Cybersecurity 2019 | Albania

1 CRIMINAL ACTIVITY

1.1 Would any of the following activities constitute a criminal offence in your jurisdiction? If so, please provide details of the offence, the maximum penalties available, and any examples of prosecutions in your jurisdiction:

The content of the following offences can be found in various articles of the "Criminal Code of the Republic of Albania", even though the latter does not provide a literal denomination of them.

Hacking (i.e. unauthorised access)

Hacking constitutes a criminal offence in the Albanian jurisdiction. Article 192/b/1 of the "Criminal Code of the Republic of Albania" provides that unauthorised access or excess of authorisation to a computer system or part of it, through violation of security measures, is punishable by a fine or imprisonment for up to three years. According to the Final Report of the General Prosecutor on the state of criminality for the year 2017, 11 cases have been recorded by the Prosecution body, two of which have ended with the sentencing of the accused, but no further details have been given.

Denial-of-service attacks

Article 293/c/1 of the "Criminal Code of the Republic of Albania" provides that the creation of serious and unauthorised obstacles to harm the function of a computer system, through insertion, damage, deformation, change or deletion of data, is punishable with imprisonment for three to seven years. According to the Final Report of the General Prosecutor on the state of criminality for the year 2017, four cases have been recorded by the Prosecution body, but no details have been given on the cases.

Phishing

Article 143/b of the "Criminal Code of the Republic of Albania" states that adding, modifying or deleting computer data or interfering in the functioning of a computer system, with the intention of ensuring for oneself or for third parties, through fraud, unfair economic benefits or causing a third party reduction of wealth, is punishable by imprisonment for six months to six years and a fine from 60,000 Leke to 600,000 Leke. According to the Final Report of the General Prosecutor on the state of criminality for the year 2017, 73 cases have been recorded by the Prosecution body, but no details have been given on the cases.

Infection of IT systems with malware (including ransomware, spyware, worms, trojans and viruses)

Article 293/b of the "Criminal Code of the Republic of Albania" provides that damage, deformation, change or unauthorised deletion of computer data is punishable by imprisonment for six months to three years. According to the Final Report of the General Prosecutor on the state of criminality for the year 2017, 33 cases have been recorded by the Prosecution body, four of which have ended with the sentencing of the accused, but no details have been given on the cases.

Possession or use of hardware, software or other tools used to commit cybercrime (e.g. hacking tools)

Article 293/ç of the "Criminal Code of the Republic of Albania" provides that manufacturing, keeping, selling, giving for use, distribution or any other action to place at disposal any equipment, including a computer program, computer password, access code or any other similar data, created or adapted for breaching a computer system or a part of it, with the aim of committing a criminal act, as provided in articles 192/b, 293/a, 293/b and 293/c of the "Criminal Code of the Republic of Albania", is punishable by imprisonment for six months to five years. According to the Final Report of the General Prosecutor on the state of criminality for the year 2017, one case has been recorded by the Prosecution body.

Identity theft or identity fraud (e.g. in connection with access devices)

Even though the "Criminal Code of the Republic of Albania" does not explicitly mention or provide an article dedicated to identity theft, article 186/a states that modifying, deleting, or omitting computer data, without the right to do so, in order to create false data, with the intention of presenting and using them as authentic, even though the created data is directly readable or understandable, are all punishable by imprisonment for six months to six years. According to the Final Report of the General Prosecutor on the state of criminality for the year 2017, 16 cases have been recorded by the Prosecution body, one of which has ended with the sentencing of the accused, but no details have been given.

Electronic theft (e.g. breach of confidence by a current or former employee, or criminal copyright infringement)

Article 186/a/2 of the "Criminal Code of the Republic of Albania" provides that when the aforementioned criminal act, as described in the provision of identity theft above, is done by the person responsible for safekeeping and administering the computer data in cooperation more than once, or has brought forth grave consequences for the public interest, is punishable by imprisonment for three to 10 years.

Any other activity that adversely affects or threatens the security, confidentiality, integrity or availability of any IT...

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT