The reference to the costs of technology is very important :

nurmohammadkhan · Post by **nurmohammadkhan** » Sun Jan 12, 2025 5:08 am

Having acknowledged the objective impossibility of prescribing the security measures to be adopted in the most varied and, moreover, technologically evolving contexts , the European legislator, recognising the right of the interested party to the protection of his/her data through adequate security measures , has established that it is the owner who decides which ones to adopt.

The owner today therefore has the obligation to implement " appropriate azerbaijan phone data technical and organizational measures to guarantee a level of security appropriate to the risk " but the choice of such measures is up to him . His task is therefore to evaluate their adequacy by balancing the risk - determined by the nature of the data, the context and the purpose of the processing - with the state of the art of the available technology and its costs .
admitting that measures to protect data can be chosen by also evaluating this aspect means recognizing that the level of security can be considered adequate even if the choice does not fall on the most secure technology due to its costs. This obviously does not justify outright choices at a low level but allows the owner to take costs into account in his decisions. If the reference to this aspect had not been present, the owner would have had to decide on the most appropriate method to protect the data even if this had entailed an investment that he could not sustain.