Deputies from the United Russia party introduced several bills to the State Duma, according to which it is proposed to tighten penalties for leaks of personal data up to hundreds of millions of rubles. This was announced on November 4 by Andrei Turchak, Deputy Secretary of the General Council of the political force.
“In some cases, liability will be expressed in tens and hundreds of millions of rubles. For data thieves – up to 10 years in prison,” he wrote in his Telegram channel.
Turchak noted that the liability measures that are currently in effect “stimulate few people.” In this regard, there are currently about 20 thousand types of databases with similar data circulating on the black market.
“They contain information about approximately 80% of the Russian population. According to the most conservative estimates, the damage from leaks last year alone amounted to about 8 billion rubles,” he noted.
The United Russia party is introducing amendments to the Code of Administrative Offenses and the Criminal Code of the Russian Federation on behalf of Russian President Vladimir Putin. Turchak also added that the fines will be even harsher if the most sensitive data, such as medical information, is leaked. In such cases, the fines for officials will range from 800 thousand to 2 million rubles, and for legal entities – 3–15 million. In the event of a repeated violation, the organization can already pay hundreds of millions of rubles, depending on the company’s revenue.
A separate point of the bill is the export of Russian citizens’ data abroad for sale or transfer. It is proposed to punish this violation with imprisonment for a term of up to 8 years.
Earlier, on November 8, a source in the Cabinet of Ministers told Izvestia that Russia would tighten liability for the illegal processing of personal data. Such changes to the Code of Administrative Offenses were supported by the government commission on legislative activities. it was noted that the punishment for violation would be up to 15 thousand rubles for citizens (instead of the current 6-10 thousand), for officials – up to 300 thousand (instead of 20-40 thousand), for legal entities – up to 500 thousand (instead of 30–150 thousand).
Prior to this, on October 16, lawyer, expert of the educational platform Moscow Digital School (part of Ultimate Education) Efim Kazantsev, in a conversation with Izvestia, called for the creation of a single program to improve digital literacy in Russia. He noted that Russia does not have a separate regulatory act dedicated to improving the literacy of citizens in the field of protecting their personal data. It is believed that citizens themselves must be vigilant and resist attackers trying to steal their personal data, but statistics show that they are not very successful in this fight.