Y
Y
Your Comrade2016-04-02 18:52:08
Computer networks
Your Comrade, 2016-04-02 18:52:08

Is it legal for the provider to provide data about the user to law enforcement agencies after the withdrawal of the processing of personal data?

Is the information obtained from the data provider about the user obtained during operational-search activities after the user revokes the right to process personal data?
The provider, at the request of law enforcement authorities, issues information about users, but this applies if the right to process is revoked.
Illegally obtained information cannot be evidence in court, right?

Answer the question

In order to leave comments, you need to log in

6 answer(s)
N
nirvimel, 2016-04-03
@nirvimel

The provider, at the request of law enforcement agencies, issues information about users.

There is nothing similar in the Russian Federation: no requests, no headaches for providers regarding their execution. Everything here is much simpler and more elegant: in order to obtain a license for the corresponding type of activity, the provider buys SORM equipment for his own money, installs it as a gateway (all traffic goes through it), they seal this equipment so that he himself cannot dig there. Further automatic, no official requests, no paperwork, no bureaucracy. Inside the SORM itself, any information is available to employees with one click, without a statute of limitations (keeping a full traffic log, of course, is limited by technical capabilities, but metadata is stored almost forever). List of faces (does it exist at all),
Everyone in the department laughed. Believe me, no one will strain to collect any evidence, the person will provide all the evidence himself as soon as he is in the department (do you doubt? Have you been there yourself?). There is only one problem - to find the right person. SORM exists to solve this problem.

V
Vasily, 2016-04-02
@Foolleren

"operational-search" is such that even a search in some cases can be carried out without the permission of the court, and even personal data from the provider does not cost anything.
But if you have a practical interest, then in your particular case, a cunning lawyer can help you dodge.

G
gimntut, 2016-04-02
@gimntut

I don't know how it is with providers. Therefore, I can speak for myself. If I had to delete personal information from the current database, then I would easily do it, but there are backups for a sufficient period of time, naturally readonly. In response to an official request, most likely the authorities would not have received information, because. a simple operator does not know whether a person was or was not, but he is not in the database. But if the investigator came to me, because the case is "murder." Then maybe I could help him. And in this case, the law is not on my side.
In my case, we have no financial obligations with clients. Another thing is when a client asks to delete PD data, but has financial obligations. How, then, to comply with the letter of the law?
Russian providers, as far as I follow the law, have an obligation to keep a history of all transactions for several years. This is in principle not contrary to the law on PD. And if the provider provides this history with reference to a specific geographical point, for example, to an address, then there is no violation of the law. Even if the authorities have independently associated the address with you personally. It all depends on what was in the request from the authorities. If information about the address or IP address was requested, then obtaining information from the provider is very legal, but if data was requested by full name, then there is already a big question.
Everything written above is my IMHO. I have no practical experience.

B
BBmike, 2016-04-02
@BBmike

Why are they illegally obtained?
Or do you think that, in addition to your right to prohibit processing, there is no obligation for the operator to store and process emnip data for 6 months after the SORM session?

A
Andrew, 2016-04-02
@OLS

The operator (and law enforcement agencies) have the right to process personal data not only with consent, but also in cases stipulated by federal law (Article 6, Part 1, Clause 2) or by a court decision (Article 6, Part 1, Clause 2). .3). Next, you need to read the legislation on the OSA.

D
Diman89, 2016-04-03
@Diman89

another point:
in the contract with the provider, you provide him with your personal data and allow their processing
if the permission is revoked, the pr does not have the right to provide services to you -> the contract with you is terminated
at the time of the request for information, the pr provides them for the time when the permission from the pr was

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question