Remuneration for personal data is unacceptable, warned the President of the National Data Protection Commission (CNPD), explaining that fundamental rights such as the right to the protection of personal data are not a commodity to be sold.
“Fundamental rights are not tradeable, remuneration for personal data is unacceptable,” Paula Meira Lourenço said in a statement to Luse, defending the need for “informed and conscious citizens and recognizing that the right to the protection of personal data is fundamental.” right” enshrined in the Constitution of the Portuguese Republic.
According to the CNPD President, the decision to sell personal data, such as biometric data through iris reading, in exchange for cryptocurrencies is fraught with risk, and “only through informational self-determination can one decide” what to do with the data and whether or not to give consent for their treatment.
Created in 2019 by Sam Altman, founder of OpenAI, the company behind ChatGPT, the Worldcoin platform collects biometric data in several countries, as well as Portugal, through iris readings and in exchange for payment.
The CNPD president said that “it is very important that the choice is made consciously and properly informed of the risks it may entail.”
Providing data based on “various deceptions” is nothing new, Paula Meira told Lourenço, citing as an example competitions that award prizes to participants but which “are nothing more than a way to collect personal data.”
“And they even provide not only their personal data, but also the data of their children and even their friends, so that in the end they can win a coupon, a sample of perfume or other symbolic prizes… Every day we are faced with this,” he commented .
One of the biggest problems is the misappropriation of personal data, which allows for more effective preparation for cyber attacks, according to Paula Meira Lourenço, who explains that passwords or other authentication information – username, email address, tax number – can be intercepted during an attack. – data that will allow you to prepare other attacks on logging into user accounts based on previously obtained authentication data.
This access to additional information will allow the attacker to usurp the identity and thus purchase products and services on behalf of another person, obtain financial benefits, or commit all types of crimes. Additionally, data collected during a cyber attack could be used much later in a possible attempt to commit other crimes, such as identity theft or fraud.
The CNPD reminds that one of the principles to be observed is not to provide more data than is relevant and necessary, while the person responsible for processing this data is obliged to comply with the principle of data minimization in accordance with the General Data Protection Regulation. Data (GDPR) valid in the European Union.
“Data protection authorities have their supervisory and control role, but they cannot replace data owners with respect to certain options, as this would mean depriving them of the right to self-determination that the GDPR gave them,” Paula Meira warned Lourenço.
Author: Lusa
Source: CM Jornal
I am Michael Melvin, an experienced news writer with a passion for uncovering stories and bringing them to the public. I have been working in the news industry for over five years now, and my work has been published on multiple websites. As an author at 24 News Reporters, I cover world section of current events stories that are both informative and captivating to read.