The training programme is designed for law enforcement agents who perform investigations of identity theft in cyberspace. Law enforcement agents seeking to successfully investigate identity theft in cyberspace crimes should be familiar with the concept of such crimes, the methods, forms and legal aspects. The training programme is based on an analysis of the legal and regulatory practices in the European Union and Lithuania and is dedicated to researchers investigating the cases of identity theft. The training courses include the European Union (EU), Lithuania (LT) legislation, EN and EU court procedures, case studies and best practices. This training programme cover the topics such as personal identity and identification, dangers for personal data in cyberspace, personal identity theft, the concept of identity theft, related danger, results and trends in such activity, forms and methods of committing identity theft, subjects and victims of identity theft in cyberspace, legal regulation related to identity theft in cyberspace, liability for identity theft in cyberspace, prevention of identity theft in cyberspace, legal relationship between electronic information and electronic documents. Personal identity and identification topic covers the definition of personal identity, the linked to state-approved identification, ways and means for identification in cyberspace, dangers for personal data in cyberspace, the concept and definition of personal identity theft, related danger, results, and tendencies of such activity. The one of the most dangerous threats in cyberspace is electronic identity theft and closely related to dangers for personal data in cyberspace. The identity theft in cyberspace is a wider and complicated crime: electronic identity usage and total accessibility of personal information will only increase, and virtual social networks are spreading quickly, a need for false electronic identity increases as well as the increasing scale of identity theft in cyberspace influences e-business and public e-services, therefore, the financial identity threats are the most dangerous and entrain the biggest financial damage. Forms and methods of committing identity theft: due to constant progress of information and communication technologies the phenomenon itself acquires new forms, which are moving more and more often into cyberspace. Due to the mentioned reasons the finite list of the forms of identity theft may be compiled only for the present moment. The main forms of committing identity theft are following: thefts of medical identity, computer identity, driver’s license identity, internet identity, financial identity, social security identity, banking identity, corporate identity, criminal identity and passport identity as well as identity theft cloning. The main methods are: phishing, scam, spam, spoofing, spyware, skimming, pharming, replay attack, dumpster diving, creation of a false profile in a social network. Under the topic for subjects and victims of identity theft in cyberspace the classification of identity theft subjects, the factors that motivate subjects of identity theft in cyberspace, concept and definition of the victim of identity theft in cyberspace are presented as well as ways, how victims usually find out about identity theft, what are prevention measures. Legal regulation related to identity theft in cyberspace covers the main aspects of EU legal regulation directly and indirectly related to identity theft such as Convention on cybercrime, Convention for the protection of individuals with regard to automatic processing of personal data (the Strasbourg Convention) of 1981, Directive 95/46/EB of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, certain of EU communications, legal regulation that has the biggest link with identity theft in cyberspace is legal regulation of identification, legal protection of personal data, and security of electronic information (cybersecurity). Some principles for legal regulation are established in the Cybersecurity strategy An Open, Safe and Secure Cyberspace of 2013. In addition, the roles and function in cybersecurity of certain institution that act in the domain of cybersecurity on EU level, such as ENISA, EUROPOL and EDA, are explained. The topic on legal regulation of cybersecurity in Lithuania focuses on 2014 the Law on Cybersecurity of the Republic of Lithuania, the Programme of Cybersecurity Development for 2011-2019 of 29 June 2011 with roles and functions of the main institution for cybersecurity in Lithuania – National Cybersecurity Centre. The topic on liability for identity theft in cyberspace covers aspects of the criminalisation of identity theft in cyberspace, including comparative aspects on criminalisation of identity theft in cyberspace in Lithuania, the main provisions of Criminal Code of Republic of Lithuania (hereinafter – the Code) and phases of the legal process: for example, the receiving information related to identity is criminalised by articles 166, 167, 198, 198(1), 214 of the Code, the use of information related to identity with the purpose to commit a crime falls under the area of regulation of articles 182, 207, 215, and 300 of the Code, and storing, distribution – partly fall under the area of application of articles 198 and 214 of the Code. The topic on prevention of identity theft in cyberspace includes crime prevention (common aspects, levels of identity theft in cyberspace prevention, prevention level of specific person, 21 rules, prevention in public and private sectors, Red Flag rules), the level of non-formal social combinations, formations and organisations as well as prevention of identity theft in cyberspace on the international, bilateral (inter-national) and (or) regional level. The topic on legal relationship between electronic information and electronic documents focuses on such aspects: when assessing electronic evidence and its probative value, the court must consider the reliability of such evidence, which could be questioned. Therefore it is necessary to determine a method of creating, storing and transmitting electronic information / data, the integrity, authenticity, and reliability of stored information and other important circumstances. These conditions are necessary for physical documents as well as for information recorded in cyberspace – for electronic documents: authenticity and reliability of a document, document integrity, suitable for use. The definition of electronic document, electronic information, electronic data and electronic document is presented and their suitability as evidence in criminal proceedings. The training programme is tailored both for in the class-training and learning remotely.