On June 1, 2017, new norms of the Code of Administrative Offenses of the Russian Federation (Article 13.11 of the Code of Administrative Offenses of the Russian Federation in a new version) will go into effect which increase the liability for violations of laws protecting personal data.
The current version of Art. 13.11 provides for a fine for the relevant violations imposed on officials - from 500 to 1,000 rubles and on legal entities - from 5,000 to 10,000 rubles.
From June 1, 2017, the number of offenses has been significantly expanded. Specifically, additional violations include:
- the illegal processing of personal data, or the processing of personal data not in conformity with the purpose of its collection;
- the processing of personal data without the written consent of the individual (when such consent is necessary);
- the absence or non-fulfillment of the obligation to publish a policy for the processing of personal data;
- the failure of the operator to fulfill the obligation to ensure the safety of personal data stored on physical media (if this contributed to the unauthorized access to personal data).
Additionally, Article 13.11 of the Code of Administrative Offenses of the Russian Federation in the new edition will increase the penalties for these violations:
- for officials - up to 20,000 rubles;
- for individual entrepreneurs - up to 20,000 rubles;
for legal entities - up to 70 000 rubles.
FOR MORE INFORMATION PLEASE CONTACT: