You're reading: LIOU asks president to veto amendments to law on personal data protection

The League of Insurance Organizations of Ukraine (LIOU) has asked the president to veto a law on adopted on October 2, 2012 "On amendments to the law on personal data protection," which it said unreasonably extends the powers of the State Service of Ukraine on Personal Data Protection.

According to a press release from LIOU, the state body on the protection of personal data is commissioned to fulfill technical regulation in personal data protection, elaborate the standards and the demands for the protection of personal data in information and telecommunication systems, and assess the conformity of protection systems to the information these systems contain.

However, according to the LIOU, the regulation cannot be a tool for the additional protection of personal data during processing. Moreover, the introduction of such a regulation will cause extra pressure and financial expenses of business entities if they meet all of the demands of the law “On the protection of the personal data”, and will not protect human rights.

“We think the adoption of this law in such wording, despite numerous plus points, contains serious obstacles to entrepreneurship in Ukraine, creating a serious threat of the appearance of unreasonable additional financial and organizational expenses for businesses, as well as contradicting international standards regarding personal data protection, and the norms of the Ukrainian legislation,” the LIOU letter read.

What’s more, according to the league, the Convention of the Council of Europe on the Protection of People of Automatic Personal Data Protection , and the Directive of the European Parliament and Council “On the Protection of Individuals Processing Personal Data, and The Free Transfer of Data” contains a minimal list of requirements for the collection and processing of the personal data. According to the document, the owner of the database is free to choose means and methods of processing and collecting personal data, and he is not obliged to make the processing of personal data match any standards or technical regulations.

Moreover, the introduction in Ukraine of new authorization procedures contradicts the goal of the state to deregulate entrepreneurship and simplify business procedures.