关于知识产权 知识产权培训 树立尊重知识产权的风尚 知识产权外联 部门知识产权 知识产权和热点议题 特定领域知识产权 专利和技术信息 商标信息 工业品外观设计信息 地理标志信息 植物品种信息(UPOV) 知识产权法律、条约和判决 知识产权资源 知识产权报告 专利保护 商标保护 工业品外观设计保护 地理标志保护 植物品种保护(UPOV) 知识产权争议解决 知识产权局业务解决方案 知识产权服务缴费 谈判与决策 发展合作 创新支持 公私伙伴关系 人工智能工具和服务 组织简介 与产权组织合作 问责制 专利 商标 工业品外观设计 地理标志 版权 商业秘密 WIPO学院 讲习班和研讨会 知识产权执法 WIPO ALERT 宣传 世界知识产权日 WIPO杂志 案例研究和成功故事 知识产权新闻 产权组织奖 企业 高校 土著人民 司法机构 遗传资源、传统知识和传统文化表现形式 经济学 金融 无形资产 性别平等 全球卫生 气候变化 竞争政策 可持续发展目标 前沿技术 移动应用 体育 旅游 PATENTSCOPE 专利分析 国际专利分类 ARDI - 研究促进创新 ASPI - 专业化专利信息 全球品牌数据库 马德里监视器 Article 6ter Express数据库 尼斯分类 维也纳分类 全球外观设计数据库 国际外观设计公报 Hague Express数据库 洛迦诺分类 Lisbon Express数据库 全球品牌数据库地理标志信息 PLUTO植物品种数据库 GENIE数据库 产权组织管理的条约 WIPO Lex - 知识产权法律、条约和判决 产权组织标准 知识产权统计 WIPO Pearl(术语) 产权组织出版物 国家知识产权概况 产权组织知识中心 产权组织技术趋势 全球创新指数 世界知识产权报告 PCT - 国际专利体系 ePCT 布达佩斯 - 国际微生物保藏体系 马德里 - 国际商标体系 eMadrid 第六条之三(徽章、旗帜、国徽) 海牙 - 国际外观设计体系 eHague 里斯本 - 国际地理标志体系 eLisbon UPOV PRISMA UPOV e-PVP Administration UPOV e-PVP DUS Exchange 调解 仲裁 专家裁决 域名争议 检索和审查集中式接入(CASE) 数字查询服务(DAS) WIPO Pay 产权组织往来账户 产权组织各大会 常设委员会 会议日历 WIPO Webcast 产权组织正式文件 发展议程 技术援助 知识产权培训机构 COVID-19支持 国家知识产权战略 政策和立法咨询 合作枢纽 技术与创新支持中心(TISC) 技术转移 发明人援助计划(IAP) WIPO GREEN 产权组织的PAT-INFORMED 无障碍图书联合会 产权组织服务创作者 WIPO Translate 语音转文字 分类助手 成员国 观察员 总干事 部门活动 驻外办事处 职位空缺 采购 成果和预算 财务报告 监督
Arabic English Spanish French Russian Chinese
法律 条约 判决 按管辖区浏览

数据保密法, 克罗地亚

返回
被取代文本。  转至WIPO Lex中的最新版本
详情 详情 版本年份 2007 日期 议定: 2007年7月13日 生效: 2007年1月1日 文本类型 其他文本 主题 专利(发明), 未披露的信息(商业秘密), 知识产权监管机构 与知识产权相关的条款,见第6,13和16条。
生效日期:更多细节见第35条。

可用资料

主要文本 相关文本
主要文本 主要文本 英语 Data Secrecy Act (promulgated by Decree No. 71-05-03/1-07-2 of July 18, 2007, OG No. 79/07)        
 
下载PDF open_in_new
 Data Secrecy Protection Law

Official Gazette 79/2007

1

THE CROATIAN PARLIAMENT

Pursuant to Article 88 of the Constitution of the Republic of Croatia, I hereby issue the

DECISION ON PROMULGATING THE DATA SECRECY ACT

I hereby promulgate the Data Secrecy Act, passed by the Croatian Parliament at its session on 13

July 2007.

