Friend
Professional
- Messages
- 2,653
- Reaction score
- 850
- Points
- 113
The initiative offers data processing technologies and privacy risk assessments.
The Big Data Association (DBA), which includes Sberbank, Yandex, VK and other companies, is discussing with the FSTEC of Russia measures to reduce the risks of "depersonalization in the processing of personal data." This is stated in the report of the relevant FSTEC Committee on Information Protection for August. The document indicates that the ABD sent proposals to the committee to create preliminary national standards for "increasing the confidentiality" of data.
As specified in the ABD, the organization proposes to fix the technologies for processing and exchanging data, as well as a description of each class of technologies and approaches to risk assessment. Depersonalization risks are understood as the possibility of obtaining personal information from an anonymized data set. Examples include the risks of matching data or identifying a person based on unique characteristics. The developed risk assessment model from the DBA allows you to take into account all these threats.
The FSTEC of Russia refrained from commenting on the initiative of the ABD. At the same time, the ANO Digital Economy (an association of representatives of government agencies and businesses on digital regulation, which includes the Ministry of Digital Development, Sberbank, Russian Post and others) emphasizes the importance of the issues under discussion, since the regulations governing the methods of data depersonalization must be developed in accordance with the federal law on personal data, signed on August 8.
Federal Law No. 233 of August 8, which amends the law "On Personal Data", establishes new rules for the depersonalization, processing and circulation of personal data. According to this law, data operators will be required, at the request of the Ministry of Digital Development, to depersonalize the processed data and transfer them to the state information system. In turn, the Ministry of Digital Transformation will be responsible for ensuring the confidentiality of this data (the requirement will come into force on August 1, 2025). The requirements, methods and procedure for the anonymization and transfer of data should be defined in separate by-laws. During the second reading of the bill, questions about data privacy were raised. It was noted that it was conceived to transfer data by government agencies to developers of AI solutions, and not business to the state.
The Ministry of Digital Development stressed that when depersonalizing data within the framework of the law, the possibility of establishing the identity of a person is excluded. With this data, government agencies will be able to make more informed and effective decisions.
Source
The Big Data Association (DBA), which includes Sberbank, Yandex, VK and other companies, is discussing with the FSTEC of Russia measures to reduce the risks of "depersonalization in the processing of personal data." This is stated in the report of the relevant FSTEC Committee on Information Protection for August. The document indicates that the ABD sent proposals to the committee to create preliminary national standards for "increasing the confidentiality" of data.
As specified in the ABD, the organization proposes to fix the technologies for processing and exchanging data, as well as a description of each class of technologies and approaches to risk assessment. Depersonalization risks are understood as the possibility of obtaining personal information from an anonymized data set. Examples include the risks of matching data or identifying a person based on unique characteristics. The developed risk assessment model from the DBA allows you to take into account all these threats.
The FSTEC of Russia refrained from commenting on the initiative of the ABD. At the same time, the ANO Digital Economy (an association of representatives of government agencies and businesses on digital regulation, which includes the Ministry of Digital Development, Sberbank, Russian Post and others) emphasizes the importance of the issues under discussion, since the regulations governing the methods of data depersonalization must be developed in accordance with the federal law on personal data, signed on August 8.
Federal Law No. 233 of August 8, which amends the law "On Personal Data", establishes new rules for the depersonalization, processing and circulation of personal data. According to this law, data operators will be required, at the request of the Ministry of Digital Development, to depersonalize the processed data and transfer them to the state information system. In turn, the Ministry of Digital Transformation will be responsible for ensuring the confidentiality of this data (the requirement will come into force on August 1, 2025). The requirements, methods and procedure for the anonymization and transfer of data should be defined in separate by-laws. During the second reading of the bill, questions about data privacy were raised. It was noted that it was conceived to transfer data by government agencies to developers of AI solutions, and not business to the state.
The Ministry of Digital Development stressed that when depersonalizing data within the framework of the law, the possibility of establishing the identity of a person is excluded. With this data, government agencies will be able to make more informed and effective decisions.
Source
