Automation, machine translation and neural networks provide more efficient translations than ever before. This step, however, also results in concerns regarding the security of the data provided. Organizations and translation agencies process large amounts of sensitive data, such as plans to acquire new products, communications about customer or internal issues, sensitive human resource issues, and other confidential business processes. Nevertheless, they often use online translation tools and grant their providers a worldwide license to use, store and publish content. However, this may not be in line with the GDPR, nor the interests of the clients ordering the translations.
“Language agencies should use a secure machine translation environment that can be deployed on their own servers and also encrypted, if necessary; this cannot be achieved with publicly available machine translation systems. If agencies provide the entrusted data to a third party and at the same time do not inform the data owner, at a minimum this violates mutual trust – and in many cases, this certainly violates the law. Such language service providers may indicate in their terms and conditions that the client’s data will be machine-processed. However, this is such an important issue that clients must be notified of this fact very clearly when concluding contracts. The mere reference to the terms and conditions is, in the case of the use of public translation tools, the same as, e.g., including an insidious clause in small illegible letters in a contract. Therefore, companies should check in advance which machine translation system the agency uses,” says Jiří Proniuk from the Skřivánek language agency, which is certified according to ISO 27001, the international standard for information security management (ISMS).
Head of the CAT and DTP centre of the Skřivánek language agency