Kwatanta hanyoyin da ayyuka don kariyar bayanan sirri a Rasha da EU
A haƙiƙa, tare da duk wani aiki da mai amfani ya yi akan Intanet, ana sarrafa bayanan sirrin mai amfani ta wata hanya ko wata.
Ba ma biyan kuɗi don yawancin ayyukan da muke karɓa akan layi: neman bayanai, imel, adana bayananmu a cikin gajimare, sadarwa akan hanyoyin sadarwar zamantakewa, da sauransu. Koyaya, waɗannan ayyukan kyauta ne kawai: muna biyan su tare da bayananmu, waɗanda waɗannan kamfanoni suka zama kuɗi, galibi ta hanyar talla.
A halin yanzu, bayanai kan jinsi, shekaru da wurin zama, tarihin bincike -
Bayanan sirri shine tushen masana'antar talla ta kan layi, wanda ya kai biliyoyin daloli da Yuro. A bisa doka, bayanan sirri ana ɗaukar jarin kasuwanci. Saboda haka, kamfanoni suna kashe ƙoƙari da albarkatu don samun da sarrafa bayanan sirri. Binciken da aka gudanar a cikin 2018 ya nuna cewa masu amfani, yayin da suke gane darajar bayanansu na sirri, suna ƙara rashin gamsuwa da yadda kamfanoni ke sarrafa shi.
Dokokin amfani da bayanan mai amfani har yanzu ba a haɓaka ba kuma baya bayan ci gaban fasaha ba kawai a cikin Rasha ba har ma a duniya. Saboda haka, ma'auni na mabukaci da kamfanoni a cikin tsarin "kudi-aiki-bayanai-kudi" a halin yanzu ana kafa shi duka ta hanyar masu gudanarwa da kuma ta hanyar yarjejeniyar da ba a bayyana ba tsakanin al'umma da kamfanoni. Masu gudanarwa suna iyakance iyawar kamfanonin IT da fadada haƙƙoƙin masu amfani, suna gabatar da sabbin dokoki waɗanda ke ba masu amfani iko mafi girma akan bayanan da suke bayarwa.
Yana da ban sha'awa a kwatanta hanyoyin da masu mulki ke bi a ƙasashen Turai da Rasha. A cikin Rasha, manyan ƙa'idodin da ke kula da sarrafa bayanan sirri sune Dokar Tarayya kan Kariyar bayanan sirri (152-FZ) da Code of Administrative Offences, wanda kai tsaye ya kafa takamaiman tarar don keta hanyoyin sarrafa bayanan sirri. Tarar gwamnati ta karu sosai tun daga ranar 1 ga Yuli, 2017. Bugu da ƙari kuma, an kafa sabbin tarar dangane da irin laifin da aka aikata. Don haka, ana iya cin tarar jami'ai daga 3000 zuwa 20,000 rubles, kowane ɗan kasuwa daga 5000 zuwa 20,000 rubles, da ƙungiyoyi daga 15,000 zuwa 75,000 rubles. Bugu da ƙari, ana iya ɗaukar alhakin laifuka daban-daban. Saboda haka, kamfani guda na iya fuskantar tara daban-daban na cin zarafi daban-daban. Koyaya, ana ba da abin alhaki musamman don gazawar cika buƙatu na yau da kullun, misali, idan takaddun da suka dace sun ɓace. Wannan ba koyaushe yana da alaƙa kai tsaye da ainihin kariyar bayanai ba. Misali, zubewa a kanta ba dalili bane na tara sai dai idan an keta wasu dokoki. Abin sha'awa, wani gagarumin adadin gano take hakki a cikin yankin na sirri data handling fall a karkashin Mataki na ashirin da 19.7 na Code of Administrative Laifukan na Tarayyar Rasha: "Rashin sallama ko marigayi biyayya ga gwamnati hukumar (Roskomnadzor) na bayanai (bayanai) da ake bukata da doka da kuma zama dole ga hukumar don gudanar da ta halal ayyukan." Abin sha'awa shine, ba'a ba da hukunci mafi girma ba don ƙetare hanya don sarrafa bayanan sirri (kamar yadda muka gani a sama, wannan yana da nauyin 30,000-50,000 rubles), amma don gazawar samar da (jinkirta ko bai cika) bayani game da hanyar sarrafa bayanan sirri zuwa Roskomnadzor, wanda ke ɗaukar tarar har zuwa 200.000 rubles. A wasu kalmomi, a cikin dokokin Rasha da aikace-aikacensa, yanayin da ake ciki shine "babban abu shi ne cewa kwat da wando ya dace" kuma ana biyan bukatun hukumomin gwamnati na rahotanni daban-daban. Haƙiƙanin haƙƙin masu amfani da amincin bayanan keɓaɓɓen su akan layi ba su da kariya mara kyau. Girman tara tara ba ya daidaita ta kowace hanya da girman fa'idar da wasu kamfanoni ke samu ta hanyar keta bayanan sirri a Intanet kuma baya ƙarfafa bin waɗannan ka'idoji.
