Database
Trading restrictions
RUSSIA
Reported in 2015
Chapter Standards |
Sub-chapter Telecom network and base standards
National standard
It is reported that, rather than following internationally recognized standards, Russia is developing its national communication standard on the basis of NG1 mobile broadband standard. NG1 provides the usage of unpaired frequency bands not suitable for GSM, UMTS, CDMA and LTE. Only China and India have experience in manufacturing equipment for NG1.
Coverage Mobile equipment
Trading restrictions
RUSSIA
Since 2013
Chapter Quantitative Trade Restrictions |
Sub-chapter Local Content Requeriments for commercial market
Local content requirement
Firms selling telecommunications equipment are required to have scientific equipment manufacturing located within Russia. In this regard, it is possible that the firms’ inputs of electronic equipment and machinery and equipment should come from domestic sources.
Coverage Telecommunications equipment
Trading restrictions
RUSSIA
Reported in 2014
Chapter Quantitative Trade Restrictions |
Sub-chapter Import restrictions
Licensing regime
It is reported that Russia has a complex and non-transparent licensing regime in place that impedes the importation of telecommunication equipment that incorporates encryption technology. Russia committed to reform its import licensing regime for products with cryptographic functionalities (“encryption products”) in its WTO accession protocol, but it continues to limit the importation of encryption products through the use of import licenses or one-time “notifications”.
Additionally, the process for importing consumer electronic products considered to be “mass market” has been aggravated. Theoretically, a simple notification process is supposed to apply to “mass market” products as defined under the Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and Technologies. However, the definition of “mass market” products in the regulation of Russia's customs union diverges from this definition and does not accurately reflect the definition of these products under the Wassenaar Arrangement or Russia’s WTO protocol.
Therefore, imports of encryption products and particularly common consumer electronic products continue to be inhibited and cannot be imported via a simple notification.
Additionally, the process for importing consumer electronic products considered to be “mass market” has been aggravated. Theoretically, a simple notification process is supposed to apply to “mass market” products as defined under the Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and Technologies. However, the definition of “mass market” products in the regulation of Russia's customs union diverges from this definition and does not accurately reflect the definition of these products under the Wassenaar Arrangement or Russia’s WTO protocol.
Therefore, imports of encryption products and particularly common consumer electronic products continue to be inhibited and cannot be imported via a simple notification.
Coverage "Encryption products", consumer electronic products
Sources
- This has been reported as a market access barrier by the Telecommunications Industry Association (TIA): http://www.tiaonline.org/sites/default/files/pages/TIA_Submission_for_1377_Report_USTR-2014-0022_Final.pdf
- USTR, 2014 National Trade Estimate Report on Foreign Trade Barriers: https://ustr.gov/sites/default/files/2014%20NTE%20Report%20on%20FTB.pdf
Restrictions on data
RUSSIA
Since July 2012
Chapter Content access |
Sub-chapter Censorship and filtering of web content
Law On Amendments to Federal Law On Protecting Children from Information Harmful to Their Health and Development and Certain Legislative Acts of the Russian Federation (Law No. 139-FZ)/ Practice
It is reported that, in order to implement the measures contained in Law No. 139-FZ, the Russian government has implemented online filtering protocols such as the Deep Packet Inspection surveillance system.
Coverage Web content
Sources
Restrictions on data
RUSSIA
Since 2011
Chapter Content access |
Sub-chapter Censorship and filtering of web content
Blocking of web content
According to a rights group organization (Agora), incidents of bans on online content issued by courts as well as similar decisions by government agencies that do not require court approval soared from 1,019 in 2014 to 9,022 in 2015. The same source cites that Russia has also prosecuted and sentenced to prison a growing number of individuals for posting information online. In 2017, Agora reported that Russia had seen more than 115,000 online censorship cases, 110,000 of which related to websites being blocked. The group has estimated that the Russian regime blocked an average of 244 websites a day in 2017 alone.
Reportedly, Roskomnadzor (Russia's communication watchdog) has blacklisted the NoBlock service, which enables users to access international websites which are censored by Russian officials. The decision follows a court ruling in Anapa (Russia) in April 2015, which judged that allowing NoBlock to operate allows users “to have full access to all banned websites through anonymous browsing and user IP masking”.
