Дата публикации
In Kazakhstan, users will be required to provide their biometric data, such as facial images, to connect to cellular services and access the Internet. This data must be provided by each subscriber wishing to enter into an agreement for the provision of cellular services.
The changes regulating the process of providing communication services are posted on the Open NPA portal.
The explanatory note to the changes states that biometric identity verification is needed to combat fraudsters who register other people's personal data on subscriber numbers and commit crimes in the financial sector.
The project was approved by the Ministry of National Economy, the National Security Committee and the Ministry of Internal Affairs of the Republic of Kazakhstan. Public discussion will last until September 10, 2024.
It will work as follows:
- To enter into an agreement with the operator, users will have to provide their biometric data (for example, a photo of their face).
- If you decide to stop using the services, you will need to send the operator an application with biometric data. The termination of services will occur from the date specified in the application, but not before its submission.
- When transferring a number to a new operator, you will also need to provide biometric data. Services from the old operator will cease when the new operator begins to provide its own.
To access the Internet through public points (for example, in a cafe or airport), users will enter one-time passwords that they will receive via SMS or call. It will also be possible to log in to the network using identity documents scanned using the operator's application.
The amendments indicate the following additional authorization methods:
- eGov portal;
- biometrics;
- confirmation via bank card number;
- scanning a document via the operator's application;
- social network accounts;
- email with its confirmation.
According to EDF founder Ruslan Daiyrbekov, the introduction of mandatory biometrics for concluding contracts for the provision of cellular services is a dual problem.
On the one hand, this measure is aimed at increasing security and reducing fraud, which is relevant in the context of growing cybercrime. But at the same time, such a requirement raises serious concerns in the field of protecting digital rights and privacy of citizens.
Residents of Kazakhstan should have the right to control their biometric data, including access to information about how and where this data is stored and used, as well as the ability to revoke their consent to its processing. Transparency in these matters is extremely important to ensure citizens' trust in the new measures.
"We have already seen many examples of leaks of personal data from telecom operators and other organizations, which led to identity theft, financial losses and even threats to physical security. The peculiarity of biometrics is that this data, unlike passwords, cannot simply be changed in the event of compromise," the expert says.
According to Ruslan, Kazakhstan should strive to ensure that the introduction of innovations ensures security without violating the fundamental rights of citizens to privacy and protection of personal data, "otherwise there is a risk that security will become a compromise, not a guarantee."
The expert also emphasizes that it is important for telecom operators to bear legal responsibility for possible leaks, including the obligation to compensate for damages and provide victims with assistance in restoring their digital identity.
(the text translation was done automatically)
The changes regulating the process of providing communication services are posted on the Open NPA portal.
The explanatory note to the changes states that biometric identity verification is needed to combat fraudsters who register other people's personal data on subscriber numbers and commit crimes in the financial sector.
The project was approved by the Ministry of National Economy, the National Security Committee and the Ministry of Internal Affairs of the Republic of Kazakhstan. Public discussion will last until September 10, 2024.
It will work as follows:
- To enter into an agreement with the operator, users will have to provide their biometric data (for example, a photo of their face).
- If you decide to stop using the services, you will need to send the operator an application with biometric data. The termination of services will occur from the date specified in the application, but not before its submission.
- When transferring a number to a new operator, you will also need to provide biometric data. Services from the old operator will cease when the new operator begins to provide its own.
To access the Internet through public points (for example, in a cafe or airport), users will enter one-time passwords that they will receive via SMS or call. It will also be possible to log in to the network using identity documents scanned using the operator's application.
The amendments indicate the following additional authorization methods:
- eGov portal;
- biometrics;
- confirmation via bank card number;
- scanning a document via the operator's application;
- social network accounts;
- email with its confirmation.
According to EDF founder Ruslan Daiyrbekov, the introduction of mandatory biometrics for concluding contracts for the provision of cellular services is a dual problem.
On the one hand, this measure is aimed at increasing security and reducing fraud, which is relevant in the context of growing cybercrime. But at the same time, such a requirement raises serious concerns in the field of protecting digital rights and privacy of citizens.
Residents of Kazakhstan should have the right to control their biometric data, including access to information about how and where this data is stored and used, as well as the ability to revoke their consent to its processing. Transparency in these matters is extremely important to ensure citizens' trust in the new measures.
"We have already seen many examples of leaks of personal data from telecom operators and other organizations, which led to identity theft, financial losses and even threats to physical security. The peculiarity of biometrics is that this data, unlike passwords, cannot simply be changed in the event of compromise," the expert says.
According to Ruslan, Kazakhstan should strive to ensure that the introduction of innovations ensures security without violating the fundamental rights of citizens to privacy and protection of personal data, "otherwise there is a risk that security will become a compromise, not a guarantee."
The expert also emphasizes that it is important for telecom operators to bear legal responsibility for possible leaks, including the obligation to compensate for damages and provide victims with assistance in restoring their digital identity.
