It is necessary to educate Russian citizens on data loss prevention tools. That is the conclusion drawn by the participants of the roundtable "Data as a New Currency. Who Stands to Gain from Data Breaches?", which was held at the Analytical Center on August 8.
The acting head of the Analytical Center, Vladislav Onischenko, stressed that today the state cannot protect citizens' personal data, but can provide them with tools for cyber self-defense.
"The authorities have already taken a number of measures to improve online safety — authorized biometric identification in the financial sector, i.e. systems with retina, voice, and other types of biometric recognition. For example, an experiment with voice recognition of a taxpayer has recently been held at the Federal Tax Service. Such high protection measures are employed by banks now. This is the future that the state creates," Onishchenko said.
Anton Karpov, Chief Information Security Officer at Yandex, said that low digital literacy made a million Internet users victims of data breaches. "Users need to know how to manage their data and what information is being collected by web services. We need to properly educate them on data loss protection tools," argues Karpov.
Deputy Head of the Information Technology Department Alexander Gorbatko stressed out that, due to the development of the Internet, modern people live public lives. "Data is the value that can be capitalized. However, these days, everyone leaves their digital footprints by using various gadgets," he noted.
According to Dmitry Komissarov, CEO of New Cloud Technologies LLC, data from such devices as fitness trackers do not fall under regulation. "We focus on traditional information and do not pay attention to digital data. We should try to run ahead, raise the issue of digital footprints and of the data that is automatically uploaded to the cloud," Komissarov called his colleagues to action.
Sergey Lebedev, Head of GR at Alibaba, stressed that there is nothing bad in exchanging customer data between the companies of a holding, as this is necessary for the development of services. "No self-respecting company wants data leaks since it poses direct risks. Users and big data are the main assets of companies," he added.
This idea was supported by Maxim Yeremenko, Director of the Center for Data Research Competence Management and Development at Sberbank. "Corporations see data as one of their resources, and the thesis that data is the new petroleum is supported at least by the TOP 10 companies," he said.
Igor Kalganov, Head of Information Projects at PJSC MegaFon, Igor Kalganov, at the same time noted that the state's attempt to regulate data often turns into a set of formalities. "The main thing that the state should do is not to impose new restrictions, but to remove barriers in normative documents," Kalganov said.
Gazprombank Representatives, Head of Data Analysis and Modeling Denis Surzhko and Head of IT Innovations Ekaterina Frolovicheva, proposed to create a single digital customer profile and introduce an ombudsman institution, which will act as an arbitrator between platforms and residents.
Summing up the results and conclusions of the roundtable, Alexey Sokolov, Deputy Minister of Digital Development, Communications and Mass Media of the Russian Federation, admitted that it is law-abiding citizens and companies who suffer from data breaches. "In one instance, the loser is the owner of an OS, who could be the personal data operator that did not provide the necessary level of security and did not prevent the data leakage to third parties. Alternatively, the loser is a citizen whose data were revealed without their consent. The winner is the one who will profit from using these data. Here, the introduction of a certain order of actions is possible," he concluded.