Require the protection of your personal data, without departing from the cash register
The other day we came across a note from the Mairon hacker , found on the topic “ Protecting my personal data is my own business .”
This note caused a lot of thoughts and considerations, even worried in earnest. We are glad to share with Habr our thoughts on this topic.
We constantly hear at all events that we regularly attend on duty, the endless lament of reputable, non-poor companies that “how can you fulfill the requirements of FZ-152 we don’t understand?”, “Like so much money you need for spend it? ”,“ how did the state not allocate funds to us for this? ”... All this happens against the background of our daily, personal, unincorporated life, where we constantly encounter:
Against the background of such a “targeted” use of our personal data, discussions about meeting the requirements of the law on personal data, which we have heard and in which we managed to somehow participate in the last two years, cause, to put it mildly, bewilderment. It’s even more strange that these discussions are held exclusively between representatives of personal data operators (that is, between commercial and government organizations) and representatives of government regulatory and regulatory bodies. Ordinary people, carriers of the most personal data (PD) to such events here are not called, they are not heard there, it seems that ordinary mortals are not concerned at all ... And all the speakers speak only on behalf of companies, no one remembers their private selfish "interest ... Apparently, everyone hopes that problems with improper use of PD will not affect their personal lives ...
')
Of course, maybe, we simply did not come across (with the exception of the link mentioned above) a situation where the “personal data carriers” themselves, that is, mere mortals, spoke somewhere and declared their rights to the integrity of their PD. If someone in the know - throw links, please, I would like to learn about someone else's experience, and then looking at this "Elysium of Shadows" in order and you see, this very alien experience comes in handy ...
What I want to say in conclusion: do not forget that "the salvation of drowning people is the work of the drowning people themselves!"
People, let's imagine that when signing any bank or insurance (yes any) contract, every mere mortal asks as usual: “How do you protect my personal data? What technical means and organizational measures in your organization are used to protect the personal data of customers? ”. Does this not help push the companies and state organizations not only to think that the FZ-152 is “imperfectly terrible”, but to take measures to protect the personal data of its customers?
If a horror story like “Verification comes, and you are forced to pay fines,” it doesn’t work so well, maybe a horror story like “all customers will leave if they are not sure that their personal data is protected”?
In general, we are in favor of the second announcement “Demand protection of your personal data, without departing from the cash register” next to the ad “Recalculate money without moving from the cash register”.
Choose banks, travel agencies and shops, on the doors of which such inscriptions hang here: “ Our organization complies with the requirements of FZ-152 ” ...
This note caused a lot of thoughts and considerations, even worried in earnest. We are glad to share with Habr our thoughts on this topic.
We constantly hear at all events that we regularly attend on duty, the endless lament of reputable, non-poor companies that “how can you fulfill the requirements of FZ-152 we don’t understand?”, “Like so much money you need for spend it? ”,“ how did the state not allocate funds to us for this? ”... All this happens against the background of our daily, personal, unincorporated life, where we constantly encounter:
- with a mandatory tick about the transfer of PD to third parties in all contracts that we shove banks, insurance, suppliers of various goods in online stores and so on, with whom we sign contracts
- with brazen "asterisks" opposite mandatory lines, in all online registration forms on different sites,
- with a permanently filled spam personal email inbox and a lot of advertising sms ...
- the transfer can be continued ...
Against the background of such a “targeted” use of our personal data, discussions about meeting the requirements of the law on personal data, which we have heard and in which we managed to somehow participate in the last two years, cause, to put it mildly, bewilderment. It’s even more strange that these discussions are held exclusively between representatives of personal data operators (that is, between commercial and government organizations) and representatives of government regulatory and regulatory bodies. Ordinary people, carriers of the most personal data (PD) to such events here are not called, they are not heard there, it seems that ordinary mortals are not concerned at all ... And all the speakers speak only on behalf of companies, no one remembers their private selfish "interest ... Apparently, everyone hopes that problems with improper use of PD will not affect their personal lives ...
')
Of course, maybe, we simply did not come across (with the exception of the link mentioned above) a situation where the “personal data carriers” themselves, that is, mere mortals, spoke somewhere and declared their rights to the integrity of their PD. If someone in the know - throw links, please, I would like to learn about someone else's experience, and then looking at this "Elysium of Shadows" in order and you see, this very alien experience comes in handy ...
What I want to say in conclusion: do not forget that "the salvation of drowning people is the work of the drowning people themselves!"
People, let's imagine that when signing any bank or insurance (yes any) contract, every mere mortal asks as usual: “How do you protect my personal data? What technical means and organizational measures in your organization are used to protect the personal data of customers? ”. Does this not help push the companies and state organizations not only to think that the FZ-152 is “imperfectly terrible”, but to take measures to protect the personal data of its customers?
If a horror story like “Verification comes, and you are forced to pay fines,” it doesn’t work so well, maybe a horror story like “all customers will leave if they are not sure that their personal data is protected”?
In general, we are in favor of the second announcement “Demand protection of your personal data, without departing from the cash register” next to the ad “Recalculate money without moving from the cash register”.
Choose banks, travel agencies and shops, on the doors of which such inscriptions hang here: “ Our organization complies with the requirements of FZ-152 ” ...
Source: https://habr.com/ru/post/119335/
All Articles