Monitoring of data rooms for due diligence is carried out on the basis of a subscription to changes and is carried out on a daily basis.
Data Rooms as the Remedy for Due Diligence
Data rooms and cybersecurity are most often interpreted as a set of measures taken by structures external to the individual (subject of personal data) (both government and commercial), which can lead to violations of the inviolability of privacy.
The term “data room for due diligence” is used primarily by IT professionals and in relation to an organization; the term “cybersecurity” is more often used in political discussions when information security is considered within the framework of national security “Information security” and “cybersecurity” are in most cases considered synonymous and are most often interpreted as a set of measures taken by external structures (both government and commercial ) that may lead to violations of your privacy).
In this context, the right to information privacy can be limited and violated in the name of ensuring the safety of the individual and/or society. An example is the strengthening of government measures for monitoring of the Internet and other communications, strengthening of government control over the activities of telecom operators, expanding the ability to access data of users of data room services:
- installation of specialized devices for intercepting Internet traffic (“black boxes”);
- legislative consolidation of the obligation of Internet service providers to store Internet traffic for a long time;
- waiver of a part of the state guarantee for ensuring privacy and protection of personal data;
- simplification of the procedural order of access for representatives of law enforcement agencies to personal data of users.
The Main Proofs of VDR as a Remedy for Due Diligence
The introduction of electronic document management and the automation of tax reporting checks allow the due diligence for data rooms to promptly identify unscrupulous market participants. Reimbursement on work with such counterparties is possible only upon proof of due diligence.
The main proofs that data rooms are the remedy for due diligence are:
- Availability of a formalized and approved procedure for checking counterparties.
- Checking a counterparty is an integral part of the process of accepting a counterparty and further working with it.
- Designated person responsible for the counterparty verification process.
- Dossier on the counterparty and on contracts with him (transactions).
- Monitoring and reassessment of the level of risks on a periodic basis.
- Verification of the fulfillment of obligations under the contract at the end of the contractual relationship.
Many experts draw attention to the fact that the effectiveness of such measures in the fight against terrorism and organized crime does not correspond to the costs of their implementation and does not justify violations of the right to information privacy (including the right of a subject to control who, when and why uses information about him).
Thus, the protection of personal data is not limited to ensuring technical security measures for the collection, storage, and processing of data (quality of use). Moreover, the security measures taken can become a cause of violation of the integrity of the digital sphere of privacy. The criterion for the admissibility of interference in order to ensure security can be the right of an individual to control the use of information about himself. The balance between privacy and security is a complex issue that cannot be tackled by technicians, lawyers, or intelligence agencies. International practice clearly demonstrates that different actors should be involved in solving these problems.