating Crimes in the field of Information Technology

Home / RLA / On the ratification of the Agreement on Cooperation of the Member States of the Commonwealth of Independent States in Combating Crimes in the field of Information Technology

The Law of the Republic of Kazakhstan dated December 9, 2019 No. 277-VI SAM.

To ratify the Agreement on Cooperation of the member States of the Commonwealth of Independent States in Combating Crimes in the field of information technology, committed in Dushanbe on September 28, 2018.

President of the Republic of Kazakhstan

K. TOKAEV

agreement on cooperation of the Member States of the Commonwealth of Independent States in combating crimes in the field of information technology

(Officially certified text)

The Member States of the Commonwealth of Independent States, hereinafter referred to as the Parties,

in order to ensure an effective fight against crimes in the field of information technology,

Convinced that coordinated actions by the Parties in the fight against crimes in the field of information technology are an urgent need,

Striving to create a legal framework for cooperation between the law enforcement agencies of the Parties in combating crimes in the field of information technology,

have agreed on the following:

Article 1 Basic terms

For the purposes of this Agreement, the terms used therein mean:

malicious program is a created or existing program with specially made changes that knowingly leads to unauthorized destruction, blocking, modification or copying of information, disruption of the information (computer) system.;

Information technology is a set of methods, production processes, and software and hardware combined into a technological complex that ensures the collection, creation, storage, accumulation, processing, retrieval, output, copying, transmission, dissemination, and protection of information.;

An information system is an organizationally ordered set of tools that implement certain technological actions through information processes designed to solve specific functional tasks.;

A computer system is a complex of hardware and software tools designed for automated collection, storage, processing, transmission and receipt of information;

computer information is information stored in the memory of a computer system, on machine or other media in a form accessible to the perception of a computer system, or transmitted through communication channels;

unauthorized access to information is access to protected information in violation of the rights or rules established by its owner, the owner and (or) the legislation of the Parties.

Article 2 General provisions

1. The Parties, in accordance with this Agreement, national legislation and international treaties to which they are parties, shall cooperate in order to ensure the prevention, detection, suppression, disclosure and investigation of crimes in the field of information technology.

2. The Parties shall take the necessary organizational and legal measures to comply with the provisions of this Agreement.

3. The Parties shall strive to bring together national legislation in the field of combating crimes in the field of information technology.

Article 3 Criminally punishable acts

1. The Parties recognize, in accordance with national legislation, as criminally punishable the following acts in the field of information technology, if they are committed intentionally:

a) destruction, blocking, modification or copying of information, disruption of the information (computer) system by unauthorized access to legally protected computer information;

b) creation, use, or distribution of malware;

c) violation of the rules of operation of a computer system by a person who has access to it, resulting in the destruction, blocking or modification of legally protected computer information, if this act has caused significant harm or serious consequences.;

d) theft of property by changing information processed in a computer system, stored on machine media or transmitted over data transmission networks, or by introducing false information into a computer system, or involving unauthorized access to legally protected computer information;

e) distribution using the Internet information and telecommunication network or other electrical communication channels of pornographic materials or objects of a pornographic nature with the image of a minor;

f) manufacture or sale of special software or hardware for obtaining unauthorized access to a secure computer system or network;

g) illegal use of programs for computer systems and databases that are objects of copyright, as well as attribution of authorship, if this act has caused significant damage;

h) distribution using the Internet information and telecommunication network or other electrical communication channels of materials recognized in accordance with the established procedure as extremist or containing calls for terrorist activities or justification of terrorism.

2. The definition of the concepts of "substantial harm", "grave consequences" and "substantial damage" is within the competence of the Parties.

Article 4 Competent authorities

1. Cooperation of the Parties within the framework of this Agreement is carried out between the competent authorities directly.

2. The list of competent authorities is determined by each Party and transmitted to the depositary upon delivery of a notification on the implementation of internal procedures necessary for the entry into force of this Agreement.

The Parties shall immediately notify the depositary of changes to the list of competent authorities.

3. The competent authorities of the Parties, if necessary, may additionally determine the procedure for interaction and the list of persons authorized to carry it out, which they directly notify each other about.

