DATA PROTECTION ISSUES IN ARMENIA

25.03.2013

DATA PROTECTION ISSUES IN ARMENIA

Samvel Martirosyan
Expert, Center for Information Studies, “Noravank” Foundation

The Republic of Armenia is becoming more and more digitalized country. Only digitization of state institutions, the electronic management systems has considerably developed in terms of quantity and quality in recent two years. In the private sector use of the information technologies is developing much faster. Alongside with these positive developments the number of threats is also growing because big data bases appeared in vulnerable space. It refers not only to personal but also to other data which protection issues and technical and content developments are processing slower and this may bring to drastic consequences.

In 2012-2013 several attempts of attacks on rather big data bases in Armenia were registered. Thus, in March 2012 the Azerbaijani hackers placed on the Internet the emails of about 200 Armenian users with their passwords¹. In May 2012 about 3000 Armenian email accounts with their passwords appeared on the web². The same story repeated in July³. In all the cases there were grounded suspicions that the hacker groups managed to get the data bases from different Armenian web-sites were the users registered their email accounts. In 2013 the Azerbaijani hackers hacked Armenian kuku.am social network⁴, after which they publicly released on the web the email accounts of 16 thousand users.

The domains were also attacked. In December 2012 Azerbaijani hackers also managed to penetrate into the database of a domain selling company⁵, and in consequence a number of web-sites suffered from attacks⁶. In February 2013 Azerbaijani hackers attacked database of another Armenian company which was selling domain names; as a result passwords from domain names were openly released on the web. As a result of prompt measures no damage was done⁷.

Azerbaijani and Turkish hackers monthly hack several dozens even several hundreds of Armenian web-sites. Generally attacks on these sites do not have drastic consequences because they do not contain any significant public or state information. Hence, over the last year a number of web-sites, which belong to the organizations dealing with personal data, suffered from attacks. E.g. the web-site of a company providing Internet and telephone communication was attacked⁸. In this given case the company insists that the hackers could not penetrate into the data base⁹. The attacks on the banks’ web-sites pass more inconspicuously, though in the recent period a number of causes were registered¹⁰.

In such cases the real extent of damage, possible leakage of information stay secret for public. The problem is that there is no public control in these spheres; meanwhile state control, even if it exists, is not transparent.

Another question is that the protection of personal data directly contradicts to the reality. Thus, according to the Personal Data Protection Law¹¹, processing of personal data about subjects, their open publication implies that the subject is informed about it. But Article 7 of the Electoral Code reads open publication of the register of the electorate on the web-site of the Central Electoral Commission¹². This system allows finding out the date of birth and registration address of the elector. Besides, police, in its turn, places on the web the electoral register in accordance with the registration address of the voters; on the one hand this promotes democratic processes but on the other hand it is a considerable problem in the aspect of personal data protection.

Availability of such issues on one side, and absence of public discussion on them on the other side, prove that protection of personal data becomes a crucial problem in Armenia, taking into consideration the fact that the process of digitalization is growing at a fast pace.

¹ Azerbaijanis Hacked the Email Accounts of the Armenian users http://www.aravot.am/2012/03/22/51278/

² URGENT: New attack on the Armenian email accounts http://kornelij.livejournal.com/1234116.html

³ URGENT: New attack on the Armenian web-sites http://kornelij.livejournal.com/1236276.html

⁴ http://zone-h.org/mirror/id/19203250

⁵ http://zone-h.org/mirror/id/18775112

⁶ IT Specialist – This year 10 Azerbaijani web-sites were hacked http://www.panorama.am/am/society/2013/01/31/haqer/

⁷ “ABC Domain blocked use of the stolen passwords” http://times.am/?l=am&p=18621

⁸ The Turkish hackers hacked Beeline.am web-site http://www.emedia.am/hy/1339571422

⁹ Today three Armenian web-sites suffered from hacker attacks http://www.azatutyun.am/content/article/24613469.html

¹⁰ Evidences of hacker attacks on a number of banks http://zone-h.org/mirror/id/19266521 , http://zone-h.org/mirror/id/11289747 , http://zone-h.org/mirror/id/7705151

¹¹ Personal Data Protection Law of the Republic of Armenia, http://www.parliament.am/legislation.php?sel=show&ID=1331&lang=arm.

¹² Electoral Code of the Republic of Armenia http://res.elections.am/images/doc/_code.pdf.

“Globus” analytical journal, #3, 2013

Return

Another materials of author

MEDIA CONFRONTATION BETWEEN ARMENIAN AND AZERBAIJANI FORCES[08.04.2016]
SAMVEL MARTIROSYAN: WHY AZERBAIJANI MEDIA STAYED SILENT[06.04.2016]
SOCIAL MEDIA IN ARMENIA (2015 data)[10.07.2015]
TELECOMMUNICATIONS INDUSTRY OF ARMENIA IN 2014 [15.05.2015]
POTENTIAL MODELS OF INTERNET GOVERNANCE AND ARMENIA’S APPROACHES[27.04.2015]
PROPOSALS REGARDING CYBERSECURITY OF ARMENIA[30.10.2014]
DDOS ATTACKS ON ARMENIA CAUSE CONCERNS[12.05.2014]
HACKER ACTIVITY BETWEEN ARMENIA AND AZERBAIJAN [03.03.2014]
SNOWDEN’S DISCLOSURE: WORLD UNDER THE AMERICAN AND BRITISH SURVEILLANCE[03.12.2013]
PENETRATION OF INTERNET INTO THE SOUTH CAUCASUS[04.10.2013]