The sources of concepts "personal data" and private life of a person in Russian law

Despite the fact that the Institution of the Protection of Confidential Information in the Russian Federation has existed since the middle of the 20th century, since the time when in the Constitution of the USSR was established a rule on the right of citizens to confidential information, the issue of the correlation of personal data with the private life of a person is still relevant and until now. The article analyses the issue of what kind of information attributed to personal data can constitute the private life of a person and what are legal procedures should be applied to ensure the protection of these legal institutions, given that the private life of a person is protected by criminal law, and the private life of persons is protected by the rules of civil law. What norms the law enforcer should be guided, at such a crossing of the two legal institutions. The problem of an integrated approach to the protection of personal data is considered, both from the point of view of private law and from the point of view of public law. The approaches of Russian and American legislation are compared, in the field of personal data protection and private life of a person. As conclusions, it was proposed to: to increase existing administrative fines. At the moment, the amount of fines does not cre- ate incentives for companies to take all possible measures to protect personal data, because the risks are outweighed by the potential profit; to use of ISO standards for personal data operators and other private companies. The following recommendations were made: 1) Clarify the legislative definition “personal data” for the inclusion of anonymous records, in the future which can be used in combination with other information to identify individual data subjects. 2) Develop clear recommendations for the use of the concept of “personal data” in practice, and help companies perform their legal duties. 3) Increase the level of administrative responsibility for violations in the field of personal data. 4) Improve models of civil responsibility for violations in the field of personal data. 5) To supplement the legislation on personal data, the duty of the personal data operator to inform the relevant authorities about the leakage of personal data.