Russia’s Privacy Rules Stifle Dissent

The Russian Federation’s creation and manipulation of privacy rules, regulations and laws continues apace with the unstated but clear intent to allow the government to stifle voices of dissent. To that end, we have seen the Federal Service for Oversight of Communications, Information Technologies and Mass Media (Roskomnadzor) advance prospective laws, suggest means to disrupt western social networks and messaging apps and remove any shred of online individual anonymity within the Russian internet.

Social Networks in Russia

No doubt the the degree to which networks which host dissenting messages have penetrated Russia’s online population is of primary concern to the Russian government. One would think, given the vitriol directed at Twitter, that the social network’s Russian penetration would be among the largest, but that is not the case. According to Statista’s third quarter 2020 report on Russian internet users in February 2021, YouTube leads with an 85.4% level of penetration. They are followed by Russia’s own VK, which enjoys a 78% penetration rate, while Twitter, ranked 11th, enjoys a much lower level of penetration at 18.6%.

Cybersecurity Live - Boston

Still, the disdain for Twitter is clear; the Russian courts, for example, found Twitter guilty of three counts of violating regulations with respect to unlawful content and fined Twitter 8.9 million rubles (~US$117,000). Roskomnadzor threatened Twitter with a 30-day ban in late March 2021, but instead opted to throttle the service through the month of May 2021. The adjustment was made after Twitter removed some of the “offending” posts identified by the Russian government.

But Twitter isn’t alone; TikTok was also taken to task for failure to delete content about unsanctioned demonstrations and fined 2.6 million rubles (~US$34,000). And Roskomnadzor may not be done – it is rumored to be targeting Google and Facebook for similar issues. LinkedIn, however, isn’t affected as the social network is banned from Russia due to its failure to agree to house Russian user data on servers located in Russia.

Embrace 1984

In a move which can only be described as Orwellian, Roskomnadzor used all the tools at its disposal to create Special Consent amendments to the Federal Law on Data Protection to expand the amount and type of personal information it can access from social media platforms to capture users’ identities. Roskomnadzor is expected to take advantage of these amendments around special consent to include not only a healthy dose of PII, but also what purpose the data collected serves, the conditions or restrictions on the use of the data, the window of time for which the consent is given, and links to identify where the data is finally published.

In the last few weeks Roskomnadzor has vacillated between requiring users of social networks and online messaging apps to include passport data, addresses, email, telephone and other personal identifying information in their PII as part of the Special Consent efforts. Currently, the oversight entity has removed their suggestion that verification include passport data.

Free speech remains a pipe dream in Russia. Roskomnadzor notes it routinely catalogs websites which Russian ISPs are required to block from the Russian web for violation of Russian laws and regulations surrounding internet content. One need only look to Gary Kasparov, former world chess champion and a vocal outspoken critic of Putin, whose site is blocked from Russian users as an example of how dissenting voices are blocked.

We’ll know just how many fig leaves of the average Russian user’s privacy are left on the tree when the Special Consent law takes effect in July 2021.

Featured eBook
The Dangers of Open Source Software and Best Practices for Securing Code

The Dangers of Open Source Software and Best Practices for Securing Code

More and more organizations are incorporating open source software into their development pipelines. After all, embracing open source products such as operating systems, code libraries, software and applications can reduce costs, introduce additional flexibility and help to accelerate delivery. Yet, open source software can introduce additional concerns into the development process—namely, security. Unlike commercial, or ... Read More
Security Boulevard

Christopher Burgess

Christopher Burgess (@burgessct) is a writer, speaker and commentator on security issues. He is a former Senior Security Advisor to Cisco and served 30+ years within the CIA which awarded him the Distinguished Career Intelligence Medal upon his retirement. Christopher co-authored the book, “Secrets Stolen, Fortunes Lost, Preventing Intellectual Property Theft and Economic Espionage in the 21st Century”. He also founded the non-profit: Senior Online Safety.

burgesschristopher has 165 posts and counting.See all posts by burgesschristopher