At a recent scientific seminar held at the Institute of Information Technology in Baku, Babak Nabiyev, Head of AzScienceNet Network Operation Centre, presented an extensive analysis of the General Data Protection Regulation (GDPR). His discussion encompassed the regulation’s origins, motivations, breadth, challenges and its significant impact on the scientific community.
Nabiyev attributed the emergence of GDPR to increasing cyber threats, rampant personal data breaches by private entities and opaque data management practices. He pointed out that GDPR was introduced to address these issues, ensuring lawful, transparent and responsible data handling.
He went on to illuminate the essential principles of GDPR, including lawful processing, transparency, data minimization, precision, integrity, and safeguarding confidentiality.
Nabiyev also articulated on how GDPR reshapes the handling of personal information in scientific research. He emphasised the necessity for ethical oversight, respecting participant rights, fostering data exchange among research entities, maintaining compliance with GDPR and enforcing strong data protection strategies in research projects.
In terms of Azerbaijan’s alignment with GDPR, Nabiyev identified critical steps ahead. These steps involve revamping the nation’s data protection landscape, grasping the essence of GDPR’s principles, devising a strategic plan for implementation, engaging relevant stakeholders and ensuring smooth integration with European data protection norms.
At the end of the seminar, the General Director of IIT, Rasim Alguliyev, offered several suggestions and recommendations on how to deepen and realise research in this area.
It is essential to produce papers on the subject and highlight the need for further academic exploration and documentation to advance understanding and implementation of GDPR principles and practices.
About GDPR
Since its establishment in 2016 and implementation in 2018, GDPR has been pivotal for entities handling EU residents’ personal data, including non-EU businesses interacting with EU citizens. It sets the benchmark for data collection and usage within the EU, empowering individuals over their personal information, fortifying data protection, and standardising privacy laws across the continent.