I. Legal Framework
Constitutional privacy framework
The Constitution of the Republic of Armenia (RA) was amended by referendum on November 27, 2005. According to article 23 of the Constitution of RA:
Everyone shall have the right to respect for his private and family life.
The collection, maintenance, use or dissemination of any information about the person other than that stipulated by the law without the person's consent shall be prohibited. The use and dissemination of information relating to the person for purposes contravening the aims of their collection or not provided for by the law shall be prohibited.
Everyone shall have the right to become acquainted with the data concerning him/her available in the state and local self-government bodies.
Everyone shall have the right to correction of any non-verified information and elimination of the illegally obtained information about him/her.
Everyone shall have the right to secrecy of correspondence, telephone conversations, mail, telegraph and other communications, which may be restricted only by court decision in cases and in conformity with the procedure prescribed by the law.1
The grounds for carrying out searches are determined by the Constitution of the Republic of Armenia:
Everyone shall have the right of inviolability of the residence. Breaking into a person's residence against his/her will shall be prohibited save in cases prescribed by the law.
The place of residence can be searched only by the decision of the court in cases and in conformity with the procedure prescribed by law.2
The previous Constitution entitled an individual "to defend his or her private and family life from unlawful interference and defend his or her honor and reputation from attack." In addition to articulating more clearly the individual's right to privacy, the amendment also includes new freedom of information protections concerning the personal data collected by public agencies. The Constitution now explicitly provides for rights of access, correction, and destruction of personal information held by the government.
Statutory rules on privacy
On October 8, 2002, the "Law of the Republic of Armenia on Personal Data" was adopted and since January 2003, it has been in force. This Law regulates relationships that arise during the processing of personal data by state or local self-governance bodies, state or municipal institutions, as well as natural persons and legal entities. The Law does not regulate relationships related to the processing of personal data published in public sources and not considered to be of special importance, as well as related to the processing of personal data by natural persons for their personal, family or other matters.
According to the Law, personal data is any data on facts, cases, circumstances with regard to a natural person, contained on a physical carrier and in a form that allows or may allow someone to identify the individual.3 Personal data are collected for strictly defined and announced legal purposes and cannot be used for other purposes except in cases prescribed by the law. It is prohibited to collect and process personal data that are not required for the purpose for which the data are processed.4
Personal data processing is legal: When the data subject consents to personal data processing; When data processing is required for the protection of the data subject's vital interests, if there is no ground to presume that the data subject would not consent to their processing; In cases prescribed by the law or directly following from the provisions of the law or when data processing required for the law implementation; When it is required for state or public safety. Data subject may withdraw his/her consent at any time in a written form. Consent cancellation shall not have a retroactive effect.5
The Law allows the transfer of personal data to third countries with the consent of the subject providing the personal data. However, the Law lacks procedures for forwarding of personal data to third countries, and there is no supervisory body named to inspect and grant permission for such transfers.6
- 1. http://www.president.am/library/eng/?task=41&id=3&page=2
- 2. Id. at article 24.
- 3. Law of the Republic of Armenia on Personal Data, article 2.
- 4. Id. at article 4.
- 5. Id. at article 6.
- 6. Email from David Sandukchyan, Global Internet Policy Initiative, to Allison Knight, Research Director, Electronic Privacy Information Center, June 11, 2007 (on file with EPIC).