Roskomnadzor has also ordered the blocking of a Euronews video published on YouTube following a user's comment was deemed extremist by a local court. Additionally, in April 2017, a Moscow court banned the popular messaging application Telegram, on the ground that the firm refused to give Russia’s Federal Security Service (FSB) encryption keys that would grant access to user messaging data.
Reportedly, Roskomnadzor (Russia's communication watchdog) has blacklisted the NoBlock service, which enables users to access international websites which are censored by Russian officials. The decision follows a court ruling in Anapa (Russia) in April 2015, which judged that allowing NoBlock to operate allows users “to have full access to all banned websites through anonymous browsing and user IP masking”.
Roskomnadzor has also ordered the blocking of a Euronews video published on YouTube following a user's comment was deemed extremist by a local court. Additionally, in April 2017, a Moscow court banned the popular messaging application Telegram, on the ground that the firm refused to give Russia’s Federal Security Service (FSB) encryption keys that would grant access to user messaging data.
Coverage Several websites and services, including Youtube, Euronews and Telegram
Sources
- http://www.ibtimes.com/after-pirate-bay-russian-internet-censors-crack-down-noblock-anonymity-service-2029475
https://www.dailystar.com.lb/News/World/2016/Feb-16/337535-russias-internet-censorship-grew-nine-fold-in-2015-rights-group.ashx
https://www.vpncompare.co.uk/russias-internet-censorship-rise/ - http://globalvoicesonline.org/2015/08/19/russia-blocks-euronews-isis-video-over-extremist-user-comment/
https://www.theguardian.com/world/2018/apr/13/moscow-court-bans-telegram-messaging-app
Restrictions on data
RUSSIA
Since July 2012
Chapter Content access |
Sub-chapter Censorship and filtering of web content
Law On Amendments to Federal Law On Protecting Children from Information Harmful to Their Health and Development and Certain Legislative Acts of the Russian Federation (Law No. 139-FZ).
The Law No. 139-FZ establishes a blacklist of Internet sites that contain drug-related material, extremist material and other content recognized as illegal in Russia that internet service providers within Russia are required to block. IKEA has closed its webiste fearing that the content which was advertising could be interpret by Russian officials as gay propaganda. Additionally, in August 2015, the Russian government briefly blocked access to Reddit, GitHub and Wikipedia for featuring content related to suicide and drugs.
Another example is Wikipedia, which was blocked over a report about a drug. Roskomnadzor, the country's communications watchdog, ordered Wikipedia to delete a certain page, stating it contained information on drugs. A few hours later, Roskomnadzor removed Wikipedia from its official list of banned sites, saying that the page had been edited to its approval.
In addition to the provisions of the Law No. 139-FZ, telecommunication operators and Internet Service Providers are allowed to block different types of traffic over their networks provided that they comply with the relevant legislation and agreements with users/beneficiaries.
Another example is Wikipedia, which was blocked over a report about a drug. Roskomnadzor, the country's communications watchdog, ordered Wikipedia to delete a certain page, stating it contained information on drugs. A few hours later, Roskomnadzor removed Wikipedia from its official list of banned sites, saying that the page had been edited to its approval.
In addition to the provisions of the Law No. 139-FZ, telecommunication operators and Internet Service Providers are allowed to block different types of traffic over their networks provided that they comply with the relevant legislation and agreements with users/beneficiaries.
Coverage Several websites
Sources
- http://base.garant.ru/70207766/
https://globalvoicesonline.org/2014/10/17/building-an-internet-fast-lane-in-russia-could-be-a-great-way-to-stifle-independent-media/
http://www.theverge.com/2015/8/27/9210475/russia-wikipedia-ban-censorship - http://www.bbc.com/news/world-europe-31879850
- http://cyberlaw.stanford.edu/page/wilmap-russia
- http://www.huffingtonpost.com/karen-mesoznik/navigating-the-internet-i_b_9078980.html?utm_hp_ref=technology&ir=Technology
Restrictions on data
RUSSIA
Since February 2017
Chapter Intermediary liability |
Sub-chapter Notice and takedown requirement
Law 13.34 of the Code of Administrative Offenses of the Russian Federation
ISPs that do not block banned sites according to the rulings of the state regulator Roskomnadzor will be required to pay up to a 100,000 Ruble (approximately USD 1,700) penalty. Public officials and entrepreneurs will face fines of 5,000 Rubles (USD 86) and 30,000 rubles (USD 519), respectively, for failing to implement Roskomnadzor’s instructions.
