Earn money online

Yarovaya's law on how to store so much information. The “Yarovaya Package” remains a regressive act that will provoke an increase in tariffs for communication services. Closed meeting with Nikiforov and the silence of the Big Four

23.05.2020
Yarovaya's law on how to store so much information. The “Yarovaya Package” remains a regressive act that will provoke an increase in tariffs for communication services. Closed meeting with Nikiforov and the silence of the Big Four

From July 1, 2018, Internet companies and mobile operators must store all messages for a certain period of time, data from Russian users and transfer them at the first request of the intelligence services.

What will operators and Internet companies store?

In addition to SMS messages and emails, the following are covered by the law:

    any text messages;

    calls on landline and mobile phone;

    Images;

  • other electronic messages.

How long will the data be stored?

The law gives the Russian government the right to independently regulate the storage period, the main thing is that it does not exceed 6 months. The following rules are now defined:

    Internet companies will store data 6 months;

    telecom operators that serve owners of mobile, landline, satellite phones, as well as pagers and payphones - also 6 months;

    Internet providers will begin storing data from October 1, 2018 for a period from 1 to 6 months.

Internet providers are required to have an amount of free space in their data centers equal to all outgoing and incoming user traffic from September 1 to September 30, 2018. Each subsequent year, providers are required to increase the data storage size by at least 15%.

Which telecom operators and Internet companies will be affected by the law?

The law refers to Russian telecom operators, as well as Internet companies that are "organizers of information dissemination"(ORI).

The register of ORI companies, compiled by Roskomnadzor, currently includes a little more than 100 Internet companies: the largest domestic ones (Yandex, Mail.ru group services, Rambler), foreign ones (Chinese WeChat, Opera), as well as many other sites , where users can leave comments.

The only foreign company that stated that it would not cooperate with Russian intelligence services was the Telegram messenger, which

Which intelligence agencies will be able to access the data?

Having a court decision in hand, only those intelligence services that carry out operational investigative activities can gain access to the stored data of Russians. These include:

    Ministry of Internal Affairs (MVD);

    federal Service security (FSB);

    Foreign Intelligence Service (SVR);

    Federal Penitentiary Service (FSIN);

Other government agencies are legally prohibited from obtaining user data. Internet companies must hand over to FSB officers decryption keys messages, for this they must install special equipment on their servers, approved by the Ministry of Telecom and Mass Communications.

What are the consequences of the “Yarovaya Law”?

Of course, all telecom operators and Internet providers will raise prices for their services for users.

Company expenses for the purchase of capacity for storing user data amount to millions for small companies and billions for large players in the communications market.

Thus, in May 2018, MTS estimated its costs for the “Yarovaya Law” for the next five years in 60 billion rubles. VimpelCom (Beeline) will spend 45 billion rubles., "Megafon" - 40 billion rubles.

The collection of laws has caused discontent among many residents of the country; opponents of the document believe that it will only bring losses for telecom operators and Internet companies, and will also allow intelligence agencies to obtain any user data.

Sources: Vedomosti, Izvestia, Kommersant, Meduza, TACC.

Personal data is information about a particular individual. Users enter this information on various Internet servers every day. In 2015, a law on the storage of personal data was signed. According to this act, information about citizens of the Russian Federation can only be stored on the territory of Russia. What does it mean? And what are the consequences of non-compliance?

Background

Back in 2006, the Federal Law on Personal Data was adopted, designed to regulate the specific relationships of individuals with the so-called operators. Its purpose was to ensure the protection of Internet users from unwanted processing and transfer of personal data to a third party.

Operator is a fairly broad concept. It can be a government body, a legal entity, or an individual. An operator is someone who, for any purpose, enters personal data about a person into his database. He, of course, has no right to disclose the data and use it for purposes unknown to the person who provided it. Such actions are unethical, and for the last ten years they have also been illegal.

From September 1, 2015, after the law on storing personal data in Russia was signed, the operator no longer has the right to use foreign servers in his work. In order to understand who is primarily affected by such changes and what impact they have, you need to understand the basic concepts.

Personal Information

There is a misconception that this concept means information contained in a passport and other important documents. In reality, personal data is various information about a person. This may not necessarily be a number or Such data is first name, last name, date of birth, email address. Thus, if a business owner creates a corporate website containing a form for registering visitors, he becomes the operator of personal data. He can use the information received only to carry out the activities that are known to those who provided it. Disclosure of personal data involves administrative or criminal liability, depending on the severity of the crime.

