Activities of the Personal Data
Protection Inspector: Overview
Ms. Nina Sarishvili
Office of the Personal Data Protection Inspector of Georgia
07.11.2014
Background Information
INTERNATIONAL INSTRUMENTS
CoE 108 Convention
AP on Supervisory Authorities and
Trans-Border Data Flows
NATIONAL LEGISLATION
Law on Personal Data Protection
Statute of Inspector
Background Information
The Office of the Personal Data Protection Inspector
Established – July 2013
Basic functions of Georgian DPA
Dealing with complaints
Inspecting public and private bodies
Raising public awareness and educating
data controllers
Consulting public and private bodies
Citizens’ Complaints - 22
7%
7%
Direct marketing
27%
7%
Disclosure/transmit
Video surveillance
6%
Correction of data
6%
Illegal processing of data
Termination of using data
40%
Sensitive data
Inspections
18 Agencies Inspected
 Ministry of Corrections and Probations
 Government Chancellery and 12
Ministries
 Penitentiary System
 Ministry of Internal Affairs
 Office of the Chief Prosecutor of Georgia
Consultations
702 Consultations
Public Sector
Private Sector
Citizens
Consultations
1%
15%
63
15%
61%
8%
639
Data processing
Disclosure/transmit
Data subject rights
Filing systems
Others
Verbal
Written
Adjusted/Modified Databases and Systems
based on Inspector’s Engagement
 Surveillance via Video/Audio and other
technical means used by penitentiary
institutions
 Electronic service for IDP/Refugee status
holders
 Worknet –electronic system for job and
career
 HR.gov.ge – online application form for
career in civil service
 HR management electronic program for
public bodies
PDP Policy documents reviewed by
DPA
Ministry of Internal
Affairs
Ministry of Corrections
Public Service
Development Agency
Microfinance organization
– Credo
British-American Tobacco
Company
Restricted access to databases due to
Inspector’s involvement
 Access of Tbilisi Municipality to
the database of Social Service
Agency
 Access of Georgian Post to the
Civil Registry database
 Access of mobile operators to
the Civil Registry database
 Access of Central Election
Commission to the database of
citizens with disabilities
Database Catalogues
Organisations
Catalogues
60
3537
1646
Public Institutions
Private Institutions
1533
180
15
15 57
16 34
254
58
5 12
4 6
35 54
7 14
305
18
4453
1706
Number of
Organisations
Number of
Catalogues
Guidelines and Recommendations
Thematic and sector specific Guidelines and Recommendations
• Personal Data Protection in Labour
Relations
• Data Processing for Direct Marketing
Purposes
• Video Surveillance Systems
• Data Protection and Online Privacy
• Protection of Medical Data
• Data Processing in Insurance Sector
Trainings
Cooperation with Training Centers
Basic Training Manual
Thematic manuals and
Trainings’ Plans
800 public officials and private
sector representatives trained on
personal data protection related
issues
Priorities
Eradicating systemic discrepancies and assisting public and private bodies to
adapt their systems to privacy regulations
Public Awareness raising and education of data controllers and data processors
Regulating access of organizations to different databases including private
sector data
Balancing data protection and freedom of
information
Priorities
Promote Privacy by Design Approach
Proactive measure
Preventative measure
Automatic protection of personal data
embedded into the design and architecture
of IT systems and business practices
Thank You
?
nsarishvili@pdp.ge
15, Apakidze Str., 0171, Tbilisi Georgia
Tel: (995 532) 2421000*102
www.pdp.ge
www.personaldata.ge
facebook.com/DPAGeorgiaOfficial
twitter.com/DPAofGeorgia