Coverage Internet intermediaries
Restrictions on data
RUSSIA
Since May 2015
Chapter Intermediary liability |
Sub-chapter Notice and takedown requirement
Federal Law No. 364-FZ, on Amending Legislative Acts of the Russian Federation Concerning the Protection of Intellectual Rights in Information and Telecommunications Networks (“Anti-Piracy Law”)
Under the “Anti-Piracy” Law, the owners of any work protected by copyright or neighboring rights (with the exception of photographs) can apply for preliminary blocking injunctions with the Moscow City Court. If the injunction is granted, website owners will have one business day to address the injunction.
If the website operator does not restrict access to the allegedly infringing materials within one day after getting the notice, the hosting provider has three days to block access to that website. If this is not done, the internet service providers must restrict access to the website after adding the information about the website to the special registry kept by Roskomnadzor (the authorized media regulator).
Failure to prompty meet copyright takedowns will result in cash fines penalties of between 3,000 rubles (approx. USD 40) for individuals, increasing to a maximum of 500,000 rubles (approx. USD 6,600) for businesses in addition to 90 day business suspensions and confiscation of servers.
If the website operator does not restrict access to the allegedly infringing materials within one day after getting the notice, the hosting provider has three days to block access to that website. If this is not done, the internet service providers must restrict access to the website after adding the information about the website to the special registry kept by Roskomnadzor (the authorized media regulator).
Failure to prompty meet copyright takedowns will result in cash fines penalties of between 3,000 rubles (approx. USD 40) for individuals, increasing to a maximum of 500,000 rubles (approx. USD 6,600) for businesses in addition to 90 day business suspensions and confiscation of servers.
Coverage Internet intermediaries
Sources
- http://cyberlaw.stanford.edu/page/wilmap-russia
- https://www.bakermckenzie.com/-/media/files/insight/publications/2014/12/russia-extends-the-application-of-antipiracy-leg__/files/read-publication/fileattachment/al_russia_antipiracylegislation_dec14.pdf
- http://www.mondaq.com/x/397360/Copyright/Major+Amendments+To+Russias+AntiPiracy+Law+Now+In+Effect
- https://www.techdirt.com/articles/20130129/07442821814/russian-ministry-culture-publishes-draft-anti-piracy-law-requires-takedowns-within-24-hours.shtml
https://torrentfreak.com/russia-wants-to-fine-websites-for-poor-copyright-takedowns-130131/
Restrictions on data
RUSSIA
Since January 2018
Chapter Intermediary liability |
Sub-chapter Lack of safe harbor for intermediary liability
Federal Law No. 241-FZ "On Amendments to Articles 10.1 and 15.4 of the Federal Law "On Data, Information Technologies and Data Security"
ISPs are required to restrict the user’s access to the instant messaging applications within a day if they suspect that messages contain information that violates Russian legislation. ISPs that fail to meet this requirement will be blocked by the authorities.
Coverage Instant messaging services
Restrictions on data
RUSSIA
Since November 2017
Chapter Intermediary liability |
Sub-chapter Lack of safe harbor for intermediary liability
Federal Law No. 276-FZ "On Amendments to the
Federal Law "On Data, Information Technologies and
Data Security"
Federal Law "On Data, Information Technologies and
Data Security"
Federal Law No. 276 prohibits internet intermediaries from providing access to websites and information resources that are designated as “resources with restricted access” by Roskomnadzor. The Law requires Roskomnadzor to create a national information database of online resources and services to which access is prohibited in Russia. Internet service providers (ISPs) will be required to identify those owners of resources who do not block access to prohibited online resources and report them to the Roskomnadzor within three days. Operators of online search engines are required to block links to websites included in the database of prohibited online resources. If the owner of the network or information resource continues to ignore the requirement to block access to restricted websites, its Internet connection can be terminated by the ISP within 24 hours.