Confidentiality of information

The operator can distribute data about a person only with his consent. Such actions are illegal. Non-disclosure of personal data is an important condition for processing information. Its main principles are contained in the second chapter of the law. The operator has the right to distribute only information that is contained in publicly available sources, for example, address and telephone books.

Personal data can be divided into general, biometric and special. General ones are contained in the passport, diploma, military ID, work book. Special information includes information about race, religion, and political affiliation.

Biometric data is the biological and physiological characteristics of a person. These also include photos and videos. Thus, the transfer of such files to a third party can be identified as disclosure of personal data. The exception is group photos.

Treatment

There are phrases whose meaning may not always be clear. One of them is the processing of personal data. This term refers to the actions that the operator performs on the received information, namely personal data. He accumulates them, stores them, refines them, uses them, depersonalizes them, blocks them and destroys them. The operator has the right to all this. He breaks the law only when personal data is disclosed, that is, personal information is transferred to a third party.

Since September 1, 2015, significant restrictions have been introduced in this area of ​​activity. The law on the storage of personal data does not allow, for example, the owner of an Internet site to store received data on foreign servers. Even if he uses them exclusively for good purposes.

Depersonalization

This action is carried out in order to hide the ownership of the personal data of a particular person (in the legislative act he is called the subject). This is a kind of personal data protection. There are several methods of depersonalization:

  • replacing part of the information;
  • replacing digital data:
  • reduction of information;
  • distribution of information on different servers.

Subject

A person has the right to access his personal data. The rights of the subject of personal data imply the ability of an individual whose data is stored in the database to demand from the operator that he clarify, change, and, if necessary, destroy it. Every person has the right to demand the provision of information if it does not contain data of other subjects.

Other concepts

All data about a person is stored in databases. Using certain means they are processed and used by the operator. This technology is called information system personal data. Today everyone uses it, from small businessmen to government executive bodies. They are also entrusted with the protection of personal data. Monitoring compliance with requirements, provided for by law, carried out by Roskomnadzor, FSB and FSTEC.

Cross-border data transfer is the transfer of information to an individual or legal entity of a foreign state.

The Federal Law on Personal Data ensures the inviolability of an individual, his family and personal life. The new law pursues the same goals, but creates certain inconveniences for many operators.

Data storage in Russia

In its activities, each operator must now use only those databases that are stored in Russia. Why are such restrictions created? The law mentioned above primarily affects the security of personal data. But nothing is said about the scope of its action.

All areas of activity on the territory of Russia must be carried out in compliance with the Legislation of the Russian Federation. However, in World Wide Web any actions are cross-border and virtual in nature, which complicates control over the work of operators. At the same time, the fact that an Internet site is available to residents of Russia does not mean that Russian legislation should apply to it. Storing databases on Russian servers makes it easier to control the activities of operators.

The Law on the Storage of Personal Data provides for the processing of personal data only on Russian Internet resources. But there are exceptions here. They concern foreign servers directed to the territory of the Russian Federation. This focus may be indicated by the Russian language of the site or the domain name. However, since the Russian language is quite widespread outside the Russian Federation, the following elements are additionally considered: the possibility of payment in Russian rubles, the conclusion of contracts on the territory of the Russian Federation. Thus, foreign entrepreneurs include Russian consumers in their business strategy. And the effect of the law on personal data is also aimed at their activities.

Foreign servers

So, the law now allows the storage of personal data only on Russian servers. Databases located outside the Russian Federation cannot be processed. The State Duma adopted a law on this ban. However, this document gives rise to many problems. And above all, the difficulties relate to entrepreneurial activity.

Experts in the field of electronic communications believe that this could lead to the departure of global Internet resources, and this, in turn, to significant economic losses. First of all, we are talking about websites for booking airline tickets.

Inconveniences for entrepreneurs

Experts believe that new law will negatively affect the activities of many Russian companies. Every violator of this law has been blacklisted by Roskomnadzor since September 1, 2016. This list today consists of pirated sites and sites promoting illegal activities or actions that do not comply with moral and ethical standards (violence, suicide, child porn, extremism). The ban on these resources is quite understandable. But many enterprises that carry out completely legal activities may not be able to transfer their bases to Russian resources by the specified date.

Another goal of this law is to ensure the security of personal data from the actions of American intelligence agencies. Foreign resources are required to provide these government agencies with all available information. However, by ensuring the security of personal data from penetration by employees of foreign intelligence services, the law creates many inconveniences and problems for small, medium and large Russian enterprises.

