Protection of companies’ data remains problem

Two years after its start, and despite the amendments for limiting the publicity of data, the Commercial Register is still a good source of confidential information about companies, businesses warned. Commercial Register officials and the Commission for Personal Data Protection (CPDP) admit the problems. All concerned parties are adamant that urgent legal amendments are needed to protect businesses. Both companies and the state have ideas for reform but there is no clarity as to when they will be carried out.
Problem
The website of the Commercial Register gives everybody access to confidential information about the registered companies, CPDP chairwoman Veneta Shopova told the Pari daily. That creates grounds for blackmailing, since the public data include companies’ financial reports, addresses, contract details etc., Sofia Chamber of Commerce and Industry chairman Georgi Chernev commented. We are personal data administrators and the law obliges us to protect the data of our employees; at the same time the data we submit are not protected, business representatives told the Pari daily.
Reply
It is true that the website reveals information like ID card numbers, addresses, management contracts and remunerations, Commercial Register’s Boyan Terziev admitted. According to him, however, companies provide the data voluntarily, while administrators are legally bound to publish and publicise the data.
Case
We are going from one extreme to the other; previously no public information was provided, while now the whole information is published, Vladimir Penkov, a lawyer, said. In his words there is a large discrepancy between the Commercial Register Act and the Personal Data Protection Act. According to the first law, companies get register by providing information voluntarily and everything they send becomes public. Sometimes, out of ignorance, they submit confidential information. However, according to the Commercial Register Act, no data can be erased from the register, not even personal data that are protected under the Personal Data Protection Act.
Solution
We are considering legal amendments to protect companies, Terziev said. A good idea is to allow companies to request deletion of some of the data they have already filed, he added. The confidential information in the submitted documents may simply be barred from publication, Penkov advised. Changing the registration form and keeping only the obligatory boxes in it is probably the easiest way to solve the problem, he added. Now most of the lines in the form are not mandatory but companies fill in some of them. A new form will guarantee that all companies submit identical information and their data are protected, Penkov explained.

Finance