It has also been reported that Roskomnadzor is drafting a regulation that would establish the registration of owners and operators of information networks and search engines. Only registered owners and operators would have access to the database of prohibited resources. Owners of search engines, VPNs, and proxy servers would receive daily information on resources added to the list of banned content and would be required to block access to such resources within one day.
It has also been reported that Roskomnadzor is drafting a regulation that would establish the registration of owners and operators of information networks and search engines. Only registered owners and operators would have access to the database of prohibited resources. Owners of search engines, VPNs, and proxy servers would receive daily information on resources added to the list of banned content and would be required to block access to such resources within one day.
Coverage Internet service providers (ISPs)
Sources
- http://www.loc.gov/law/foreign-news/article/russia-new-legislation-restricts-anonymity-of-internet-users/
- https://talkingtech.cliffordchance.com/content/micro-cctech/en/cybersecurity/cyber-security-and-the-internet-in-russia/_jcr_content/text/parsysthumb/download/file.res/Client%20Briefing_Cyber%20Security%20(ENG)%20September%202017.pdf
Restrictions on data
RUSSIA
Since May 2015
Chapter Intermediary liability |
Sub-chapter Lack of safe harbor for intermediary liability
Federal Law No. 364-FZ, on Amending Legislative Acts of the Russian Federation Concerning the Protection of Intellectual Rights in Information and Telecommunications Networks (“Anti-Piracy Law”)
There is no explicit requirement for monitoring. However, Article 1253 (3)(1) of the “Anti-Piracy Law” provides that hosting providers are not liable for third-party content unless they “knew or ought to have known” that infringing material was being used illegally on their service. In other words, the article contains a “constructive knowledge” clause, that may incentivise intermediaries to monitor their services in order to locate “illegal” material.
Coverage Internet intermediaries
Restrictions on data
RUSSIA
Since January 2018
Chapter Intermediary liability |
Sub-chapter Lack of safe harbor for intermediary liability
Federal Law No. 241-FZ "On Amendments to Articles 10.1 and 15.4 of the Federal Law "On Data, Information Technologies and Data Security"
Federal Law No. 241 prohibits the anonymous use of instant message (“IM”) services. Providers are obliged to identify users by their phone numbers based on the agreement with the communications provider.
Coverage Instant messaging services
Sources
- https://www.lexology.com/library/detail.aspx?g=c7f9083d-635c-484a-9b5b-ff3b077d4e22
- https://talkingtech.cliffordchance.com/content/micro-cctech/en/cybersecurity/cyber-security-and-the-internet-in-russia/_jcr_content/text/parsysthumb/download/file.res/Client%20Briefing_Cyber%20Security%20(ENG)%20September%202017.pdf
Restrictions on data
RUSSIA
Since August 2014
Chapter Intermediary liability |
Sub-chapter Lack of safe harbor for intermediary liability
Government Decree №758 of 31 July 2014 and №801 from 12 August 2014
The Russian Government has given instructions to require public Wi-Fi user identification. The government decrees require that:
- ISPs should identify Internet users, by means of identity documents (such as passport);
- ISPs should identify terminal equipment by determining the unique hardware identifier of the data network;
- all legal entities in Russia are required to provide ISPs monthly with the list of the individuals that connected to the Internet using their network.
The data should be stored locally for a period of at least six months.
Later in 2015, the authorities have proposed the following levels of fines for non-compliance:
- 5,000-50,000 rubles (approx. 60-140 USD) for individual entrepreneurs; and
- 100,000-200,000 rubles (approx. 1,400-2,600 USD) for legal entities.
The fines would be higher for repeating offenders.
- ISPs should identify Internet users, by means of identity documents (such as passport);
- ISPs should identify terminal equipment by determining the unique hardware identifier of the data network;
- all legal entities in Russia are required to provide ISPs monthly with the list of the individuals that connected to the Internet using their network.
The data should be stored locally for a period of at least six months.
Later in 2015, the authorities have proposed the following levels of fines for non-compliance:
- 5,000-50,000 rubles (approx. 60-140 USD) for individual entrepreneurs; and
- 100,000-200,000 rubles (approx. 1,400-2,600 USD) for legal entities.
The fines would be higher for repeating offenders.