Data storage services

Most companies today make sales using Internet marketing. One of the main tools is email marketing. Owners of corporate websites use online services to inform their clients about various events that are held in their companies. This scheme is so widespread that it is difficult to imagine the development of any business today without it. There is still a misconception that website owners are not operators because they do not store personal data. Special online services do this for them. But it is the site owner who processes and generates data about users. Therefore, he is an operator and in the near future he is obliged to transfer all the information he has about Internet users to Russian resources. This is not easy to do, and such actions, first of all, are associated with considerable financial costs.

Retroactivity of the law

Well-established legal principles suggest that operators' existing databases of personal data created before the date of signing the law do not constitute a violation. However, the use of personal data involves updating and changing them. The law states that the operator now has the right to process this information only on a Russian server.

Collection of information

The operator is obliged to localize all data on a Russian server. And these actions, according to the wording in the law, are closely related to the collection of personal data. This term is used to refer to the purposeful acquisition of information about individuals. It is usually provided by the Internet user himself. But it often happens that data arrives by accident. For example, as a result of receiving various letters. The collection of information also does not include data about one legal entity received by another organization. Such information is contact information, and its processing is necessary for the implementation of joint activities.

Transfer of data outside the Russian Federation

The law does not affect cross-border data transfers. The provisions that were formulated back in 2006 have not lost their force. Therefore, operators, as before, have the right to transfer data entered into a database created on the territory of the Russian Federation to others located abroad. However, such actions require compliance with certain standards. First of all, the operator must make sure that the country to which the data will be transferred has adequate protection for the personal information of Internet users.

Impact of the new law on the banking sector

Many purchases today are made via the Internet. The buyer often pays for goods with a bank card. Cellular companies and payment systems are usually located on foreign servers. There is no Russian payment system yet. And without it, it will not be easy to comply with the law.

However, some large companies nevertheless, they store information on the territory of the Russian Federation. And when exchanging data with foreign partners, they resort to depersonalization.

Data center

IN currently A new data center is being built in the Moscow region, which will become the largest in Russia. Large companies are investing in this project because they cannot underestimate the importance of storing personal data. However, this work is fraught with some difficulties. It is impossible to build a data center quickly.

Experts believe that the new law needs to be finalized. Otherwise he will not be able to act in full force. Its main disadvantage is another ban, from which small and medium business. And this area today is already in a rather deplorable state. One way or another, the new law has many opponents, but there are also those who are not afraid of it.

“Yarovaya Package” is one of the most ambitious documents adopted by the State Duma in recent years. Some of its provisions have already been reflected in regulations, while others came into force in the summer of 2018.

What is the “Yarovaya Law” when the most controversial part of the high-profile initiative regarding the storage of information about telephone conversations and personal correspondence of Russians comes into force?

Authors of the amendments

The sensational package of amendments prompted by the media is named after one of the authors, State Duma deputy Irina Yarovaya, who participated in the development of such legislative initiatives as criminal prosecution for libel, tougher sanctions for violations of the rules for holding rallies, and the “law on foreign media media.”

Senator Viktor Ozerov worked on the amendments together with Yarovaya. At that time, both parliamentarians headed the security committees: Yarovaya in the lower house, Ozerov in the upper house. Four legislators were already listed as co-authors of the voting procedure: Alexey Pushkov and Nadezhda Gerasimova were added to the list of initiators.

Anti-terrorist “Yarovaya Law” – what is it?

In simple words, the “Yarovaya package” is two federal laws containing changes to regulations (intended, according to the authors, to prevent manifestations of terrorism):

  • No. 374-FZ “On amendments to the federal law“On countering terrorism” and certain legislative acts Russian Federation regarding the establishment of additional measures to counter terrorism and ensure public safety” dated 07/06/2016;
  • No. 375-FZ “On amendments to the Criminal Code of the Russian Federation and the Criminal Procedure Code of the Russian Federation in terms of establishing additional measures to counter terrorism and ensure public safety”, dated 07/06/2016.

What innovations does the “Yarovaya Law” contain?

The essence of the amendments

The first document (No. 374-FZ) made amendments to the laws on the FSB, foreign intelligence, weapons, the Housing Code and many other acts. Its provisions expanded the powers of security forces, tightened responsibility for extremism, rules for postal forwarding, and cargo clearance.

