The Ministry of Digital Development, Innovation and Aerospace Industry (MDDIAI) has announced the launch of a number of initiatives aimed at protecting citizens' personal data.
According to the department's press service, unscheduled inspections revealed violations by developers of biometric identification systems and heads of children's hobby groups.
It was reported that the inspections covered 4 organisations, in which 2 cases of illegal collection of children's biometric data without parental consent were identified. As a result of the inspections, 2 administrative cases were opened and fines totalling 332,280 tenge were issued.
At the same time, the ministry proposed amendments to the Code of Administrative Offences, which include increasing the statute of limitations for prosecution and fines for personal data leaks.
The department intends to introduce liability for the unauthorised use of the private key of an electronic digital signature (EDS).
Furthermore, the MDDIAI plans to create a single register of compromised data to track leaks and identify violators. It is expected that this will enable a more effective response to cybersecurity incidents.
"Additional initiatives are being developed within the framework of the draft law of the Republic of Kazakhstan 'On amendments and additions to legislative acts on information security', including mandatory cyber insurance for owners and operators processing data of more than one million subjects", the statement said.
It was also noted that the MDDIAI is actively cooperating with Telegram and Meta in the fight against fraudulent schemes.
"We understand that combating internet fraud is a global challenge requiring joint efforts. At the meeting, Meta representatives noted that the internet fraud faced by Kazakhstan is a common problem for many countries. In the last quarter alone, Meta blocked 1.2 billion fake accounts worldwide using artificial intelligence technologies", the statement said.
Recall that in September, the Education Department of the East Kazakhstan Region conducted an official investigation into violations committed by employees of one of the district schools during public procurement, namely, the disclosure of employees' personal information.
In July, a data leak occurred on Telegram – a user under the nickname "emo" posted the full database of the hacker forum BreachForums online. The forum operated from 2022 to 2023. Malware and stolen data were traded on it. It is believed that 15 hackers from Kazakhstan were registered on BreachForums.
In March, Kazakhstani citizens were informed about a leak of their personal data in the 'EgovMobile' application. Notifications were also sent to those who had never taken out loans from microfinance organisations.