Class: 011-01/07-01/97

Reg. No.: 71-05-03/1-07-2

Zagreb, 18 July 2007

The President of the Republic of Croatia

Stjepan Mesić, m.p.

DATA SECRECY ACT

I BASIC PROVISIONS

Article 1

(1) This Act establishes the notion of classified and unclassified data, degrees of secrecy, the

procedure of data classification and declassification, classified and unclassified data access,

classified and unclassified data protection and oversight over the implementation of this Act.

(2) This Act applies to state authorities, local and regional self-government bodies, legal

persons with public authority and legal and natural persons that, in accordance with this Act,

gain access to or handle classified and unclassified data.

Article 2

Particular notions within the meaning of this Act shall have the following meaning:

- data are documents, or any written, copied, drawn, painted, printed, filmed,

photographed, magnetic, optical, electronic or any other type of data recording, insight,

measure, procedure, object, verbal announcement or information that, considering its

content, is significant for its owner in terms of trustworthiness and integrity,

- classified data are documents that were, within the stipulated procedure, classified as

such by the competent authority and for which the degree of secrecy has been determined,

and data that were thus classified and delivered to the Republic of Croatia by another

country, international organization or institution that the Republic of Croatia cooperates

with,

- unclassified data are documents without the determined degree of secrecy, that are used

for official purposes, and data that were thus marked and delivered to the Republic of

Croatia by another country, international organization or institution that the Republic of

Croatia cooperates with,

- data classification is the process of determining the degree of data secrecy regarding the

security threat degree and area of values protected by this Act,

Official Gazette 79/2007

2

- data declassification is the process of determining the cease of reasons for which the data

were classified with the appropriate degree of secrecy, after which data shall become

unclassified with restricted use only for official purposes,

- data owner is the competent authority within whose scope of work the classified or

unclassified data were created,

- certificate is Personnel Security Clearance that enables classified data access

Article 3

Data shall not be classified in order to conceal crime, exceeding or abuse of authority and

other types of illegal proceedings within state authorities.

II DEGREES OF SECRECY

Article 4

Classified data degrees of secrecy are as follows:

- TOP SECRET

- SECRET

- CONFIDENTIAL

- RESTRICTED

Article 5

Taking into consideration the degree of security threat to values protected with degrees of

secrecy referred to in Article 4 of this Act, data from the scope of activity of state authorities

in the field of defence, security intelligence system, foreign affairs, public security, criminal

proceedings and science, technology, public finances and economy may be classified in case

those data are of security interest for the Republic of Croatia.

Article 6

Secrecy degree TOP SECRET shall be used to classify data whose unauthorised disclosure

would result in exceptionally grave damage to national security and vital interests of the

Republic of Croatia, and especially to the following values:

- basis of the structure of the Republic of Croatia as laid down by the Constitution

- independence, integrity and security of the Republic of Croatia

- international relations of the Republic of Croatia

- defence capability and security intelligence system

- public security

- basis of the economic and financial system of the Republic of Croatia

- scientific discoveries, inventions and technologies that are of great significance for the

national security of the Republic of Croatia

Article 7

Secrecy degree SECRET shall be used to classify data whose unauthorised disclosure would

result in grave damage to values referred to in Article 6 of this Act.

Article 8

Secrecy degree CONFIDENTIAL shall be used to classify data whose unauthorised

disclosure would be damaging to the values referred to in Article 6 of this Act.

Official Gazette 79/2007

3

Article 9

Secrecy degree RESTRICTED shall be used to classify data whose unauthorised disclosure

would be damaging to the functioning of state authorities and enforcing tasks referred to in

Article 5 of this Act.

