The Public Foundation “Civil Initiative on Internet Policy” regularly conducts a legal analysis of the current legislation of the Kyrgyz Republic regulating the field of information and cyber security in order to assess the current situation, identify gaps and make recommendations for their replenishment. All activities of the Foundation in this area are based on the principles of protecting personal data and the private life of citizens, as well as proportionality in matters of cybersecurity and respect for human rights.
The lawyers of the organization systematically study the experience of foreign countries in this field (EU, CIS), review the international practice in the field of cybersecurity and study the model laws of the CIS countries (such as the Russian Federation, Estonia, Moldova, Kazakhstan, Georgia), ISCED documents and standards including initiatives in the field of information security and ways of protecting data.
CIIP took part in the development of a number of normative acts in the field of information and cyber security, such as:
- The concept of cybersecurity in the Kyrgyz Republic;
- A package of laws and by-laws regulating the protection of personal data (amendments to the law of the Kyrgyz Republic “On Personal Information”, provisions on the authorized state body on personal data, on notification and consent of the personal data subject to the transfer of his/her personal data, technical requirements for ensuring security and protection of personal data when processing them in information systems of personal data).
CIIP also regularly conducts trainings on information and cybersecurity for representatives of the public sector, commercial organizations and civil society engaged in ICT activities.
In 2017, CIIP also initiated the creation of an Analytical Center in Kyrgyzstan to study urgent problems of security and regional development, whose tasks include conducting studies, examining, developing recommendations, developing analytical articles, raising the level of skills in the field of information and cybersecurity.