Broadly written rules would allow the Russian government greater central control over content and data flows, and greater access to users’ information.

By Fiona M. Maclean and Ksenia Koroleva

On May 1, 2019, the Russian President signed draft law No. 608767-7, commonly referred to as the Russian Internet Law, or “RuNet Law” (Federal Law No. 90-FZ “On Amending Federal Law ‘On Communications’ and Federal Law ‘On Information, Information Technology and Information Protection’”). The majority of RuNet Law amendments will come into effect on November 1, 2019.

The RuNet Law’s principal provisions include:

  • Introducing rules for the centralization and control of data traffic (g., the RuNet Law establishes a centralised Russian Internet data traffic routing system)
  • Requiring entities involved in the transfer of data to install additional equipment and comply with new obligations that aim to ensure such centralization

By Gail Crawford and Ksenia Koroleva

The Federal Law No. 87-FZ of May 1, 2017, on Amendments to the Federal Law on Information, Information Technologies, and Information Protection (the Law) came into force on July 1, 2017. The Law introduces the definition of an audiovisual service owner and regulates their activities, including imposing ownership restrictions.

The Notion of Audiovisual Service Owners

According to the Law, an audiovisual service owner is an owner of a website, a page of a website, an information system, and/or software (an Audiovisual Service):

  • Used for collating and providing access to audiovisual content
  • By paid subscription and/or funded by advertising
  • To users located in the territory of Russia
  • With more than 100,000 users a day (on average)

The following are not regarded an Audiovisual Service:

  • Information resources registered as online media in accordance with the Federal Law No. 2124-1 of December 27, 1991, on Mass Media (e.g., online media, TV-channels, TV/radio/video programs, etc.)
  • Search engines
  • Information resources which focus on hosting user-generated content under the criteria to be set by the Federal Service for Supervision in the Sphere of Telecom, Information Technologies, and Mass Communications (Roscomnadzor) (e.g., YouTube, RuTube, Vimeo).

By Lore Leitner & Ksenia Koroleva

Since the proposal of Federal Law No. 526-FZ (the Law) in December 2014, the Russian data protection regulator (Roscomnadzor) has not issued any official comments on the application of the new Law. Roscomnadzor did recently hold several meetings with a number of representatives of major IT companies in Russia to make sure that these companies will be ready to comply with the new requirements by the time the Law comes into force on 1 September 2015, and to discuss how to apply the new Law. What was said during the meetings is not publicly known and companies which participated in these meetings have not shared many details. However, we know that during these meetings, Roscomnadzor mentioned that after the law has come into force, it will audit more than 300 companies by the end of 2015. A full list of such companies is not available (although some potential “targets” were mentioned). It is unclear whether the list would include Russian companies only or foreign companies as well and in case of the latter, it is unclear how the audit will be conducted in practice in the absence of proper cross-border investigation tools.

However, the Russian Ministry of Communications and Mass Media (MinComSvyaz), which is not the same as Roscomnadzor but is the Ministry which controls Roscomnadzor, published comments and a set of FAQs (in Russian only) in connection with the application of the Law. These comments and FAQs are not binding, but are likely to be adhered to in practice by administrative authorities and courts. At first glance MinComSvyaz appear to take a reasonably liberal view of the broadly drafted laws, but until there are practical examples, it is hard to form a definitive view.