The Kremlin Tightens Data Laws
By Izatt Folkman
Russia created several heavy data laws after it illegally annexed Crimea and Western powers imposed sanctions on it (RFE/RL). However, one of the first data laws that Russia was involved with came about in 2012-2013 with the introduction of the now-defunct BRICS organization. BRICS was an organization of several countries spearheaded by Brazil and South Africa that aimed to create an Internet not centered on the United States. The organization planned to achieve this goal by laying its own fiber optic cable. Russia was involved, though it did not lead the initiative. As of 2015, BRICS has been inactive and seemingly dissolved (Lee).
The Kremlin has created data laws to gain more control over interactions and information of those living in Russia. These laws are targeted at collecting Russian citizens’ data and sanitizing incoming information. These laws have allowed the state to suppress negative information about the government and its leaders. They bring more business to Russian tech companies, as the laws require international companies to store Russian data on Russian servers (Newton & Summers).
One of the largest pushes for data control in Russia came from the Yarovaya laws passed in July 2016. The Yarovaya laws, led by deputy Irina Yarovaya, were written to fight terrorism in Russia. They restricted public Russian communication, set private electronic communication storage and government use requirements. Any and all positive commentary about terrorism on social media could be fined the same way a publication would be fined for inciting terroristic speech. Russian telecom companies were also given the requirement to store all communication between Russian citizens for six months, while also storing communications metadata for a total of three years. Companies that organize and distribute information on the Internet are also required to hold communications for six months, but only have to store the metadata for the period of one year (Meduza).
Among the companies and websites that have faced backlash from these laws are Facebook, Twitter, and Tinder. Facebook and Twitter were fined in January 2019 for not having a plan in place to store Russian data on Russian servers after laws were passed in 2015 demanding such data retention. If Facebook and Twitter do not put such data retention in place, they could face blockage in Russia (Simmons). Tinder also faced similar controversy this June when it was included on the list of “information disseminators” that are required to pay for Russian server space. While there were many concerns from the Russian people that their government is storing so much of their information, several analysts and commentators agree that the Russian government stores more communication than they could ever read. Many of the communications stored are only used to investigate suspected terrorists (Prince). The fines faced by many of these companies are relatively small, but the eventual consequences of not complying with Russian law are much more severe.
Last year, Russia passed another data law that allows the Russian government to censor search engine results. The Russian government mandates that search engines hide results of link and content that is banned in Russia. Google has been caught twice since the law was passed in July 2018 of not censoring search results (RFE/RL). The first fine was $7900 and the second was $11000. Google still allows about one-third of blacklisted sites to be seen in Russia.
This week, senators in Russia have brought two new laws to further encroach and track Russian data. The first law proposes that all smart electronics in Russia be sold with pre-installed Russian-made software. The list of required software would be curated by Russian authorities in a bid to bolster Russian software companies (Balmforth, Tsydenova & Zverev). If this law passes, it will come into effect July 2020, and the government will start imposing fines in January 2021.
The second law proposed this week would demand Russian Internet companies to link user email addresses to their phone numbers, in order to link emails to specific people. This law would help Russian tighten control over the Internet in response to Putin’s approval declining and the ever-growing threat of political protests against Russian officials. The senators who proposed the bill stated that “email providers should only allow messages to be transmitted from identified users (Khrenikov).” This bill would also be used in reducing hoax terrorist claims via email and allow the Russian government to find the people making them (Balmforth, Tsydenova & Zverev). This bill has drafted with a similar spirit to a bill passed in March that will punish the spread of fake news online.
Balmforth, Tom, Nadezhda Tsydenova, and Anton Zverev. “Russian Lawmakers Seek to Stamp out Banned Content in Emails.” Reuters. July 23, 2019. Accessed July 24, 2019. https://www.reuters.com/article/us-russia-internet-email/russian-lawmakers-seek-to-stamp-out-banned-content-in-emails-idUSKCN1UI2AO.
Balmforth, Tom, Nadezhda Tsydenova, and Anton Zverev. “Russian Lawmakers Propose Making Local Software Mandatory On…” Reuters. July 19, 2019. Accessed July 24, 2019. https://www.reuters.com/article/us-russia-smartphone-idUSKCN1UE1MF.
Khrenikov, Ilya. “Want Email in Russia? The Kremlin Wants Your Phone Number First.” Bloomberg.com. July 23, 2019. Accessed July 24, 2019. https://www.bloomberg.com/news/articles/2019-07-23/want-email-in-russia-the-kremlin-wants-your-phone-number-first.
Lee, Stacia. “International Reactions to U.S. Cybersecurity Policy: The BRICS Undersea Cable.” The Henry M. Jackson School of International Studies. July 11, 2019. Accessed July 24, 2019. https://jsis.washington.edu/news/reactions-u-s-cybersecurity-policy-bric-undersea-cable.
Newton, Matthew, and Julia Summers. “Russian Data Localization Laws: Enriching “Security” & the Economy.” The Henry M. Jackson School of International Studies. July 11, 2019. Accessed July 24, 2019. https://jsis.washington.edu/news/russian-data-localization-enriching-security-economy/.
Prince, Todd, and Todd Prince. “Russia Orders Dating App Tinder To Comply With Internet Laws.” RadioFreeEurope/RadioLiberty. June 04, 2019. Accessed July 24, 2019. https://www.rferl.org/a/tinder-required-to-share-user-information-with-russian-authorities/29979585.html.
RFE/RL. “Russia Fines Google For Failing To Remove Links To Banned Websites.” RadioFreeEurope/RadioLiberty. July 18, 2019. Accessed July 24, 2019. https://www.rferl.org/a/russia-fines-google-for-failing-to-remove-links-to-banned-websites/30063141.html.
Meduza. “Russia’s State Duma Just Approved Some of the Most Repressive Laws in Post-Soviet History.” Meduza. Accessed July 24, 2019. https://meduza.io/en/feature/2016/06/24/russia-s-state-duma-just-approved-some-of-the-most-repressive-laws-in-post-soviet-history.
Simmons, Ann M. “Russia Accuses Facebook, Twitter of Failing to Comply With Data Laws.” The Wall Street Journal. January 21, 2019. Accessed July 24, 2019. https://www.wsj.com/articles/russia-accuses-facebook-twitter-of-failing-to-comply-with-data-laws-11548085132.