So, in new edition Law No. 35-FZ “On Countering Terrorism” dated 03/06/2006:

  • Article 5 was supplemented by a new part (4.1) on the creation of anti-terrorist commissions in the constituent entities of the Russian Federation, the decisions of which are binding;
  • Article 5.2 was introduced, explaining the actions and powers of local authorities to combat extremism and terrorism;
  • Article 11 includes part 5, expanding the grounds for introducing the CTO regime.

The same law introduced amendments to the Housing Code of the Russian Federation, and with them a ban:

  • disseminate religious teachings in premises intended for housing (with the exception of rituals and ceremonies) (Part 3 of Article 17);
  • on the activities of missionaries if they are aimed at committing extremist actions, threaten others, etc. (Part 3.2 Article 22).

Changes to the Communications Law

Innovations in Law No. 126-FZ “On Communications” dated 07/07/2003 and their essence for mobile operators and Internet service providers is established requirement store user messages (voice and text messages), photos, videos, etc. sent in them, as well as information about telephone conversations or correspondence of subscribers. The storage location is within the country. The conditions - traffic volume and storage period - are developed by the Cabinet of Ministers.

The storage period for message content is up to six months. Information about their departure, delivery, processing, etc. should remain in storage longer:

  • three years – information about calls from mobile subscribers;
  • one year – data on electronic correspondence of Russians.

The introduced clause 1, part 1.1, article 64 of the law on telecom operators obliges them to provide intelligence services with information about the telephone conversations of their clients. A similar requirement, but this time regarding the Internet activity of Russians hidden from the general public, is contained in the new paragraph (3.1) of Article 10.1 of Law No. 149-FZ “On Information, information technology and on information protection" dated July 27, 2006. And clause 4.1 obliges domain owners, providers and everyone who falls under the concept of “organizer of information dissemination” to transfer encryption keys to security forces for decoding user messages.

Failure to comply with the requirements of the security authorities will result in a fine. What its size will be is specified in Article 13.31 of the Code of Administrative Offenses of the Russian Federation, Part 2.1:

  • citizens will pay from 3,000 to 5,000 rubles;
  • from 30,000 to 50,000 rubles – officials;
  • from 800,000 to 1 million rubles – companies.

Amendments to the Criminal Code of the Russian Federation

Another normative act, included in the “Yarovaya package”, Law No. 375 added to the list of criminal offenses:

  • failure to report to law enforcement about a crime of a terrorist nature (committed, being committed or planned). The most severe sanction for this is imprisonment for 12 months. A citizen who did not inform about such an act committed by his spouse or close relative will not be held liable;
  • international terrorism with a maximum penalty of life imprisonment.

The updated version of the Criminal Code of the Russian Federation has expanded the list of crimes for which criminal liability begins at the age of 14:

  • participation in a terrorist organization and its activities (part 2 of article 205.4 and part 2 of article 205.5, respectively);
  • training to master skills for use in planned terrorist activities (Article 205.3);
  • failure to report a crime (Article 205.6);
  • act of international terrorism (Article 361).

When does the “Yarovaya Law” come into force?

IN " Rossiyskaya newspaper"The official text of the Yarovaya Law was published on July 8, 2016. On July 20 of the same year, the bulk of the innovations came into effect, including changes to the Criminal Code of the Russian Federation.

July 1, 2018 is the day specified in the Federal Law when Irina Yarovaya’s law comes into force regarding the requirement to store data on remote communication of Russians. However, the Russian Government is now discussing the possibility of delaying the entry into force of the law for several months. This was announced by Deputy Prime Minister Arkady Dvorkovich. The need for a delay is associated with the development of by-laws that will determine the volume and duration of data storage under this law.

According to the Big Four cellular operators, organizing message storage alone will require more than 2.2 trillion rubles. Ultimately, the costs of companies will lead to a sharp increase in tariffs. The Ministry of Telecom and Mass Communications allowed the cost of cellular communication services to increase threefold.

Which explains the norms of the “Yarovaya package” in relation to Internet sites, instant messengers and other services. The document clarifies that all information dissemination organizers are required to store user traffic for six months. We are talking about voice information, images, sounds, video recordings and electronic messages of Internet users.

This is a serious tightening of the “Yarovaya package”, taking into account the fact that Internet providers are required to store user traffic only for 1 month.

But if you use a foreign VPN, then the rules may not apply to you. In this case, websites and instant messengers not obliged store your messages.

