The Armenian government, during a June 25, 2026 cabinet session, approved draft amendments to the Law on Electronic Communications and related laws, which envisage the introduction of mechanisms for monitoring the international mobile phone identifiers (IMEI), and the creation of a database.

Experts note that the package not only raises unresolved issues from the point of view of data protection but can also target political opponents and critical journalists.

The amendments will provide an opportunity to monitor the IMEI codes of mobile phones, since there is no such control under the current regulations. The government’s justification is that phones with uncleared or fake, as well as modified IMEI codes, can be imported into Armenia, which harms the state by causing tax losses, disrupting fair competition, and increasing technical and security risks.

The International Mobile Equipment Identity (IMEI) database is an information system that contains data on IMEIs, their users, SIM/eSIM numbers in use, and the legal circulation of mobile phones.

If the draft becomes law, the mobile network operator will refuse to provide service if the subscriber has not registered the IMEI. The provision of service to persons arriving in Armenia and using roaming services is suspended if it has been verified through the electronic border management information system that the person using roaming services has crossed the state border and thirty calendar days have passed since the crossing, and the IMEI has not been registered.

Information security specialist Artur Papyan notes that at first glance it is a technical and innocent project: “fighting the shadow economy,” “preventing phone theft,” but in reality it is worrying.

According to the expert, a huge database will be created, where a person’s passport and personal data, IMEI and all SIM/eSIM cards will be linked.

“This is not just a tax tool, this gives the state the opportunity to see at any time who is active on the network, with which device and when,” Papyan writes on his FB page.

He says that if this database, which contains data on 2.5 million users every minute, is compromised, operators will be forced to disconnect, and state databases usually work poorly.

Papyan notices a dangerous point in the project, according to which the administrator can provide “other digital services” to state and local bodies or even private companies with the database data. That is, the data that is supposedly collected to “fight smuggling” may tomorrow be used for completely different purposes unknown to citizens.

“The concentration of the entire republic’s phones and citizens’ data in one place is a dream for any cybercriminal. If this database is hacked (and there are no invulnerable systems), the security of each of us will be put under attack. And now the most important thing: the authors of the project claim that this will help against theft. Let’s be honest, how many of you or your friends have had such a thing happen to you? "They stole your phone, you applied to the police with the box and IMEI code, but you still didn't receive any help. Meanwhile, my heart testifies that if it's about protesters or critical journalists, they'll find out the location with IMEI in five minutes and make a show of it," Papyan writes. 

The project was submitted for public discussion  in February 2026.

The project envisages creating a unified IMEI system, through which customs data, activations of mobile operators and information from international registries will be combined. As a result, only legally imported phones will be activated.

According to the government's assessment, this system will help reduce illegal circulation, strengthen state control, and increase public security. To this end, it is proposed that the IMEI codes of all legally imported phones be registered at the time of import, and the copying, modification of codes and the activation of non-customs-cleared devices be restricted.

The authors of the project note that the introduction of a unified IMEI system will increase state revenues due to systematic tax involvement, and shadow imports will sharply decrease. And the limited costs incurred for the introduction of the system and regulation of the sector are not comparable to the benefits provided by the reduction of shadow trade and the security impact.

“The mobile phone market is the largest shadow market, and what we are doing only allows that this market continues its work. These solutions have existed in the world for a long time, and our political statement is that the era of the black market for mobile phones is ending. And no phone in the Republic of Armenia that is not certified to have been imported legally will work. This is justified. We started these discussions a year and a half ago and discussed them in great detail. It is obvious that we must go for these solutions. Of course, this does not mean that we should not carry out our supervisory functions, including the tough ones that we carry out. But it is obvious that radical, standardized, and civilized solutions are needed there,” Armenian PM Nikol Pashinyan stated during the presentation of the legislative initiative.

The draft amendments to the Law On Electronic Communications and related laws were developed by the Information Systems Agency of Armenia Foundation in cooperation with the Ministry of High-Tech Industry, the State Revenue Committee, and mobile operators.

The dpHUB Data Protection Center, an initiative of personal data protection expert Gevorg Hayrapetyan, has published comments on the package of projects.

It is not clear what is included in reducing security risks and increasing the level of cybersecurity. While national security and cybersecurity are regulated by various legislation in Armenia, each includes different components and has no direct connection with the import or sale of mobile phones. It is also not clear what the protection of personal data of persons temporarily visiting Armenia generally represents in the context of the package of projects.

The dpHUB Data Protection Center notes that in the case of exporting and selling stolen mobile phones to other countries, as well as dismantling stolen mobile phones and selling them as spare parts, the IMEI database becomes unsuitable in terms of the effectiveness of combating phone theft and detecting such crimes.

According to dpHUB, the regulations proposed by the draft package do not apparently imply the processing of personal data in the minimum amount necessary to achieve legitimate goals. For example, in the fight against the reduction of the shadow economy and the import of mobile phones illegally, it is not necessary to include IMEIs of mobile phones already legally used by end users in the database for the simple reason that they have already been imported, sold, and used with the presumption of legality.