Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends
Posted in International/EU Privacy

Russia Imposes New Data Storage Requirements for Telecoms and ISPs

shutterstock_366140141Yesterday, Russian President Vladimir Putin signed the law “On introducing amendments to the Federal law ‘on fighting terrorism’ and other legislative acts of the Russian Federation related to establishment of additional measures against terrorism and ensuring public security” (the “Law”). Specifically, the Law introduces amendments to the Russian Law on Communications and the Russian Law On Information, Information Technologies and Protection of Information.

Specifically, the Law imposes extensive data storage requirements on (i) telecommunication operators (“Telco operators”) and (ii) Internet telecommunication operators (“Internet Telco operators”).

Both operators will be obliged to store in the territory of the Russian Federation information about users’ communications (i.e., about receiving, transmitting delivery and/or processing of voice and text messages, images, videos and other messages) for 3 years (for Telco operators) and 1 year (for Internet Telco operators), as well as the content of those communications for up to 6 months. In addition, the Internet Telco operators will be obliged to provide state security authorities with decryption keys if the processed messages and files are additionally encrypted.

The Law revises and increases the fines that Telco and Internet Telco operators face for violations of the Code of Administrative Offences of Russia.

The Law comes into legal force starting on 20 July 2016, though operators will not have to store the content of processed messages until 1 July 2018.