Business wants personal data

Working with a competition among students in grades 6-11 of secondary educational institutions of the city of Novosibirsk “Protect your personal data 2017”

In July, unexpectedly, within the framework of the activities of the working groups on the digital economy program, proposals were made to amend the Federal Law "On Personal Data". Let's see what these offers contain.

The working group on regulatory regulation of the digital economy has approved the concept of working with publicly available data, according to which businesses can freely collect, store and analyze any user data legally trapped on the Internet. Moreover, this will not require the consent of their owner. Now a different structure of the digital economy program, a competence center, on the basis of this concept of working with publicly available data, should create a draft law.

The authors of the concept of publicly available data are called Skolkovo and Double Data (yes, the very one that collected Vkontakte data, which led to a conflict with them). During the work of the working group, there was a vote for this concept and the choice of the working group was not unanimous - 56% of the participants voted for the concept.

Before becoming a passed bill, the concept will have a very long way to go and it has yet to enlist the support of the government.
')
But that is not all. As recently as August, new proposals were submitted for consideration.

Business representatives wrote their amendments and submitted them to Skolkovo, and the center of competence for creating standards for the digital economy sent them to the next instance in the direction - the working group on regulatory regulation of the digital economy.
According to the proposed amendments, companies can get new rights in handling personal data. Having received them with the consent of the person, companies without notice will be able to transfer them to other companies for processing. The contractor chosen by her will be able to reassign the processing of data further along the chain, also without notifying the person, but only notifying the client company.

Responsible for the safety of personal data on the amendments will be the company that originally collected them and received the consent of the person to process them. She will have to place on the site a list of all the companies to which she will give data processing, or find other ways to notify a citizen who will have access to his data, and fix these methods in the same contract with him, where he agrees to data processing. A person has the right to find out where the company has transferred his data; The company has the right to respond to the request of the month. But he cannot prohibit their transfer along the chain - only withdraw the initial consent.

Among other things, the company will be able to process data for the purposes that it considers beneficial for itself, and not only initially agreed with the person.

On the one hand, with proper regulation, the new procedure for handling personal data will help the business to optimize their processing, and for citizens it will make data circulation more transparent and controllable. But, on the other hand, a person will lose clear control over the transfer of his personal data and will become powerless in this process.

In general, the amendments contradict the spirit and letter of the law on personal data. The world community strives to inform people as clearly as possible why they collect data from them, describe how and who will use them, limit their processing to the goals stated during the collection, recall the recently adopted GDPR. Written by representatives of business, these amendments are beneficial to him only. This, in fact, is not surprising.

Protection of the rights of subjects of personal data is not always fully implemented when it comes to high profits. A striking example is the news that the Tribunal of the Italian city of Lecce has condemned the entrepreneur for the fake reviews on the site for travelers Tripadvisor.

The man headed PromoSalento, which provided “package” services to the owners of various tourist enterprises. Publishing reviews on their pages should have improved their statistics and attracted more customers.

The court found that the publication of fake reviews falls under the article on the use of someone else's or fake identity, which is considered a criminal offense in Italy. In addition to a prison sentence of 9 months, a man must pay a fine of 8 thousand euros.

Follow the link to download our White Paper on Federal Law No. 152 .
This is a book that was published to help eliminate confusion in the processing of personal data and clearly describe for business the process of bringing personal data information systems in accordance with the laws of Russia. The topic is revealed from scratch. It helps to meet the needs of a wide range of readers. Already 4000 downloads.