By Eka Janashia (12/10/2014 issue of the CACI Analyst)
On November 30, the parliament of Georgia overruled President Giorgi Margvelashvili’s veto and adopted the government-backed law on surveillance and eavesdropping, maintaining direct access for the Ministry of Internal Affairs’ (MIA) to telecom operators’ networks.
Meanwhile, Margvelashvili’s alternative bill – prohibiting interception of communications by the law enforcement agencies without court authorization, and the Republican Party’s (RP) separate, competing bill – intended to sever the MIA’s direct access to telecommunication operators’ networks – were voted down by the parliament.
In 2010, the previous parliament adopted a legislative amendment empowering the MIA to install “black box” spy devices in telecommunication companies’ networks. Opposition parties and watchdog groups strongly criticized the move and accused the then-ruling United National Movement (UNM) party of establishing illegal surveillance practices in Georgia to strengthen its grip on power.
However, in May 2014, the disclosure of wiretapped phone conversations of incumbent and former high officials, including parliament speaker Davit Usupashvili and then-defense minister Irakli Alasania, prompted allegations that the ruling GD coalition had continued illicit eavesdropping after assuming leadership.
The enduring question whether security agencies should keep direct, unfettered access to telecom operators’ networks – “key” as it has been labeled informally – has inflamed debates among politicians, lawyers and lawmakers even within the GD coalition.
The government-backed bill prepared by the chairwoman of the parliamentary human rights committee MP Eka Beselia, her deputy MP Gedevan Popkhadze, and the chairman of the defense and security committee MP Irakli Sesiashvili, supported the MIA’s sustained access to telecom operators’ networks whereas RP – one of the GD coalition’s founders, insisted that the MIA should be deprived of this capability. This position was shared by a few other GD MPs, the Free Democrats (FD), which recently left the coalition, and UNM.
Advocates of the government-sponsored bill asserted that the MIA, incorporating intelligence and security agencies, should maintain a “key” to deal with growing “security challenges” efficiently. To avoid unlimited access, however, the bill’s sponsors suggested a “two-key system,” where one should be kept in the MIA and the other at the Personal Data Protection Inspector’s Office (PDPIO). In spite of having direct access to telecom operators’ servers, the MIA will not be able to start interception and monitoring of communications without the permission of the PDPIO’s, which will in turn be equipped with relevant technical capabilities.
Opponents argued that a more precise reading of the law, involving numerous technical terms about a lawful interception management system, enables the MIA to bypass PDPIO and thus fails to provide a genuinely balanced system. The law grants PDPIO the right to issue technical permission for the security agencies to launch lawful interception of communications, meaning that the PDPIO’s competence goes beyond a monitoring function and makes it part of the process. Holding the “key,” PDPIO is able to execute actions rather than simply observing them, while its major function is to oversee that surveillance is pursued in compliance with court warrants, as put by one opponent of the law, Free Democrat Shalva Shavgulidze.
On November 27, the parliament voted down a separate, competing bill introduced by RP. It envisaged the transmission of a “key” to the Georgian National Communication Commission and depriving the MIA of its direct access. RP leader Usupashvili said that the examples of some European countries, presented by the supporters of government’s bill, where the interior ministries have direct access to telecom operators’ networks, were irrelevant as the structure of those agencies are completely different from Georgia’s MIA, which incorporates not only police forces, but also security and intelligence agencies.
Earlier this year, the civil society organizations (CSO) engaged in the parliament’s working group – including the Georgian Young Lawyers’ Association and Transparency International Georgia – presented a “two key” model. Like RP, CSO also supported depriving the MIA of access to telecom operators and instead suggested to grant “keys” both to the telecom operators themselves and the judiciary. In this model, the judiciary would issue a warrant for surveillance upon the request of the security agencies and would in the event of approval technically allow interception to begin.
PM Irakli Gharibashvili slammed the CSO’s initiative, saying that the owners of all the three largest mobile phone operator companies in Georgia are foreigners and the country “cannot rely on foreign companies when it comes to state security and citizens’ security.”
Initially, the “two key” proposal was aired in late September at a conference in Tbilisi attended by European experts on personal data protection invited by the Council of Europe (CoE). One of the experts, Joseph Cannataci, said the idea of a “two key” system is that holder institutions will gain separate access to communication operator’s networks, implying that the MIA cannot get admission alone but will need confirmation from the second holder institution.
While the government insists that the law on surveillance and eavesdropping is intended to reflect this cornerstone principle, the shortfalls of the law suggest something deferent. In this respect, GD seems willing to continue the UNM’s tendency to enhance the MIA’s unfettered power instead of subjecting it to institutional checks and democratic oversight. The Georgian watchdog groups pledged to protest the law through streets demonstrations and by appealing against the Georgian state in the Constitutional Court.