Presentation is loading. Please wait.

Presentation is loading. Please wait.

Personal Data Protection in Russia: Trends of the Last Decade State University – Higher School of Economics, Russia Software Engineering Department Alexandra.

Published byMorgan Jennings Modified over 9 years ago

Similar presentations

Presentation on theme: "Personal Data Protection in Russia: Trends of the Last Decade State University – Higher School of Economics, Russia Software Engineering Department Alexandra."— Presentation transcript:

1 Personal Data Protection in Russia: Trends of the Last Decade State University – Higher School of Economics, Russia Software Engineering Department Alexandra A. Savelieva Prof. Sergey M. Avdoshin

2 Higher School of Economics - 20102 Personal Data in the World of Globalization and Digitization

3 Higher School of Economics - 20103 Main Regulations Federal laws Governmental Regulations Normative Documents of the Regulatory Authorities On Ratifying the European Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data The Federal Law of the Russian Federation of 19 December 2005 No. 160-FZ On Ratifying the European Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data On Personal Data The Federal Law of the Russian Federation of 27 June 2006 No. 152-FZ On Personal Data Government Regulation No. 781 of November 17, 2007 Government Regulation No. 687 of September 15, 2008 Government Regulation No. 512 of July 6, 2008 Supervision Agency for Information Technologies and Communications (aka Roskomnadzor) Federal Service for Technical and Export Control Federal Security Service

4 Higher School of Economics - 20104 Major Provisions of the Law  Operator should take the appropriate security measures to ensure personal data protection against accidental or unauthorized access, alteration, destruction or dissemination.  Personal Data subject has an excusive right to decide whether to submit their personal data to an operator for processing  A documentary evidence of data subject’s agreement on their personal data processing should be in operator’s disposal  Data subject has a full authority to access their personal data stored within any operator’s information system.  The State creates a designated authority to ensure the data subject rights protection

5 Higher School of Economics - 20105 Affected Domains Business IT Individuals FinanceEducation Security

6 Higher School of Economics - 20106 Social Networking % Reach of Country’s Total Internet Audience * Research of Russian Social Media – 2010 // ROSE agency in cooperation with HeadHunters.ru, March – April 2010 http://cossa.ru/1130http://cossa.ru/1130 ** 2010 Social Networking Report // Experian Simmons, June 2010 http://www.experian.com/marketing-services/register-2010-social- networking-report.htmlhttp://www.experian.com/marketing-services/register-2010-social- networking-report.html *** Social Networking Has Banner Year in France, Growing 45 Percent // ComScore Press Release, February 2009 http://www.comscore.com/Press_Events/Press_Releases/2009/2/Social_Networking_France http://www.comscore.com/Press_Events/Press_Releases/2009/2/Social_Networking_France *** Steven Van Belleghem. Social Media around the world // InSites Consulting, Dec 2009 – Jan 2010 http://www.slideshare.net/stevenvanbelleghem/social-networks-around-the-world-2010

7 Higher School of Economics - 20107 Web Search for ‘Personal Data’ Blue: ‘персональные данные’, Region: Russia Grey: ‘personal data’, Region: Worldwide Source: http://www.google.com/insights/search/#http://www.google.com/insights/search/#

8 Higher School of Economics - 20108 Designated Authority for Protection of Personal Data Subject’s Rights is obliged:  to organize protection of the rights of subjects of personal data  to control that protection of personal data is in accordance with the requirements of the present Federal Law and other Federal Laws  to consider the complaints and applications of citizens or legal entities on questions connected with the processing of personal data  to keep the Register of Operators  to take measures aimed at improving protection of the rights of subjects of personal data;

9 Higher School of Economics - 20109 Number of Appeals from Personal Data Subjects Sources:  Roskomnadzor. Public summary report – 2009 //Ministry of Communications and Mass Communications of the Russian Federation, Federal Service for Supervision in the Sphere of Communications, Information Technology and Mass Communications http://rsoc.ru/docs/doc_530.pdfhttp://rsoc.ru/docs/doc_530.pdf  Report on the activities of Designated Authority for Protection of Personal Data Subject’s Rights in 2008 //Ministry of Communications and Mass Communications of the Russian Federation, Federal Service for Supervision in the Sphere of Communications, Information Technology and Mass Communications http://www.rsoc.ru/personal-data/reports/http://www.rsoc.ru/personal-data/reports/

10 Higher School of Economics - 201010 Operators of Personal Data – ‘Leaders’ by the Number of Complaints Source: Roskomnadzor. Public summary report – 2009 //Ministry of Communications and Mass Communications of the Russian Federation, Federal Service for Supervision in the Sphere of Communications, Information Technology and Mass Communications http://rsoc.ru/docs/doc_530.pdfhttp://rsoc.ru/docs/doc_530.pdf

11 Higher School of Economics - 201011 Appeals from ‘bad guys’  Tax-dodgers and debtors failing to pay rent can prosecute media that publish personal data

