The law of the Russian Federation on personal data has been applied for five years already and it is obvious that the law’s current wording cannot help to gain its primary objective – to protect the rights and freedoms of citizens when their personal data is processed, including the right to privacy, to personal and family secrets.
The law defines formalities for all operators and along with the Administrative Violations Code provides for equal responsibility both for a company disclosed personal data of million people and for a company avoiding such incidents but ignoring any obligatory formality – either of public policy or of the use of certified information security tools. The law is not applicable to digital world or ecommerce, in everyday life or when performing almost any action for the benefit of third parties (for example, when buying an aircraft ticket for family members or friends, or calling a doctor by phone).
The reporter will analyze the law’s system problems and offer ways of its radical change.
Mikhail Emelyannikov is a well-known Russian information security expert.
He graduated from the Technical Department of the Higher School of the KGB of the USSR; from 1977 to 1998 served in the General Staff of the Armed Forces of the USSR and the Russian Federation (the latest position is the Deputy Head of the Directorate). He was responsible for information security in Svyazinvest from 1999 to 2006, held the position of the Business Development Director in Informzaschita from 2007 to 2011
In 2011 together with one of the the most successful managers in the fieald of information security teaching, Zoya Popova, he formed a consulting agency named Emelyannikov, Popova and Partners. He is a member of the Advisory Board of the Association of Russian Banks. He has developed a training course in issues of commercial secret and personal data mode, published more than 200 works related to information security in business and specialized publications.
Personal blog: http://emeliyannikov.blogspot.com.