A new Russian law will go into effect on August 1, 2014, that requires a wide array of websites and online services to register formally with the government. Sites and applications that allow Internet users to communicate will be obligated to store the past six months of user-data on servers located inside Russia, making the information available to Russian law enforcement. Several state agencies are now involved in drafting bylaws that will determine how officials actually enforce the new Internet laws.
Image courtesy of author.
Four draft bylaws are making headlines in Russian newspapers today. Additionally, the Web portal Habrahabr.ru has posted the documents’ full text.
The proposed bylaws contain three main points:
1. In a world without Tron, nobody fights for the users in Russia.
Websites and applications will be required to archive virtually every kind of information about their users (logins, email addresses, contacts lists, all changes to a user’s account, a list of all accessed DNS servers, and so on). The actual content of the messages exchanged online, however, does not need to be archived. (If you write “Down with Putin!” to your Facebook friend, Russian police would only see that you messaged your Facebook friend—not that you cursed the Kremlin.)
2. The Kremlin is careful to let sleeping dogs lie.
Sites and services that exist for “personal, family, or household needs” are exempt from the law, though this exception does not apply to the exchange of information of a “public-political nature” or to conversations where the number of participants is indefinite. Online commerce, scientific and educational activity, and things like job searches are also exempt. TJournal’s Sultan Suleimanov has joked that these exceptions are “for everyone except Navalny” (the country’s most prominent anti-corruption blogger), observing that Russian authorities are being cautious not to disturb apolitical Internet users.
3. An opt-out loophole could grant the Russian government total access to websites’ data.
Finally, the Russian Federal Security Service (the equivalent of the American FBI) will offer websites and applications the opportunity to opt out of the data-archiving requirement, if they grant the government full, real-time access to their data. In this case, Russian police would obtain unrestricted access to Internet users’ data, which officials would themselves archive. According to a source inside the Interior Ministry, the state now lacks the resources necessary to archive much data itself. (In other words, additional funding would be required.)
It is this third point that could prove the most curious in the enforcement of Russia’s new Internet regulations. How many websites and applications will decide to open entirely to the government, to spare themselves the trouble and expense of selecting and storing user-data according to the new laws? Is the Kremlin betting that it can gain full access to the RuNet by offering this loophole? Or is this a ploy by federal police to bleed the state budget of more funding, creating the need for subsidies to be plundered?
Of course, corruption and censorship are not mutually exclusive. That much we know from Alexey Navalny, who, having spent the past three months under house arrest and a ban on Internet use, learned it the hard way.