How civil servants are controlled - investigation by the Georgian Personal Data Protection Service

How civil servants are controlled in Georgia

The Personal Data Protection Service of Georgia has found that a special program was installed on almost three thousand computers of one of the ministries, which collected and analyzed detailed information from the computers of all employees, some of whom were not aware of the program.

The data included the name of the programs used by employees (for example: Opera, Google Chrome, PDF, Word, Excel), the period of their use, the name of the active windows opened in programs, etc.

According to the agency, information for each employee was available on a website. Fifteen programs that employees used the longest (Excel, Teamviewer, Photoshop, Powerpoint, and others) were identified.

It should be noted that the detailed information collected by the program was available to about 30 employees of the institutions that are part of the ministry’s system (including personnel departments).

• Georgian media outlets: intelligence services spy on church leaders and even nuns
• Georgian State Security Service: calls to overthrow government is a criminal offence

The Personal Data Protection Service has established:

● The ministry explained its actions by the need for “self-control” of working hours for employees and information security. However, the amount of data processing for self-control purposes was carried out without the consent of employees and information and was therefore unjustified.

● This indicates a violation of article 17 (data security) of the Georgian law on the protection of personal data, so the ministry was declared the offender.

● Given the complexity of the data processing process through the technical assistance program, the Ministry was instructed to stop it and delete already processed data for the purposes of monitoring / self-control of employees through this software.