|
|
The adoption of Federal Law No. 266-FZ in 2022 has fundamentally changed the current legislation "On Personal Data", noted Yuri Kontemirov, Head of the Roskomnadzor Department for the Protection of the Rights of Personal Data Subjects, in his speech at the forum. First of all, the principle of extraterritoriality of requirements for the processing of personal data was enshrined, which made it possible to extend the processing of data of Russian citizens to the activities of foreign companies.
The timeframes for providing information upon request have been significantly reduced, Yuri Kontemirov noted. This primarily concerns those rights of citizens that are related to receiving content writing service information about the processing of PD, as well as the possibility of demanding an update or deletion of their personal information if the citizen considers that this data is unreliable or its processing does not correspond to the stated purposes of processing, the service representative noted.
The most pressing problem in the area of personal data protection now remains leaks of personal information
– As of autumn 2023, we have recorded 117 incidents involving personal data. The total volume of records that have entered the network is more than 200 million. In this part, on the one hand, we are working to restrict access to resources where such databases are hosted. On the other hand, we are taking measures, including administrative action, against individuals who have violated the requirements of the law, which led to the dissemination of this data.
In some cases of data leaks, Roskomnadzor notes that the purposes of data processing that were established by the operator and the volume of compromised information did not correspond to the stated principles of personal data processing.
"There is a goal-setting principle that obliges the operator to process PD only to the extent necessary to achieve the purpose of processing. Try to minimize the amount of PD that you collect to provide services and implement legal relations with personal data subjects. This will help eliminate risks," urged Yuri Kontemirov.
MITIGATING CIRCUMSTANCES
The current size of administrative fines for personal data leaks is disproportionate to the harm caused by such incidents, noted Aisala Badyagina, Deputy Director of the Department of Cybersecurity of the Ministry of Digital Development, in her speech. She emphasized that
Now the state faces a global task of ensuring the information security of every citizen
The government has already prepared a response to the bill on fines for personal data leaks; the document is currently being finalized.
Managing partner of Lukash & Partners Denis Lukash spoke about judicial practice on leaks of personal data. The minimum fine for leaking personal data is not 60 thousand, but 30 thousand rubles, he noted.
|
|
|心起点设计|Archiver|手機版|自動贊助|大连瓦房店老虎屯区域论坛
發表於 2024-11-9 11:13:31