Article 5 Forms of cooperation

The competent authorities of the Parties within the framework of this Agreement shall cooperate in the following forms::

a) exchange of information, including:

about upcoming or committed crimes in the field of information technology and individuals and legal entities involved in them;

on the forms and methods of prevention, detection, suppression, disclosure and investigation of crimes in this area;

about the ways of committing crimes in the field of information technology;

on national legislation and international treaties of the Parties regulating the prevention, detection, suppression, disclosure and investigation of crimes in the field of information technology;

b) execution of requests for assistance in obtaining information that may contribute to the prevention, detection, suppression, disclosure and investigation of a crime committed against a citizen of the requesting Party or on the territory of the requesting Party, on the conduct of operational search activities;

c) planning and conducting coordinated measures and operations for the prevention, detection, suppression, disclosure and investigation of crimes in the field of information technology;

d) assistance in the training and advanced training of personnel, including through internships for specialists, the organization of conferences, seminars and training courses;

e) creation of information systems and software products that ensure the fulfillment of tasks related to the prevention, detection, suppression, disclosure and investigation of crimes in the field of information technology;

f) exchange of publications and research results, as well as conducting joint scientific research on issues of mutual interest in combating crimes in the field of information technology;

g) exchange of regulatory legal acts, scientific and technical literature on combating crimes in the field of information technology;

h) exchange of software products and solutions used in the prevention, detection, suppression, disclosure and investigation of crimes in the field of information technology within the framework of interaction and exchange of experience;

i) execution of a request for urgent security of data stored in computer systems;

k) other mutually acceptable forms.

Article 6 Request for assistance

1. Cooperation under this Agreement is carried out on the basis of requests from the competent authorities of the Parties for assistance (hereinafter referred to as the request). Information may be provided to the competent authority of the other Party without request, if there are grounds to believe that it is of interest to the designated competent authority.

2. The request is sent in writing. In urgent cases, requests can be transmitted using technical means of communication or orally, but after that they must be confirmed in writing within 3 days.

The request and the materials of the executed request may be transmitted through technical communication channels if there is a bilateral agreement between the competent authorities of the Parties or these channels are defined by other international treaties to which the Parties are parties.

3. The request must contain:

a) the name of the competent authority of the requesting Party and the competent authority of the requested Party;

b) statement of the merits of the case;

c) specifying the purpose and justification of the request;

d) the content of the requested assistance;

e) desirable deadlines for the execution of the request;

f) any other information that may be useful for the execution of the request, including relevant documents or certified copies thereof;

g) a reference to this Agreement.

4. The request submitted or confirmed in writing is signed.:

a) by the head of the requesting competent authority or his deputy and is stamped with the stamp of the competent authority, if information is exchanged between non-core units of the competent authorities;

b) the head of an independent central specialized subdivision of the competent authority and is affixed with the stamp of an independent central specialized subdivision of the competent authority - if information is exchanged between independent specialized subdivisions of the competent authorities.

Article 7 Execution of the request

1. The competent authority of the requested Party shall take all necessary measures to ensure the full and high-quality execution of the request within the time limits specified by the competent authority of the requesting Party.

2. The competent authority of the requesting Party shall be notified immediately of the circumstances that impede or significantly delay the execution of the request.

3. If the execution of the request is not within the authority of the competent authority of the requested Party, the said competent authority shall immediately transmit it to the appropriate competent authority of the requested Party and notify the initiator of the request accordingly.

4. When executing a request, the legislation of the requested Party is applied.

5. The competent authority of the requested Party may, at the request of the competent authority of the requesting Party, provide an opportunity for its representatives to be present during the execution of the request.

6. If the competent authority of the requested Party considers that the execution of the request may interfere with criminal prosecution or other proceedings carried out in the territory of the requested Party, it may postpone the execution of the request or bind its execution to the conditions determined as necessary, after consultation with the competent authority of the requesting Party. If the competent authority of the requesting Party agrees to provide assistance under the proposed conditions, it must comply with these conditions.

7. The competent authority of the requested Party shall inform the competent authority of the requesting Party as soon as possible of the results of the execution of the request.

Article 8 Confidentiality of information

1. The competent authorities of the Parties shall ensure the confidentiality of information received in accordance with this Agreement, including the fact of receipt and content of the request, if the competent authority of the requesting Party considers it undesirable to disclose them.

2. If it is impossible to maintain confidentiality in the execution of the request, the competent authority of the requested Party shall inform the competent authority of the requesting Party about this in order to decide on the possibility of executing the request under such conditions.