Article 10

State authorities that implement the data classification process shall, by Ordinance, establish

the criteria for determining degrees of secrecy in detail within their scope of work.

III DATA CLASSIFICATION AND DECLASSIFICATION PROCESS

Article 11

Data classification shall be done during the making of classified data or during periodical

assessments referred to in Article 14 of this Act.

Article 12

(1) During the data classification process the data owner shall determine the lowest degree of

secrecy that will secure the protection of interests that could be threatened by unauthorised

disclosure of the said data.

(2) In case the classified data contain certain parts or enclosures whose unauthorised

disclosure does not threaten the values protected by this Act, such parts of the data shall not

be classified with the degree of secrecy.

Article 13

(1) Data classification with TOP SECRET and SECRET degrees of secrecy may be done by:

the President of the Republic of Croatia, the President of the Parliament of the Republic of

Croatia, the President of the Government of the Republic of Croatia, ministers, Chief State

Attorney, Head of the General Staff of the Armed Forces of the Republic of Croatia and

Heads of authorities of the security intelligence system of the Republic of Croatia and those

that are authorised to do so by the said persons.

(2) Persons referred to in paragraph 1 of this Article shall transfer their authority to other

persons in written and solely within their respective scope of work.

(3) Data classification with CONFIDENTIAL and RESTRICTED degrees of secrecy may be

done, apart from the persons referred to in paragraphs 1 and 2 of this Article, by Heads of

other state authorities.

(4) Persons referred to in paragraphs 1, 2 and 3 of this Article shall classify data for scientific

institutions, bureaus and other legal persons when working on projects, discoveries,

technologies and other jobs of security interest for the Republic of Croatia.

Official Gazette 79/2007

4

Article 14

(1) During the time when the degree of secrecy is valid the data owner shall continuously

assess the degree of secrecy of the classified data and shall make periodical assessments based

on which the degree of secrecy can be changed or declassification can be done.

(2) Periodical assessment shall be done as follows:

- for TOP SECRET degree of secrecy at least once every 5 years,

- for SECRET degree of secrecy at least once every 4 years,

- for CONFIDENTIAL degree of secrecy at least once every 3 years,

- for RESTRICTED degree of secrecy at least once every 2 years.

(3) Data owner shall inform, in writing, all the authorities that the data were delivered to

about the change of the degree of secrecy or data declassification.

Article 15

(1) Periodical assessment shall be made in writing for each individual degree of secrecy.

(2) Data owner is authorised to make periodical assessment jointly for certain groups of data.

(3) Periodical assessment shall be classified with the same degree of secrecy as the data it

refers to and shall be attached with the original in the data owner’s archives.

Article 16

(1) When there is public interest, data owner shall determine the proportionality between the

right for data access and protection of the values stipulated in Articles 6, 7, 8 and 9 of this Act

and decide on maintaining the degree of secrecy, changing the degree of secrecy,

declassification or exemption from the obligation to keep data secret.

(2) Prior to making the decision referred to in paragraph 1 of this Article data owner shall ask

for the opinion of the Office of the National Security Council.

(3) Data owner shall inform other competent authorities stipulated by law of the procedure

referred to in paragraph 1 of this Article.

Article 17

The way of identifying classified data degrees of secrecy shall be stipulated by the Regulation

adopted by the Government of the Republic of Croatia.

IV DATA ACCESS

Article 18

(1) Access to classified data shall be granted to persons with a need-to-know and who have

Personnel Security Clearance (hereinafter: Certificate).

(2) State authorities, bodies of local and regional self-government, legal persons with public

authority, legal and natural persons (hereinafter: Applicants) are authorized to submit requests

for Certificate issuance for their employees with a need-to-know.

Official Gazette 79/2007

5

(3) Request for Certificate issuance shall be submitted in writing to the Office of the National

Security Council. The request shall contain the following: first name, last name, duty or the

jobs within which the person will have classified data access and the degree of secrecy for

which the Certificate is requested.

