The National Council of the Financial Market (NSFR) sent a letter to the Ministry of Digital Development with proposals to finalize the bill adopted on May 24 in the first reading, which tightens control over the circulation of personal data of Russians. The proposals are aimed at eliminating “excessive administrative burden on personal data operators,” Kommersant writes.
In particular, based on the text of the bill, the operator “is obliged to notify the authorized body” only of his intention to carry out cross-border transfer of personal data, that is, before their transfer. As Andrey Yemelin, head of the NSFR, explained to Kommersant, this means that practically any action of any person that leads to the cross-border transfer of any personal data will require a prior written notification of Roskomnadzor indicating eight types of information.
This will apply to any transfer of money abroad, since the sender’s personal data is transferred to the recipient. According to the Bank of Russia, almost 110 million money transfers were sent from Russia last year, which would correspond to about 300,000 messages to Roskomnadzor per day.
The letter from the National Financial Markets Service notes that these rules “substantially restrict the provision of financial services (for example, settlement operations, transactions in financial markets) and the implementation of internal control procedures, corporate governance and control in relation to companies located abroad that require cross-border transfer of personal data… and in other areas.”
The Ministry of Digital Development promised to work out all the proposals and comments when preparing the bill for the second reading.