3. If the competent authority of the requesting Party does not agree on the execution of the request under such conditions, the competent authority of the requested Party shall be notified of the relevant decision.

Article 9 Use of the results of the execution of the request

1. The results of the execution of the request may not be used without the consent of the competent authority of the requested Party that provided them for purposes other than those for which they were requested and provided.

2. The competent authority of the requesting Party may use the results of the execution of the request for other purposes only with the written consent of the competent authority of the requested Party. In such cases, the competent authority of the requesting Party shall comply with the restrictions on the use of the results of the request established by the competent authority of the requested Party.

Article 10 Transfer of information to a third party

In order to transfer to a third party information received by the competent authority of the requesting Party on the basis of this Agreement, the prior written consent of the competent authority of the requested Party who provided this information is required.

Article 11 Refusal to execute a request

1. The execution of a request under this Agreement may be refused in whole or in part if the competent authority of the requested Party considers that the execution of the request:

may harm the sovereignty, security or national interests of his State, public order, as well as the rights and legitimate interests of citizens.;

contradicts the national legislation or international obligations of the requested Party.

2. In the event of a decision to refuse to execute the request, the competent authority of the requested Party shall immediately inform the competent authority of the requesting Party in writing of its decision.

Article 12 Expenses

The competent authorities of the Parties shall independently bear the costs incurred during the implementation of this Agreement, unless a different procedure is agreed in each specific case.

Article 13 Relationship with other international treaties

This Agreement does not affect the rights and obligations of each of the Parties arising for it from other international treaties to which it is a party.

Article 14 Settlement of disputes

Any disagreements arising in the application and interpretation of this Agreement shall be resolved through consultations and negotiations between the Parties concerned.

Article 15 Making changes and additions

By agreement of the Parties, amendments and additions may be made to this Agreement, which are an integral part of it, which are formalized by the relevant protocol.

Article 16 Accession

After its entry into force, this Agreement is open for accession by any member State of the Commonwealth of Independent States by submitting an instrument of accession to the depositary.

For the acceding State, the Agreement shall enter into force 30 days after the date of receipt by the depositary of the instrument of accession.

Article 17 Entry into force

1. This Agreement shall enter into force 30 days after the date of receipt by the depositary of the third notification that the Signatories have completed the internal procedures necessary for its entry into force.

For the Parties that have completed the internal procedures later, this Agreement shall enter into force 30 days after the date of receipt by the depositary of the relevant documents.

2. As of the date of its entry into force, the Agreement on Cooperation of the Member States of the Commonwealth of Independent States in Combating Crimes in the Field of Computer Information dated June 1, 2001, shall terminate in relations between the States Parties to this Agreement.

Article 18 Period of validity

This Agreement is concluded for an indefinite period.

Each of the Parties may withdraw from this Agreement by notifying the depositary in writing. The Agreement shall terminate in respect of such Party 6 months after the date of receipt by the depositary of the relevant notification.

Done in Dushanbe on September 28, 2018, in one original copy in Russian. The original copy is kept in the Executive Committee of the Commonwealth of Independent States, which will send a certified copy to each signatory State of this Agreement.

For the Republic of Azerbaijan

For the Russian Federation

For the Republic of Armenia

For the Republic of Tajikistan

For the Republic of Belarus

For Turkmenistan

For the Republic of Kazakhstan

For the Republic of Uzbekistan

For the Kyrgyz Republic

For Ukraine

For the Republic of Moldova

I hereby certify that the attached text is an authentic copy of the Agreement on Cooperation between the member States of the Commonwealth of Independent States in Combating Crimes in the Field of Information Technology, signed at the meeting of the Council of Heads of State of the Commonwealth of Independent States, which took place on September 28, 2018 in Dushanbe. The original copy of the above-mentioned Agreement is kept in the Executive Committee of the Commonwealth of Independent States.

First Deputy Chairman of the Executive Committee – CIS Executive Secretary

V. A. Guminsky

The Law On the Security Council Of the Republic of Kazakhstan

This Law defines the legal status, competence and organization of activities of the Security Council of the Republic of Kazakhstan.

President

Republic of Kazakhstan

Constitution Law Code Standard Decree Order Decision Resolution Lawyer Almaty Lawyer Legal service Legal advice Civil Criminal Administrative cases Disputes Defense Arbitration Law Company Kazakhstan Law Firm Court Cases