Coverage ISPs providing public Wi-Fi
Sources
- http://www.themoscowtimes.com/news/article/russia-bans-anonymous-public-wi-fi/504855.html
- https://globalvoicesonline.org/2014/08/07/public-wifi-internet-id-passport-russia/
- http://cyberlaw.stanford.edu/page/wilmap-russia
http://www.reuters.com/article/2014/08/08/us-russia-internet-idUSKBN0G81RV20140808
http://www.minsvyaz.ru/ru/events/33687/
Restrictions on data
RUSSIA
Since January 2007
Since July 2017
Since July 2017
Chapter Data policies |
Sub-chapter Sanctions for non-compliance
Federal Law no. 152-FZ “On Personal Data” (OPD-Law)
Code of Administrative Offences No. 195-FZ
Federal Law No. 374 on Amending the Federal Law "on Counterterrorism and Select Legislative Acts of the Russian Federation Concerning the Creation of Additional Measures Aimed at Countering Terrorism and Protecting Public Safety"
Code of Administrative Offences No. 195-FZ
Federal Law No. 374 on Amending the Federal Law "on Counterterrorism and Select Legislative Acts of the Russian Federation Concerning the Creation of Additional Measures Aimed at Countering Terrorism and Protecting Public Safety"
In Russia, non-compliance with data protection laws can be punishable with: civil sanctions, administrative sanctions and criminal sanctions.
It is reported that Russian data protection laws have been enforced quite heavily in recent years and data subjects have sent many complaints to Roskomnadzor.
There has also been a growing number of appeals by data operators against the orders and decisions of Roskomnadzor imposing different sanctions on data operators and blocking their Internet resources.
As of 2017, Russia diversified how it fines breaches of data processing legislation, and increased overall fines. Now, illegal data processing can be fined between RUB 15,000 (approx. USD 260) and RUB 70,000 (approx. USD 1,230).
Additionally, Law No. 374 amends the Code of Administrative Violations to establish fines of up to RUB40,000 (approx. USD 700) for encryption which goes beyond mandated levels and for the use of previously uncertified encryption equipment. Furthermore, the Law imposes on distributors of information via the Internet the obligation to report to the Federal Security Service “all information required for the description of received, transferred, or delivered electronic communications.” The refusal to provide such information will be punishable by a fine in the amount of RUB 1,000,000 (approx. USD 16,000).
It is reported that Russian data protection laws have been enforced quite heavily in recent years and data subjects have sent many complaints to Roskomnadzor.
There has also been a growing number of appeals by data operators against the orders and decisions of Roskomnadzor imposing different sanctions on data operators and blocking their Internet resources.
As of 2017, Russia diversified how it fines breaches of data processing legislation, and increased overall fines. Now, illegal data processing can be fined between RUB 15,000 (approx. USD 260) and RUB 70,000 (approx. USD 1,230).
Additionally, Law No. 374 amends the Code of Administrative Violations to establish fines of up to RUB40,000 (approx. USD 700) for encryption which goes beyond mandated levels and for the use of previously uncertified encryption equipment. Furthermore, the Law imposes on distributors of information via the Internet the obligation to report to the Federal Security Service “all information required for the description of received, transferred, or delivered electronic communications.” The refusal to provide such information will be punishable by a fine in the amount of RUB 1,000,000 (approx. USD 16,000).
Coverage Horizontal
Sources
- www.linklaters.com/pdfs/mkt/london/Data_Protected_2014.pdf
- http://us.practicallaw.com/2-502-2227#a445355
- https://www.lexology.com/library/detail.aspx?g=776308e5-c174-4e40-ae10-fcd51e3ae2b1
- http://www.loc.gov/law/foreign-news/article/russia-new-electronic-surveillance-rules/
Restrictions on data
RUSSIA
Since July 2018
Chapter Data policies |
Sub-chapter Administrative requirements on data privacy
Federal Law No. 374 on Amending the Federal Law "on Counterterrorism and Select Legislative Acts of the Russian Federation Concerning the Creation of Additional Measures Aimed at Countering Terrorism and Protecting Public Safety"
Under a provision of the Federal Law 374 effective in July 2018, the exact text of transmitted messages, records of telephone communications (“voice information”), and content of other communications must be preserved by telecommunications network operators for a period of six months. This information must be forwarded to the security services upon their request.
Coverage Telecommunication sector