Coordination acts on ensuring cybersecurity are increasingly becoming the subject of interregional agreements [1, p. 198]. One of such significant acts can be recognized as the Guidelines (basic provisions) for the Protection of Privacy and Cross-border Transfer of Personal Data [2].
The definitions of the Guidelines repeat the definitions of other acts adopted within the framework of cooperation between the OECD member countries. Of interest is the definition of "privacy protection authority", which the Management understands as any state or public organization, as defined by an OECD member country, responsible for the implementation of legislation on the protection of privacy, and which has the authority to conduct investigations, or has authority.
Thus, the OECD member States have provided for the possibility of delegating some part of the authority in the field of cyber defense to public organizations, which in itself deserves an extremely positive assessment.
The developers of the Guide emphasize that, in fact, this is a minimum set of legal standards in the field of cybersecurity, and the provisions of the Guide should under no circumstances be considered as an obstacle to the implementation of various protective measures against different categories of personal data, depending on their nature or the conditions in which they are collected, stored, processed and distributed, as well as in any way that leads to unjustified restrictions on freedom of speech.
Unlike other acts of the same level and the same sphere of interest, which often have a declarative nature, the Guide provides for specific practical provisions in the field of duties and responsibilities of personal data managers, which favorably distinguishes this legal act from other acts adopted in the field under study.
The most significant responsibilities of the OECD member countries are established in terms of international cooperation in this area. For example, OECD member countries should take appropriate measures to promote cross-border cooperation in the area of compliance with legislation on the protection of privacy, in particular by facilitating the exchange of information between privacy protection authorities. They are obliged to support and encourage the development and adoption of international agreements that provide for the coherence of framework policies and documents in the field of protection of privacy, etc.
Thus, we note that the provisions of the Guide generally comply with the norms of international law in this area. The Manual itself is in many aspects practically significant from the point of view of execution, an act containing prescriptions that have the properties of concreteness and enforceability. The lack of coordination of cybersecurity processes in the field of personal data protection can only be considered as a lack of coordinated procedures for implementing the provisions of the Manual (control deadlines, methods of verification of execution, responsible persons, etc.), as well as other organizational aspects, which does not reduce its practical value.
List of sources used:
1. Maksurov A. A. Coordination legal technologies in the countries of Europe. M., Infra-M, 2019. - 456 p.
2. Guidelines (guidelines) for the protection of privacy and cross-border transfer of personal data // https://digital.report/rekomendatsii-soveta-kasayushhiesya-rukovodstva-po-zashhite-neprikosnovennosti-chastnoy-zhizni-i-transgranichnoy-peredache-personalnyih-dannyih/
|
Ця робота ліцензується відповідно до Creative Commons Attribution 4.0 International License
Знайшли помилку? Виділіть помилковий текст і натисніть Ctrl + Enter
