The Ministry of Economic Development proposed to reduce fines for the leakage of personal data

Short description

Summarize this content to 100 words The Ministry of Economic Development has proposed to reduce fines for companies for leaking personal data, as the proposed penalty is “unreasonably high”. This is stated in the retraction of the ministry sent to the government and the Ministry of Justice, writes RBC. The document emphasizes that the increase in fines by 100 or more times requires additional justification.At the end of July, senators and deputies sent a draft law to Prime Minister Mykhailo Mishustin, in which they proposed to increase fines for leaking personal data. According to the document, if the leak concerns from 1,000 to 10,000 citizens, the fine for legal entities will be from 3 million to 5 million rubles; for data leakage from 10,000 to 100,000 subjects – from 5 million to 10 million rubles; more than 100 thousand – from 10 million to 15 million rubles.For a repeated violation for any amount of discredited information from 1,000 subjects, a fine of 0.1 to 3% of revenue for the calendar year preceding the violation or for part of the current year, but not less than 15 million and not more than 500 million rubles.It follows from Minek’s retraction that the amount of fines should be assessed in relation to the possibility of their implementation. In addition, the review offers:substantiate the proposal not to differentiate depending on the degree of damage the amount of the fine for the leakage of personal data of a special category and biometric data;review the proposal to introduce the same administrative responsibility for individual entrepreneurs as for legal entities;provide for the possibility of mitigating administrative liability for companies that voluntarily paid compensation to victims of leaks, etc.Earlier, AKIT sent proposals to the Ministry of Finance regarding changes to the draft law under discussion. According to the business version, recoverable fines should be applied only to those operators who repeatedly leaked data of more than 1 million users.

The Ministry of Economic Development proposed to reduce fines for the leakage of personal data

The Ministry of Economic Development has proposed to reduce fines for companies for leaking personal data, as the proposed penalty is “unreasonably high”. This is stated in the retraction of the ministry sent to the government and the Ministry of Justice, writes RBC.

The document emphasizes that the increase in fines by 100 or more times requires additional justification.

At the end of July, senators and deputies sent a draft law to Prime Minister Mykhailo Mishustin, in which they proposed to increase fines for leaking personal data. According to the document, if the leak concerns from 1,000 to 10,000 citizens, the fine for legal entities will be from 3 million to 5 million rubles; for data leakage from 10,000 to 100,000 subjects – from 5 million to 10 million rubles; more than 100 thousand – from 10 million to 15 million rubles.

For a repeated violation for any amount of discredited information from 1,000 subjects, a fine of 0.1 to 3% of revenue for the calendar year preceding the violation or for part of the current year, but not less than 15 million and not more than 500 million rubles.

It follows from Minek’s retraction that the amount of fines should be assessed in relation to the possibility of their implementation. In addition, the review offers:

  • substantiate the proposal not to differentiate depending on the degree of damage the amount of the fine for the leakage of personal data of a special category and biometric data;

  • review the proposal to introduce the same administrative responsibility for individual entrepreneurs as for legal entities;

  • provide for the possibility of mitigating administrative liability for companies that voluntarily paid compensation to victims of leaks, etc.

Earlier, AKIT sent proposals to the Ministry of Finance regarding changes to the draft law under discussion. According to the business version, recoverable fines should be applied only to those operators who repeatedly leaked data of more than 1 million users.

Related posts