Resolution No. 728 has a rather long title “On approval of the Rules for the storage by the organizer of the dissemination of information on the information and telecommunication network “Internet” of text messages of users of the information and telecommunication network “Internet” of voice information, images, sounds, video, other emails users of the information and telecommunications network "Internet".

But its essence is formulated quite succinctly.

The first paragraph lists the information to which the regulation applies. It is also listed in the title of the by-law: this is voice information, images, sounds, video, and other electronic messages from users.

The second paragraph states that the organizer of information dissemination (ORI) is obliged to store this information on the territory of Russia “and provide electronic messages to in the prescribed manner authorized government agencies carrying out operational intelligence activities or ensuring the security of the Russian Federation.”

The second paragraph explains who these rules apply to (in short, only to Russians):

  1. For users registered using network addresses determined by the organizer of information dissemination as used on the territory of the Russian Federation.
  2. For users authorized using network addresses determined by the organizer of information dissemination as used on the territory of the Russian Federation.
  3. For users who, when registering or using the functions of an Internet communication service, indicated an identification document issued by a government agency of the Russian Federation (the main document or other identification document).
  4. For users who use devices and (or) computer programs that transmit geographic data (metadata) indicating their location on the territory of the Russian Federation to access an Internet communication service.
  5. For users about whom the ORI has been informed by authorized government agencies carrying out operational investigative activities or ensuring the security of the Russian Federation, that the users are located on the territory of the Russian Federation.
Finally, the third paragraph indicates the shelf life: 6 months from the moment of completion of reception, transmission, delivery and (or) processing of electronic messages.

Obviously, the definition of “other electronic communications” from users includes messages on forums and in social networks, including personal messages, comments on articles, messages in instant messengers, and so on. The most difficult situation will be for owners of instant messengers that support the transmission of video and audio messages (Skype, Hangout). Because they will either have to open their own data centers in Russia, or negotiate with the owners of existing ones, and then store quite significant amounts of traffic here. Of course, it is necessary to allocate special personnel who will monitor compliance with the rules, that is, the correct storage of data. In this sense, the norms of Russian legislation are reminiscent of the European GDPR, with one difference: European legislation is aimed at protecting the personal information of citizens and provides for several procedures according to which a user can request the deletion of their data. Moreover, the operator must delete personal data of users after a certain period of time. Russian legislation approaches the issue from a different angle. Yes, here the operator is also obliged to store data in the local jurisdiction, but not at all to protect the user’s personal data, but to simplify operational investigative activities. Russian legislation does not require mandatory deleting data after a certain period of time establishes only a minimum, but not a maximum, period of storage.

Warning at the request of the site administration:“When commenting on this material, please follow the rules. Please refrain from harassment and toxic behavior. There is post-moderation in comments."
  • How many organizations are testing SD-WAN solutions?
  • Is it possible to increase business agility without compromising network security?
  • How to prioritize business traffic in real time?
  • Can you save money with SD-WAN solutions?

How the Internet of Things and BYOD have changed network access control?

  • The number of IoT devices will reach 55 billion by 2025.
  • In 53% of companies for Last year the number of infected endpoints has increased
  • 63% of companies cannot control mobile devices outside corporate network
  • The number of BYOD workers has reached 1.76 billion

Register to download your free eBook now.

The authorities explained the “Yarovaya law” for websites: You will have to store the contents of messages for a maximum period

6879

06/29/2018, Fri, 09:27, Moscow time , Text: Igor Korolev

The government has approved requirements for organizers of information dissemination on the Internet regarding the storage of the contents of their users’ correspondence. You will have to store the correspondence for six months - the maximum period allotted by the Yarovaya Law.

The government clarified the requirements of the Yarovaya Law for Internet companies

The Russian government has approved rules for the storage of the contents of user messages by organizers of information dissemination on the Internet (ORI). The document is a by-law to the Law “On Information, Information Technologies and Information Protection”, according to which, from July 1, 2018, ORI will be required to store the contents of their users’ correspondence.

What is ARI

The term ARI was introduced into legislation in 2014, when it was adopted, developed with the participation of Senator Irina Yarovaya package of “anti-terrorism amendments”. ORI refers to sites and services that allow Internet users to communicate, with the exception of sites for personal and family needs.

Initially, the law required them to store data on actions performed by Russian users in Russia for six months. At the same time, a government decree was adopted detailing the requirements for storing information.

