In addition to considering the draft law on turnover fines for data leakage, amendments to the law “On Personal Data” will be submitted to the State Duma for consideration. With the help of them, the government wants to oblige telecom operators to report data leaks to Roskomnadzor (RKN) within a day from the moment of the incident. It is also proposed to regulate the transfer of data of Russians abroad and the possibility of a ban on the transfer.

This initiative was announced by the head of the State Duma Committee on Information Policy, Alexander Khinshtein, on VKontakte, posting the text of the project. As he explained, data leaks of Russians occur constantly, both from Russian platforms and from foreign ones. When user information is compromised, the fines for the dissemination of personal data are scanty, and the responsibility of operators with possible damage to users is incommensurable. Khinshtein spoke about the bill on additional data protection for Russian users in his telegram channel. It is possible that just the announced changes are one of the mechanisms for additional data protection of Russians.

According to the amendments, the operator must within 24 hours notify the authorized body (in this case, the RKN) about the data leakage, its causes, the extent of harm and measures to eliminate the consequences, as well as in the case of establishing the fact of illegal or accidental access, provision, distribution, transfer of personal data that entailed a violation of the rights of personal data subjects. In addition, the document regulates the transfer of data of Russian users abroad. To do this, the RKN must approve a list of states that provide normal (adequate) protection of subjects of personal data rights. The operator, in turn, is obliged to notify the department about this before the start of cross-border data transfer of Russians. In some cases, transmission may be prohibited or restricted.

bbabo.Net