Konstantin Melnikov, Head of the Digital Threat Analysis and Assessment

[tanjimajuha20]

Andrey Lokis, special adviser on tax issues at the Pen & Paper Bar Association, explained that, as follows from the text of the bill, e-mails will be sent to citizens only with the consent of the taxpayer, expressed in the notification of the submission of such documents using a single portal.

"In addition, the provisions of the said draft law provide for the development of provisions regulating the possibility of transferring information constituting a tax hong kong cell phone number list secret in electronic form through a single portal. Under such conditions and preserving the provisions of the draft law upon the final publication of the adopted Federal Law "On Amendments to Part One of the Tax Code of the Russian Federation" with all amendments, if leaks of personal data are excluded or their incorrect use is excluded, including with subsequent leaks, then citizens will have no grounds to go to court. At the same time, in the event of an illegal leak of information, the person whose personal data has leaked into the public domain has two civil law forms of protecting his rights in court. These are compensation for damages or compensation for moral damage. In this case, the subject of personal data can apply with both of these claims simultaneously. However, judicial practice shows that it is almost impossible to establish a causal relationship between the leak of personal data and the damages caused, which is why most such claims remain unsatisfied," he said.

Department at Infosecurity, a Softline Company, noted that the increased risks of data leakage from the Gosuslugi portal are in no way related to notifications. "In theory, the risks may increase, for example, when integrating the portal with another, third-party platform, if the process goes wrong. We do not believe that the information in notifications is extremely sensitive. The fraudster's motive is financial enrichment, and what he should do with the information from the notifications is unclear. The question also arises, how technically are fraudsters going to intercept messages that citizens will receive on the portal? To do this, they will have to hack the resource, but then the attackers will be interested in other, more sensitive information, and not simple notifications," he believes.

Freedom Finance Global analyst Vladimir Chernov said that in recent years, Russian Post services have been actively digitized, due to which the share of revenue from them in the total volume is constantly growing, while the share of revenue from postal services (sending written correspondence and parcels) is decreasing. "On the official website of Russian Post, the latest available financial statements of the company under IFRS and RAS are only for 2019. According to media reports, revenue from postal services for the first half of 2022 amounted to 72.9 billion rubles. However, it is worth considering that the revenue of Russian Post is seasonal and is usually higher in the second half of the year than in the first. It is also necessary to understand that the income item for postal services includes not only sending written correspondence, but also sending parcels, so it must be divided into two income items, but in what proportion - we do not know. Therefore, we can conclude that revenue from sending tax letters from citizens can vary greatly from 50 billion to 100 billion rubles per year. We can say more precisely when the company will release a detailed financial report and show the profitability of postal services by segment," the analyst commented.