It was established that Russian users are users who log in from the territory of Russia, register from the territory of Russia, or register using Russian identifiers (passports, numbers cell phones etc.). Also, Russian law enforcement agencies can themselves inform the ORI which users should be considered Russian.

The Government requires internet companies to keep
user correspondence for six months - the maximum period allotted by the Yarovaya Law

ORI must store and transfer to Russian law enforcement agencies registration data about Russian users, information about the facts of their authorization, messages sent and received by them, and messages provided to them paid services and payments made.

Message Content Retention Requirements

In 2016, a new anti-terrorism package of bills was adopted, co-authored by Irina Yarovaya. The document received the informal name “Yarovaya Law”. According to it, ORI must store data on correspondence of Russian users for a year. Also, the contents of the messages themselves must be stored for up to six months.

We are talking about all types of messages: text, photos, videos, images, sounds, etc. The rule on storing the contents of messages is the most expensive for ORI, and large Russian Internet companies opposed its adoption. As a result, the law stated that this norm will come into force only on July 1, 2018, and the government will establish requirements for volumes and storage periods.

In addition, if ORI uses key exchange technology to encrypt messages between users, the law obliges the security services to provide keys to decrypt such messages.

The authorities did not soften the requirements of the Yarovaya Law for Internet companies

The current government decree specifies the requirements for ORI for storing the contents of messages. The government decided not to soften the requirements for ORI and obliged them to store user messages for the maximum period allowed by law: six months. The concept of a Russian user remains the same as in the government decree of 2014.

“The government decree contains the maximum period for storing the contents of correspondence allotted by law, but does not contain the maximum amount of capacity that should be allocated for these purposes,” notes the chief analyst of the Russian Association of Electronic Communications Karen Kazaryan. - Since almost any Internet site can be recognized as an ARI, the implementation of these requirements will require large costs, which will be unaffordable for both small Internet resources and large Internet companies. At the same time, it is still not clear how information containing secrets, personal data, copyright objects, etc. should be stored.”

Note that the “anti-terrorism package” of bills from 2016 introduced similar requirements for telecom operators. They must store information about messages sent by their subscribers for three years, and the contents of the messages themselves for up to six months. The rule on storing the contents of messages from telecom operators also comes into force on July 1, 2018, and the requirements for it should have been spelled out in a separate government decree.

This government decree was issued in the spring of 2018. Telephone traffic should be stored for six months. But in the case of data traffic, the government made a compromise.

It will need to be stored from October 1, 2018. The telecom operator will have to allocate capacity to store such traffic and hand over the corresponding system to Roskomnadzor and the FSB. The volume of capacity will have to correspond to the volume required for the operator to store the traffic of its subscribers for the month preceding the delivery of its system to them. Each year over the next five years, capacity will increase by 15%.

How to punish ORI for failure to comply with Russian laws

Meanwhile, if the activities of telecom operators are licensed, then it is more difficult to regulate the work of ORI. Roskomnadzor started the ARI register in the fall of 2014, but at first it included only Russian services. For refusal to register in the ARI Register, the law provides for punishment in the form of blocking access to the resource from the territory of Russia, but at first Roskomnadzor did not punish foreign sites for ignoring the requirements for the ARI Register.

The first foreign services began to be included in the ARI Register at the beginning of 2017. At the same time, the first foreign services that were not included in this Register were blocked. At the same time, Roskomnadzor did not apply any sanctions against such large services as Facebook, Twitter, WhatsApp, Viber, Skype, etc., although they are not in the ARI Register.

The most notorious story was with Telegram. In 2017, the head of Roskomnadzor, Alexander Zharov, warned him about blocking. After this, the creator of Telegram Pavel Durov agreed to register in the ARI Register, but assured that he would not give access to users’ correspondence.

The FSB then demanded keys from Telegram to decrypt messages from a number of its users. Due to the refusal to comply with this requirement, this spring Roskomnadzor began blocking Telegram. However, the messenger itself manages to bypass the blocking.

Supervisor public organization"Roskomsvoboda" Artem Kozlyuk notes that until now the ARI Registry has operated opaquely. “Most likely, this will continue, and all cases of obtaining user data will be resolved according to “telephone law,” says Kozlyuk. “In this regard, the story of the Swiss messenger Threema is indicative: Roskomnadzor included it in the ARI Register, but the service itself stated that Swiss legislation, in principle, will not allow it to transfer data about its users.”



You might be interested