Your Subscription

We would like to ensure that you are still receiving content that you find useful – please confirm that you would like to continue to receive ILO newsletters.





Login
Twitter LinkedIn




Login
  • Home
  • About
  • Updates
  • Awards
  • Contact
  • Directory
  • OnDemand
  • Partners
  • Testimonials
Forward Share Print
Gorodissky & Partners

Yarovaya Law and new telecoms data storage requirements

Newsletters

08 August 2018

Tech, Data, Telecoms & Media Russia

Introduction
General data storage obligations
Specific data storage requirements
Comment


Introduction

On 1 July 2018 new data storage rules took effect for telecoms operators in Russia. The new rules were approved for application by Government Resolution 445 of 12 April 2018.

The new data storage rules form an integral part of the ongoing reform of the legislation on the national governance of:

  • internet sovereignty;
  • data privacy; and
  • cybersecurity.

The government launched this reform through the enactment of amendments to:

  • the Federal Law of 6 July 2016 on the amendment of the Federal Law on Counter-Terrorism (374-FZ);
  • the Federal Law of 6 July 2016 on the amendment of the Criminal Code and the Criminal Procedure Code; and
  • certain other acts with regard to the implementation of additional measures on counter-terrorism and public safety.

This package of laws is called the 'Yarovaya Law' after Irina Yarovaya, a principal author of the laws and the leader of the underlying reform. Yarovaya was a member of the State Duma (the lower chamber of Parliament) and became head of the Parliamentary Committee for Security and Anti-corruption in 2011.

General data storage obligations

In brief, the Yarovaya Law's key legal provisions include:

  • increased competence of the national authorities with regard to counter-terrorism;
  • new rules with regard to weapon exploitation and religious activities;
  • new obligations for shipping agents and foreign intelligence services;
  • new data storage obligations for telecoms operators; and
  • new data decoding obligations for telecoms operators.

According to the modified Article 64(1) of the Federal Law on Communications of 7 July 2003 (126-FZ), which was implemented by the Yarovaya Law, telecoms operators must store the following data in Russia:

  • information on the receipt, transmittal, delivery or processing of voice data, text messages, images, sounds, video or other messages of communication service users within three years from the completion of such activities (this provision took effect on 20 July 2016);
  • the text messages, voice data, images, sounds, video and other messages of communication service users within six months from the completion of their receipt, transfer, delivery or processing (this provision took effect on 1 July 2018).

Further, the general obligations on data storage include an obligation to provide the national law enforcement authorities, such as the Federal Security Service (FSS), with:

  • information regarding communication service users,
  • information regarding the communication services which have been provided to such users; and
  • other necessary information (Article 64(1.1) of the Federal Law on Communications).

Specific data storage requirements

The resolution sets out specific data storage rules for telecoms operators. More specifically, it clarifies the specific obligations, principles, terms and volume of storage for telecoms operators with regard to the following e-content relating to communication service users in Russia:

  • text messages;
  • voice data;
  • images;
  • sounds;
  • video; and
  • other messages.

The resolution outlines the following basic principles and specific obligations for telecoms operators:

  • Telecoms operators must store messages using their own software and facilities.
  • Telecoms operators may use, for the purpose of data storage, third-party software and facilities with the respective FSS division's authorisation.
  • Telecoms operators must secure their software and facilities against unapproved access in accordance with the requirements set out by the Ministry of Communications and Mass Media (special requirements regarding the applied software and facilities are set out by the Ministry of Communications and Mass Media under the FSS's authorisation); and
  • The removal (deletion) of messages from the applied software and facilities must be done automatically using special software algorithms and in accordance with the relevant requirements, by taking into account the maximum storage term for messages (ie, six months from the date of their receipt, transmittal, delivery or processing).

Comment

Both the Yarovaya Law and the new additional data storage requirements have been widely criticised in Russia. Although the abovementioned legal provisions and rules are aimed at fighting e-terrorism and preserving national cybersecurity, their application and implementation will inevitably lead to substantial financial and material investments by telecoms operators. Therefore, it will be interesting to see how this legislation will be complied with in practice.

For further information on this topic please contact Sergey Medvedev or Ilya Goryachev at Gorodissky & Partners by telephone (+7 495 937 6116) or email (medvedevs@gorodissky.ru or goryachevi@gorodissky.ru). The Gorodissky & Partners website can be accessed at www.gorodissky.com.

The materials contained on this website are for general information purposes only and are subject to the disclaimer.

ILO is a premium online legal update service for major companies and law firms worldwide. In-house corporate counsel and other users of legal services, as well as law firm partners, qualify for a free subscription.

Forward Share Print

Authors

Sergey Medvedev

Sergey Medvedev

Ilya Goryachev

Ilya Goryachev

Register now for your free newsletter

View recent newsletter

More from this firm

  • Newly proposed amendments to data processing operations
  • New tax relief for IT industry
  • New rules and procedures for blocking mobile apps distributing pirated content
  • Draft Big Data law provides clues of what to expect
  • Regulator clarifies key aspects of trademark use in keywords

More articles

  • Home
  • About
  • Updates
  • Awards
  • Contact
  • My account
  • Directory
  • OnDemand
  • Partners
  • Testimonials
  • Follow on Twitter
  • Follow on LinkedIn
  • Disclaimer
  • Privacy policy
  • GDPR Compliance
  • Terms
  • Cookie policy
Online Media Partners
Inter-Pacific Bar Association (IPBA) International Bar Association (IBA) European Company Lawyers Association (ECLA) Association of Corporate Counsel (ACC) American Bar Association Section of International Law (ABA)

© 1997-2021 Law Business Research

You need to be logged in to make a comment. Log in here.
Many thanks. Your comment has been sent.

Your details



Your comment or question *