(4) Certificate shall be issued for TOP SECRET, SECRET and CONFIDENTIAL degrees of

secrecy for a period of five years. Certificate shall not be classified with the degree of secrecy

but shall represent unclassified data.

(5) Certificate shall be issued by the Office of the National Security Council based on the

assessment on absence of security impediments for classified data access. Existence of

security impediments shall be determined by security vetting done by competent security

intelligence agency.

(6) Security impediments within the meaning of this Act are the following: false data stated in

the Questionnaire for security vetting, facts that are stipulated by special Act as impediments

for work in the civil service, pronounced disciplinary sanctions and other facts that represent

reasonable doubt in the trustworthiness or reliability of the person to handle classified data.

Article 19

(1) In case the authority referred to in Article 18, paragraph 5 of this Act, based on the report

on results of security vetting, determines that there are security impediments it shall deny the

Certificate issuance by Decision.

(2) The person for whom Certificate issuance was denied by Decision shall not have the right

of appeal, but shall have the right to initiate administrative dispute within 30 days since the

receipt of the said Decision.

(3) During the procedure at the Administrative Court of the Republic of Croatia the Court

shall, while determining facts and presenting evidence that might damage the work of security

intelligence agencies and national security, take measures and actions from its scope of duty

that will prevent the damage from occurring.

Article 20

(1) Classified data access without the Certificate shall be granted to the Member of

Parliament, Minister, State Secretary of the Central State Administrative Office, Judge and

Chief State Attorney within the scope of their work.

(2) Persons referred to in paragraph 1 of this Article shall, before accessing classified data,

sign the Statement of the Office of the National Security Council which confirms that they

were briefed on the provisions of this Act and other rules and regulations that determine the

classified data protection and that they shall handle classified data in accordance with the said

provisions.

Article 21

The content and the template of the Certificate referred to in Article 18 of this Act and the

Statement referred to in Article 20, paragraph 2 of this Act shall be stipulated by the

Regulation adopted by the Government of the Republic of Croatia.

Official Gazette 79/2007

6

Article 22

(1) Access to classified data of another country or international organization shall be granted

to persons with a need-to-know and who have the Certificate stipulated by international treaty

or security agreement.

(2) Certificate referred to in paragraph 1 of this Article shall be issued by the Office of the

National Security Council based on the request of the competent authority.

(3) The request referred to in paragraph 2 of this Article may be submitted only for the

persons who were previously granted appropriate Certificate based on the procedure referred

to in Article 18 of this Act.

Article 23

(1) Access to unclassified data shall be granted to persons with a need-to-know.

(2) Access to unclassified data shall be granted to interested persons with right to access

information based on the submitted request in accordance with relevant Freedom of

Information Act.

Article 24

The President of the Republic of Croatia, the President of the Parliament of the Republic of

Croatia and the President of the Government of the Republic of Croatia shall be exempt to the

procedure stipulated for Certificate issuance.

V DATA PROTECTION

Article 25

The mode and implementation of classified and unclassified data protection shall be stipulated

by the Act that regulates the information security area.

Article 26

State officials and employees, local and regional self-government bodies, legal persons with

public authority as well as legal and natural persons who gain access or handle classified and

unclassified data shall keep the classified data secret during the time and after the cease of

their duty or work until the data is classified or until by the decision of data owner they are

free from the duty of keeping the secrecy thereof.

Article 27

(1) In case classified data are destroyed, stolen or made available to unauthorised persons,

data owner shall take all necessary measures to prevent the occurrence of possible damaging

consequences, shall start the procedure to determine the responsibility and shall at the same

time inform the Office of the National Security Council thereof.

(2) In case classified data are destroyed, stolen or made available to unauthorised persons

within the body that is not the data owner, the responsible person from the said body shall

immediately inform the data owner thereof and the data owner shall then initiate the

procedure referred to in paragraph 1 of this Article.

