Member Article

The Federation Council clarified how the Russian Digital Code will look like

Work on the ****Digital Code****, which will become the basis for legal regulation of relations in the field of ****information**** and ****digital technologies****, will take at least another ****year****, and a significant part of the future document is planned to be devoted to the protection of ****personal**** and ****biometric data****.

The structure of the Code reflects two parts – ****general**** and ****special****:

• the general part will list the basic concepts, terms, principles, subjects and objects of law, that is, all that is called the ****conceptual apparatus****;

• in a special part – specific types of state and social institutions, types of legal relations and ways of their regulation.

Separately, the Federation Council noted that the special part involves three large sections: issues of ****communication****, ****information**** and ****personal data protection****.

We recommend that employers monitor the development and adoption of the code, as it can have a direct impact on digitized HR processes in companies.

Participants of JSC and LLC at online meetings will be identified by electronic signatures or biometric personal data

Draft amendments to the ****laws on JSC and LLC**** have been prepared for the second reading in the ****government bill**** (No. 103501-8). Initially this document was devoted to another issue: it provided for the possibility of the JSC to suspend the sending of ****correspondence**** and payment of ****dividends**** to ****shareholders**** who have not ****contacted the company for more than two years**** (the so-called ****lost shareholders****).

It is proposed to use a choice of five options when identifying a participant in online meeting: enhanced qualified electronic signature, enhanced unqualified electronic signature, personal data from the ****Unified Identification and Authentication System**** (ESIA), as well as information from the ****Unified Biometric System**** (EBS).

At the same time, ****non-public JSC**** will be able to deviate from the rules set out: specify in the charters other ways to ****reliably identify persons**** taking online participation in the meeting and ways to sign ballots.

The bill also regulates the general rules for online meetings. For example, such a format should provide for ****broadcasting****, and the company is obliged to ****keep a record**** of it. If there are significant ****technical problems**** that make it impossible to hold a meeting, the vote is declared ****invalid****.

Question

Should the Data Protection Officer (DPO) be directly subordinate to the General director?Should the Data Protection Officer (DPO) be directly subordinate to the General director?

Answer from Roskomnadzor

The DPO receives instructions directly from the ****executive body**** of the organization that is the data controller and is accountable to it.The DPO receives instructions directly from the executive body of the organization that is the data controller and is ****accountable to it****.

 

Link to article