The main threat of personal data leakage is that it often goes unnoticed by the subject of the information. Operators do not always report such cases. Even if a company publicizes the fact of personal data leakage, this information may not reach users. Given this circumstance, you should be extremely careful about protecting your own data.
Who is at risk when disclosing personal information?
The following categories of people may suffer from the loss or disclosure of important personal data:
bank card holders;
citizens who receive medical care;
people with pension savings;
bank deposit holders;
owners of real estate.
The above list cannot be considered las vegas email list complete, as many other citizens are also at risk. Given this situation, the state has developed a system for protecting personal information, which is based on the Federal Law "On the Protection of Personal Data". Its technical aspects are regulated by the government, FSTEC and FSB.
What to do if personal information is processed by third parties?
According to Federal Law No. 152, the operator has the right to transfer the processing of personal data to another organization. This rule is provided for in paragraph 3 of Article 6. In this case, the operator must clearly, among other requirements, establish the conditions for protecting the personal data being transferred, including mandatory notification of any incidents related to the illegal or unintentional transfer, dissemination of information that may violate the rights of subjects.
As provided by Federal Law No. 152 (clause 3.1 of Article 21), notifications of personal data leaks to Roskomnadzor must be made directly by the operator.
The liability standards on this issue are regulated by paragraph 5 of Article 6 of the said federal law. It states that in the event of transfer of personal data for processing to other persons, the operator is responsible for their actions before the subject.
Is it possible to completely remove personal information from the Internet?
Deputy Chairman of the State Duma from the LDPR Boris Chernyshov announced the creation of a bill regulating issues of personal data leakage. It provides for the possibility of the right of citizens to delete their personal information from commercial databases. These proposals are related to changes that may be made to Federal Law No. 152 on regulating liability for personal data leakage. They are planned for consideration at the parliamentary session, which will be held in the fall of 2023.
The need to develop this bill, according to the vice speaker, is indicated by the annual increase in the number of cases of leakage of personal data from private companies' databases. Chernyshov noted that at present citizens have almost no effective tools for revoking their consent to the processing and storage of their personal information.
In such circumstances, it is necessary for the state to act as an intermediary between operators and subjects of personal data. This function should be transferred to the Ministry of Digital Development. In turn, this ministry should be empowered to demand that non-state operators of personal data delete personal information upon the relevant request of citizens and independently ensure such measures.