In early March, the Association of Banks of Russia (ADB) approached the Ministry of Digital Development with a proposal to abandon the introduction of billing fines for information leakage in case of repeat offenses, writes Kommersant with reference to letters from the organization .
Join
In one of the letters, the Association describes the measure as discriminatory, since government institutions do not have a turnover and, therefore, it is impossible to charge them this fine, unlike commercial organizations. It follows that “the commission of the same crime implies different responsibility for the first and the second, which constitutes a violation of the constitutional principle of equality of all before the law and the courts,” underlines the ADB.
The association points out that leaks occur in both state and municipal institutions. Furthermore, the letter also clarifies that turnover fines “could have negative consequences for information security companies and the IT industry as a whole.”
Banks automatically interact with a number of file-sharing services, so in the event of a breach, “there is a high probability of infection or theft of data from other participants.” Taking into account current judicial practice, an administrative fine relates to actual damage, that is, recourse claims can be filed against the counterparty.
According to ADB acting president Alexei Voylukov, the conditions under which liability for leaks is significantly tightened for commercial organizations, while government agencies go virtually unpunished, are unfair. He is confident that it will be possible to abandon billing fines and “fix the range that is currently indicated by law: between 20 and 500 million rubles.”
In January, the State Duma approved in first reading bills on negotiable fines and criminal liability for the leakage of personal data. Those who decide to transfer Russian data abroad will face up to eight years in prison, and up to five years for those who decide to make money by selling this data.
In the current version, the penalties for leaks are as follows:
- data leak from 1 thousand to 10 thousand citizens: individuals – 100-200 thousand rubles, officials – 800 thousand-1 million rubles, legal entities – 3-5 million rubles.
- data leak from 10 thousand to 100 thousand citizens: individuals – 200-300 thousand rubles, officials – 1-1.5 million rubles, legal entities – 5-10 million rubles.
- data leakage of more than 100 thousand citizens: individuals – 300-400 thousand rubles, officials – 1.5-2 million rubles, legal entities – 10-15 million rubles.
In case of repeated violations, a turnover fine has been introduced in the amount of 0.1% to 3% of the calendar year’s income, but not less than 15 million rubles and not more than 500 million rubles.
Author:
Karina Pardaeva
Source: RB
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
