Gave boots, took boots
In connection with the conflict in Ukraine and the increasing level of discrimination against Russians, there is a possibility of deliberate interception of personal data of citizens of the Russian Federation by foreign internet companies. This was told socialbites.ca by the Deputy Director General of Aladdin RD. (Russian developer of security and confidential data protection) Alexey Sabanov.
“There has been a real uncompromising cyberwarfare being felt by our government agencies and big banks since the end of February. And in war, as you know, all means are good … Therefore, if the situational use of personal data is justified, there is no doubt that it will be compromised, ”the author said.
According to him, the personal data of Russians can be used in different ways – from hacker attacks to taking money from Russian accounts and blackmailing officials traveling abroad with their lovers or mistresses.
A similar view is shared by Alexei Parfentiev, head of analytics at SearchInform (a Russian company that develops anti-leak software). However, if this happens, then it is only on the initiative of an ordinary employee of a foreign company, and not his management.
“It should be understood that the administration of the services is carried out by real people who can sharply and even exaggerately perceive geopolitical events. That is, the evacuation can occur not because of the official position of the IT service, but on an individual initiative, ”explained the expert.
On the other hand, Roman Yankovsky, a member of the Legal Support Commission of the Digital Economy of the Moscow Branch of the Russian Bar Association, considers such a scenario unlikely. According to him, the legislation of foreign countries is responsible for leaking personal data, regardless of whose citizens’ data is compromised.
“Probably only leaks from Ukrainian services are permissible, but most of them are not,” said the expert.
Developing a draft law that will include the regulation on the cross-border transfer of personal data, declaration Alexander Khinshtein, Deputy of the State Duma of the Russian Federation.
risk area
Experts note that it is almost impossible to determine on your own exactly where the data is processed by one or another Internet service. Therefore, there is no universal way to determine risk for every online platform.
“It is nearly impossible for you to understand 100% on your own. “We can only examine the platform’s documentation and hope they contain real information,” Yankovsky said.
In contrast, Anatoly Kuryumov, CEO of Raketa, a digital platform for organizing business trips and managing expenses, said that Russians’ data is likely to be stored and processed abroad by all foreign companies operating in the Russian Federation.
“You can make a request via the feedback form or official mail to understand exactly where they are stored. By law, the company has to make a statement to you,” he advised.
One way or another, most experts are inclined to believe that, in the context of the issue under discussion, users of entertainment services are primarily at risk.
“Many Russians like music streaming apps, online cinemas, etc. It uses all kinds of foreign entertainment services such as These companies collect personal data of large numbers of Russian users in this way,” explained Irina Zinovkina, Consulting Director of the InfoWatch group of companies (a Russian company specializing in multi-disciplinary information security in the corporate sector).
Parfentiev from SearchInform, in turn, selected a group of the most unreliable services. These include products from obscure companies that employ activist workers.
How to be
All the experts socialbites.ca spoke to are in solidarity with the fact that Russia needs to improve its control over cross-border data transfer.
“Any transfer of personal data should not occur in an uncontrolled manner, especially when it comes to transfers outside the Russian Federation. It is important to understand that the data is transferred in accordance with the stated purpose and volume – therefore, in our opinion, cross-border transmission should be particularly strictly regulated, ”said InfoWatch’s Zinovkina.
However, some experts believe that this is extremely difficult and radical measures will not be without results. For example, Roman Yankovsky believes that a number of companies will leave the Russian market instead of complying with the extraordinary requirements of Russian legislation.
“However, it is still important to control cross-border data transfer. Otherwise, the platforms will process data where the law requires minimum obligations,” he said.
In contrast, Alexei Sabanov from Aladdin RD. He believes that data from Russia should only be transmitted in encrypted form, and the information should be encrypted with Russian keys. According to him, this will not only increase security, but also increase Russian confidence in digitalization in general.
Source: Gazeta