Official Gazette 79/2007

7

Article 28

(1) The Office of the National Security Council shall, when issuing the Certificate or signing

the Statement referred to in Article 20, paragraph 2 of this Act, brief the persons on the

standards of handling classified data and on other legal and other consequences of

unauthorised handling of the said data.

(2) The procedure referred to in paragraph 1 of this Article shall be implemented at least once

a year during the Certificate validity period.

VI OVERSIGHT OVER THE IMPLEMENTATION OF THE ACT

Article 29

State authorities, bodies of local and regional self-government and legal persons with public

authority shall keep records on insights into and handling of classified data.

Article 30

(1) The Office of the National Security Council shall conduct oversight over data

classification and declassification procedures, the way of gaining access to classified and

unclassified data, the implementation of the measures for the protection of classified data

access and the performance of duties from the international agreements and treaties on

classified data protection.

(2) In conducting the oversight the Head of the Office of the National Security Council has

the authority to:

- determine the facts

- give instructions in order to eliminate the determined defects and irregularities that the

bodies that were subject to oversight must eliminate within the designated period of

time

- initiate the procedure in order to determine the data owner’s responsibility

- take other measures and actions that he or she is authorised to according to special

provisions.

(3) The Office of the National Security Council shall establish registries of Certificates issued,

Decisions on Certificates denied, signed Statements referred to in Article 20, paragraph 2 of

this Act and conducted briefings on standards referred to in Article 28 of this Act.

VII TRANSITIONAL AND FINAL PROVISIONS

Article 31

(1) Regulation of the Government of the Republic of Croatia referred to in Articles 17 and 21

of this Act shall be adopted within 30 days since the date when this Act enters into force.

(2) The Ordinance referred to in Article 10 of this Act shall be adopted by Heads of

competent bodies within 60 days after the date when this Act enters into force.

Official Gazette 79/2007

8

(3) Heads of competent bodies shall determine the list of duties and jobs within their scope of

work, for which the Certificate is necessary, within 90 days.

Article 32

Degrees of secrecy determined by international treaties that the Republic of Croatia confirmed

before the date that this Act enters into force, degrees of data secrecy gained by international

exchange before the date that this Act enters into force, as well as the degrees of data secrecy

that were determined before the date that this Act enters into force shall be translated as

follows:

- STATE SECRET into TOP SECRET

- OFFICIAL SECRET-TOP SECRET and MILITARY SECRET-TOP SECRET into

SECRET

- OFFICIAL SECRET-SECRET and MILITARY SECRET-SECRET into

CONFIDENTIAL

- OFFICIAL SECRET-CONFIDENTIAL and MILITARY SECRET-CONFIDENTIAL

into RESTRICTED

Article 33

(1) Certificates that were issued by the Office of the National Security Council before the date

that this Act enters into force shall be valid until the expiry date stated on the Certificate.

(2) Internal permissions to access classified data that were issued on the basis of the Act on

Data Secrecy Protection (Official Gazette, No.108/96) shall be valid until the issuance of the

Certificate according to the provisions of this Act.

(3) Sub-Acts adopted on the basis of the Act on Data Secrecy Protection (Official Gazette,

No. 108/96) shall be implemented until the date that the appropriate sub-Acts based on this

Act enter into force.

Article 34

On the date of entry into force of this Act the provisions of the Act on Data Secrecy

Protection (Official Gazette, No. 108/96), except the provisions referred to in titles 8 and 9 of

the said Act, shall cease to have effect.

Article 35

This Act shall enter into force 8 days following its publication in the Official Gazette.

Class: 804-04/07-01/01

Zagreb, 13 July 2007

THE CROATIAN PARLIAMENT

The President of the Croatian Parliament

Vladimir Šeks, m.p.


立法 被以下文本取代 (1 文本) 被以下文本取代 (1 文本)
无可用数据。

WIPO Lex编号 HR064