12 Higher School of Economics - 201012 Operator’s Responsibilities Within 3 days! Destroy the Personal Data Detection of inadequate personal data Detection of operator misconduct with regard to personal data Processing of personal data after the revocation of subject’s consent Eliminate the Violation Within 7 days Motivated Refusal Request from Personal Data Subject about the presence and contents of their data in Operator’s information system Detailed Response Within 10 days

13 Higher School of Economics - 201013 Violation of the Law  Civil, criminal, administrative and disciplinary liability of physical and legal entities  Penalty up to 500 000 RUR (~$17K)  Suspension of operator business activities for a period of up to 90 days  Arrest for a period of up to 6 months / corrective labor for a period of up to 1 year  Discharge / Revocation of the right to hold a position for a period of up to 5 years

14 Higher School of Economics - 201014 152-FZ in IT Industry Source: Personal Data in Russia – 2008 // Perimetrix Research Paper http://www.perimetrix.ru/downloads/rp/PMX_Personal_Data_2008.pdf http://www.perimetrix.ru/downloads/rp/PMX_Personal_Data_2008.pdf IT Staff and Management Awareness Influence on Personal Data Protection

15 Higher School of Economics - 201015 Justification of Investments in Security  “Up to 5% of IT budget in western companies is allocated to information security, while in Russia it is only 0.5%” [2008 ]  “If we used the same language with CFO to explain them why Information Security investments are important, we would be able to reach the 5% level of expenditures” Vladimir Mamykin Microsoft Director on information security at Microsoft Russian Federation

16 Higher School of Economics - 201016 Conclusions  The awareness of people about their rights for personal data has significantly improved  The State designated an authority to ensure the data subject rights protection  CSOs received a sound argument to justify investments into information security  Lawyers became involved in IT projects focused on personal data protection  The law acts as a powerful stimulus for the development of information security culture in Russia in accordance with international standards

17 Higher School of Economics - 201017 References  The Federal Law of the Russian Federation of 19 December 2005 No. 160-FZ On Ratifying the European Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data  Roskomnadzor. Public summary report – 2009 //Ministry of Communications and Mass Communications of the Russian Federation, Federal Service for Supervision in the Sphere of Communications, Information Technology and Mass Communications http://rsoc.ru/docs/doc_530.pdf http://rsoc.ru/docs/doc_530.pdf  Report on the activities of Designated Authority for Protection of Personal Data Subject’s Rights in 2008 //Ministry of Communications and Mass Communications of the Russian Federation, Federal Service for Supervision in the Sphere of Communications, Information Technology and Mass Communications http://www.rsoc.ru/personal-data/reports/http://www.rsoc.ru/personal-data/reports/  Portal on Personal Data // Designated Authority for Protection of Personal Data Subject’s Rights http://pd.rsoc.ru/  Research of Russian Social Media – 2010 // ROSE agency in cooperation with HeadHunters.ru, March – April 2010 http://cossa.ru/1130http://cossa.ru/1130  2010 Social Networking Report // Experian Simmons, June 2010 http://www.experian.com/marketing-services/register-2010-social-networking-report.html http://www.experian.com/marketing-services/register-2010-social-networking-report.html  Social Networking Has Banner Year in France, Growing 45 Percent // ComScore Press Release, February 2009 http://www.comscore.com/Press_Events/Press_Releases/2009/2/Social_Networking_France http://www.comscore.com/Press_Events/Press_Releases/2009/2/Social_Networking_France  Steven Van Belleghem. Social Media around the world // InSites Consulting, Dec 2009 – Jan 2010 http://www.slideshare.net/stevenvanbelleghem/social-networks-around-the-world-2010http://www.slideshare.net/stevenvanbelleghem/social-networks-around-the-world-2010  Personal Data in Russia – 2008 // Perimetrix Research Paper http://www.perimetrix.ru/downloads/rp/PMX_Personal_Data_2008.pdf http://www.perimetrix.ru/downloads/rp/PMX_Personal_Data_2008.pdf

18 asavelieva@hse.ru savdoshin@hse.ru Personal Data Protection in Russia: Trends of the Last Decade

Download ppt "Personal Data Protection in Russia: Trends of the Last Decade State University – Higher School of Economics, Russia Software Engineering Department Alexandra."

Similar presentations

CcTLD Meetings Rome 2004 WHOIS & Data Privacy Jean-Christophe Vignes Registry Liaison Manager.

CcTLD Meetings Rome 2004 WHOIS & Data Privacy Jean-Christophe Vignes Registry Liaison Manager.
Becoming Social: Developing social media policy for government Theresa A. Pardo, Ph.D. Bahrain International eGovernment Forum April 10, 2013 © 2011 The.

Becoming Social: Developing social media policy for government Theresa A. Pardo, Ph.D. Bahrain International eGovernment Forum April 10, 2013 © 2011 The.
Federal Budget Process Steve Kidd and Allison Boehm Budget and Program Analysis Staff April 2009.