Halin da ke cikin EU ya ɗan bambanta. Tun daga Mayu 2018, ana sarrafa sarrafa bayanan sirri a Turai ta ka'idodin sarrafa bayanan sirri da aka kafa ta Babban Dokar Kariyar Bayanai (Dokokin EU 2016/679 GDPR (Dokar Kariya ta Gabaɗaya) ta Afrilu 27, 2016, tana aiki kai tsaye a duk ƙasashen EU 28. Yana ba mazauna EU cikakken iko akan bayanan sirrinsu. A ƙarƙashin GDPR, yawancin 'yan ƙasa na EU da mazauna suna da faffadan haƙƙoƙi don sarrafa bayanan sirrinsu. Masu amfani da Turai suna da hakkin su nemi tabbaci game da sarrafa bayanansu, wurin da manufar sarrafa su, nau'ikan bayanan da aka sarrafa, ɓangarori na uku waɗanda ake bayyana bayanan sirri, lokacin da za a sarrafa bayanan, da kuma fayyace tushen bayanan sirri na ƙungiyar da neman gyara. Bugu da ƙari, masu amfani suna da 'yancin neman a daina sarrafa bayanan su.
Tun daga watan Mayun 2018, hukuncin keta dokokin sarrafa bayanan sirri ya kasance cikin nau'in tara: a ƙarƙashin GDPR, tarar za ta iya kaiwa Yuro miliyan 20 (kimanin 1,5 biliyan rubles) ko 4% na kudaden shiga na shekara-shekara na kamfani.
Abu mafi mahimmanci shine duk wannan yana aiki: kamfanonin da suka karya haƙƙin masu amfani za a hukunta su, kuma tare da manyan hukunci. Misali, a ranar 21 ga Janairu, 2019, Hukumar Kula da Bayanai da Haƙƙoƙin Bil Adama ta Faransa (CNIL) ta ci kamfanin Amurka na GOOGLE LLC tarar Yuro miliyan 50 saboda keta GDPR. Tarar tana da girma sosai, wanda a bayyane yake nuna sakamakon rashin bin ƙa'idodin GDPR. Menene hukuncin? Hukumar Faransa ta yanke hukuncin cewa saitin farko na na'urar hannu akan tsarin aiki Android (Google) ba ya bai wa masu amfani cikakken bayani game da abin da Google ke yi da bayanan sirrinsu. Kamfanin ya gaza cika wajibcinsa na tabbatar da gaskiya a wajen sarrafa bayanan sirri da kuma sanar da mutane (Labarai na 12 da 13 na GDPR). Lokacin riƙe bayanan mai amfani ba a tsara shi da kyau ba. Kamfanin bai da tushen doka da ya dace don sarrafa bayanansa (Labarai na 6 na GDPR). An kuma zargi Google da samun izinin masu amfani ba daidai ba don sarrafa bayanansu don keɓance talla.
Wasu misalan: mai gudanarwa na Jamus LfDI ya ci tarar ƙa'idar taɗi ta Knuddels Yuro 20.000. An zargi Asibitin Bareiro na Portugal da yin amfani da damar samun bayanan sirri da bai dace ba (tarar Yuro 300) da keta amincin bayanai da amincin (wani € 100). Hukumomin Burtaniya sun ba da gargadi ga wani kamfani na nazarin Kanada. An umarci kamfanin da ya daina sarrafa bayanan ‘yan kasar ko kuma ya fuskanci tarar Yuro miliyan 20. An ci tarar kamfanin tallan dijital na Kanada da kamfanin haɓaka software AggregateIQ Yuro miliyan 17000000. An ci tarar wani cafe a Ostiriya Yuro 5280 saboda sa ido kan bidiyo ba bisa ka'ida ba (kyamar ta dauki wani bangare na gefen titi). Don haka, duk wata ƙungiya da GDPR ke rufewa bai kamata ba, kamar yadda ake yi a al'adance, ta iyakance kanta ga haɓaka takaddun tsari kawai.
Ba zato ba tsammani, GDPR na musamman ne ta yadda ya shafi duk kamfanoni masu sarrafa bayanan jama'a na mazauna EU da 'yan ƙasa, ba tare da la'akari da wurin da kamfanin yake ba. Don haka, ya kamata kamfanonin Rasha su mai da hankali sosai ga wannan Dokar idan ayyukansu suna nufin kasuwar Turai.
source: www.habr.com
