Advertisers are increasingly using online messenger systems to promote businesses, as well as their goods and services. In this context, the Federal Anti-monopoly Service recently issued an official letter clarifying, among other things, the application of the Federal Law on Advertising to messenger systems such as Viber and WhatsApp. The letter is notable as it reveals the regulator's approach to advertising campaigns disseminated via various instant messaging services.
The president recently signed the Digital Rights Law, which will take effect on 1 October 2019. The law has introduced a number of new legal concepts into Russian legislation, including digital rights, e-transactions, smart contracts and Big Data. Companies doing business on the digital level in Russia should familiarise themselves with the background and key provisions of the law to ensure that they are ready to operate in the new legislative environment.
Roscomnadzor (the Russian data protection authority) recently filed a landmark action against illegal personal data processing by Google Analytics and Yandex Metriсa. If the authority succeeds in the appeal court, Russian websites will have to welcome users with EU General Data Protection Regulation-style cookie banners and privacy policies. Prior to this case, the Russian internet community had not considered statistical information concerning web traffic and user actions to constitute personal data.
Bill 424632-7 on the Amendment of Parts 1, 2 and 4 of the Civil Code of the Russian Federation (the Digital Rights Bill) and Bill 571124-7 on the Amendment of the Federal Law on Information, Information Technologies and Data Protection (the Big Data Bill) were recently submitted to Parliament for discussion. Both bills are essential developments, especially given the increasing interest in and high value of Big Data in the current digital reform.
The EU General Data Protection Regulation (GDPR) applies internationally and can encroach on the national laws of non-EU countries. In Russia, international companies must fulfil the requirements of both the GDPR and local laws, even though they may contradict each other. Companies should follow a number of recommendations in order to find the most practical solutions, mitigate relevant legal risks and keep their noses clean should Roscomnadzor try to find fault with them.