Federal Budget Process Steve Kidd and Allison Boehm Budget and Program Analysis Staff April 2009.
Panel themes of the International Conference “Europe against Counterfeit Medicines” G.N. Gildeeva, Deputy head of the Department of Registration of Medicines.

Panel themes of the International Conference “Europe against Counterfeit Medicines” G.N. Gildeeva, Deputy head of the Department of Registration of Medicines.
6/1/2015MINISTRY OF ENERGY, COMMUNICATIONS AND MULTIMEDIA 1 PRESENTATION OF PERSONAL DATA PROTECTION BILL PRESENTATION OF PERSONAL DATA PROTECTION BILL.

6/1/2015MINISTRY OF ENERGY, COMMUNICATIONS AND MULTIMEDIA 1 PRESENTATION OF PERSONAL DATA PROTECTION BILL PRESENTATION OF PERSONAL DATA PROTECTION BILL.
Legal Issues and Export Controls Career-Ending Opportunities and Ways to Get Fitted for an Orange Jumpsuit David Lombard Harrison, Associate Vice President.

Legal Issues and Export Controls Career-Ending Opportunities and Ways to Get Fitted for an Orange Jumpsuit David Lombard Harrison, Associate Vice President.
EU Information and Publicity Policy 2007-2013 Claudia Salvi e Anna Claudia Abis Formez 8 May 2007.

EU Information and Publicity Policy Claudia Salvi e Anna Claudia Abis Formez 8 May 2007.
Workshop on registered electronic mail policies and implementation Ankara, 16-17 March 2015 Davide Mula REM country practice in legal infrastructure,

Workshop on registered electronic mail policies and implementation Ankara, March 2015 Davide Mula REM country practice in legal infrastructure,
Ministry for Economic Development of the Russian Federation March 2010 Oleg Pak, Head of the Department for State Regulation of the Economy Formation of.

Ministry for Economic Development of the Russian Federation March 2010 Oleg Pak, Head of the Department for State Regulation of the Economy Formation of.
SEMINAR NAIC/ASSAL/SVS REGULATION & SUPERVISION OF MARKET CONDUCT © 2014 National Association of Insurance Commissioners Complaint Handling.

SEMINAR NAIC/ASSAL/SVS REGULATION & SUPERVISION OF MARKET CONDUCT © 2014 National Association of Insurance Commissioners Complaint Handling.
HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.

HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.
1 China Internet Network Information Center ( CNNIC ) Administrative Practice of.CN Domain Names.

1 China Internet Network Information Center ( CNNIC ) Administrative Practice of.CN Domain Names.
Ministry of Industry, Trade & Labor Head of Section in Charge of Foreign Workers Rights at Work The Role of a Governmental Ombudsman In Charge of Foreign.

Ministry of Industry, Trade & Labor Head of Section in Charge of Foreign Workers Rights at Work The Role of a Governmental Ombudsman In Charge of Foreign.
Use of Electronic Digital Signature in the Russian Federation.

Use of Electronic Digital Signature in the Russian Federation.
Technical Regulating in the Russian Federation and Adoption into Its National Laws of the Global Technical Regulations Established under 1998 Agreement.

Technical Regulating in the Russian Federation and Adoption into Its National Laws of the Global Technical Regulations Established under 1998 Agreement.
Evgeny A. Gorbunov, General Director, Union of Aviation Industrialists

Evgeny A. Gorbunov, General Director, Union of Aviation Industrialists
COMMISSION FOR PERSONAL DATA PROTECTION 14 TH Meeting, CEEDPA 20-21 may, Kyiv LEGAL FRAMEWORK FOR DATA PROTECTION, COMPETENCES AND PRIORITIES OF THE COMMISSION.

COMMISSION FOR PERSONAL DATA PROTECTION 14 TH Meeting, CEEDPA may, Kyiv LEGAL FRAMEWORK FOR DATA PROTECTION, COMPETENCES AND PRIORITIES OF THE COMMISSION.
COMMISSION FOR PERSONAL DATA PROTECTION, BULGARIA Central Eastern Europe Data Protection Authorities (CEEDPA) 15 th Meeting, 10-12 th of April 2013, Belgrade.

COMMISSION FOR PERSONAL DATA PROTECTION, BULGARIA Central Eastern Europe Data Protection Authorities (CEEDPA) 15 th Meeting, th of April 2013, Belgrade.
Supporting Compliance: Effective Guidance and Advice to Business Giedrius Kadziauskas, Consultant, Inspection Reform and Better Regulation.

Supporting Compliance: Effective Guidance and Advice to Business Giedrius Kadziauskas, Consultant, Inspection Reform and Better Regulation.
1 When hate speech tangles privacy... When hate speech tangles privacy...

1 When hate speech tangles privacy... When hate speech tangles privacy...

Similar presentations

Ads by Google