Desislava Krusteva comments the fine imposed on the NRA for the Bulgarian National Radio
30 August 2019
Who did the state (represented by CPDP) actually sanction by the BGN 5 million fine imposed on the National Revenue Agency for the personal data leak from the agency’s information system? This question provoked numerous comments from experts in various fields.
“The state actually fines itself. This is a really new practice. Normally, a public authority would not impose sanctions on another public authority”, Desislava explained.
She questioned the effect of the sanction by explaining the mechanism of budget displacement and spending: “These funds (the ones that the NRA will have to pay) go to the budget of the Commission for Personal Data Protection. However, the Commission itself cannot dispose of the funds received from fines uncontrollably and at its own discretion. In practice, most of these fines later return into the state budget and are redistributed”.
Desislava emphasized that the mandatory prescriptions, issued by CPDP, are far more effective than the imposed fine as they may help prevent a further security breach.
The full interview with Desislava Krusteva (in Bulgarian) can be found here.
Desislava Krustevais Partner and Head of IT & Personal Data Protection practice at Dimitrov, Petrov & Co. (DPC) and one of the interviewed professionals in the a widely publicized CNN publication "An entire nation just got hacked".« Previous Next »