Georgia learns to protect personal data
“Personal data protection word combination has a magic power in Georgia, but that’s not because personal data are highly valued here. More likely, it is because in modern Georgia publication of personal data often serves as an argument in a dispute, including in a political one. Therefore, adoption of a new legislation and setting up a special new structure, designed to assist citizens in protecting their personal data, is, to a greater degree, a political issue.
“A country and its citizens can be considered free in case public structures are fully open and private life solely depends on the people, themselves, David Usupashvili, Georgian Parliament Speaker, stated during his speech at the event, dedicated to the International Data Protection Day, that was recently marked in Tbilisi. According to Usupashvili, it is important to prevent use of personal data by people and structures that are not entitled to it. “This is the main precondition for the country’s freedom, democracy and stability.
Personal data protection has been really paid much attention to these days – this issue is regularly raised. However, despite active discussions, Georgian citizens do not fully realize how important it is to keep personal data secret. Many people simple-heartedly share not only their E-mail addresses or telephone numbers, but also Georgian citizen’s ID Card data. And if, as a result of publicizing the first, a hapless citizen will be just seeded with tons of SMSs and E-mail spam, making public one’s personal number may result in more serious consequences, including formalizing a loan in ID card owner’s name. There have been such precedents in Georgia.
Such data protection is regulated in Georgia by the Personal Data Protection Law. The law has been in effect just for two years. It determines, what exactly shall be regarded as personal data and who is entitled to collect and process them, as well as sets forth the rights and duties of private and public structures and, certainly, those of the citizens.
In Georgia, any violation of the Personal Data Protection Law shall be subject to a penalty, amounting to GEL500-10 000. Anyone, engaged in direct marketing – numerous shops, banks, drug stores, restaurants, beauty salons and other companies, that are literally “bombarding the population with SMS and E-mails, may get it.
By the way, many private companies and public structures have been already fined. The two-page list of them has been published on the web-site of the Personal Data Protection Inspector’s Office.
The law clearly stipulates that a consumer shall have an opportunity to easily unsubscribe such promo messages and such opportunity nominally exists. But it is not that easy to stop that continuous flow, especially taking into account a great number of promo SMSs, that an average citizen receives.
Just to understand the scope of this phenomenon: 5-7 promo SMSs are sent to an active number daily; on certain days, for example, on the New Year eve or large sales, the number of promo SMSs may double or even triple. Here is what your phone screen would look, if you’d live in Ggeorgia:
Personal Data Protection Inspector is an independent structure in charge of control over personal data protection in Georgia. The Office of the Personal Data Protection Inspector advises to address them in case, a consumer suspects that somebody has possesses his/her personal data or transferred them to the third person. It may be done through the following website: http://personaldata.ge/
The Office of the Personal Data Protection Inspector also shares the following tips:
1. Be aware of who are the social network users, you are sharing some information with. Pay attention to your page parameters and be aware of who have access to your data;
2. When transferring your data to specific organizations (for example, when filling in a form), show interest in the purpose of collecting data and how they will be used. Know, which specific organizations keep your data;
3. Let your documents be kept safe – keep your ID or passport in a safe place, otherwise someone may get hold of your data;
4. It is important that data processing organizations realize their liabilities well enough and that citizens know their rights too.