Feeds

Russian law will force citizens' personal data to be stored locally

Won't someone think of the software-as-a-service startups?

The essential guide to IT transformation

Russia has amended legislation on data retention to force social networks to store data about its citizens on home soil.

Bill number 553424-6 , which translation engines tell us is titled “On Amendments to Certain Legislative Acts of the Russian Federation (to clarify the processing of personal data in information and telecommunications networks)” specifies that “when collecting personal data, including information and telecommunications network, the Internet, the operator must ensure that record, systematization, accumulation, storage, updated, modified, removing the personal data of citizens of the Russian Federation, in databases, of information located in the territory of the Russian Federation”.

The result of the bill looks to be that social networks, retailers and the likes will need to place servers within Russia if they want to do business with Russians. Which sounds like just the kind of thing a regime keen to track its citizens would like.

But as Russia Today points out, Russian businesses such as airlines that rely on hosted software aren't likely to appreciate the law. Nor, one imagines, are software-as-a-service providers who aren't always in a rush to create new data centres.

The Bill passed the Duma, the lower house of Russia's Parliament, last week. Vulture South lacks any nuanced understanding of Russian politics, but with 280 votes for and none against it doesn't look like Russia's Upper House will prove an obstacle to its passage into law.

The law comes into force on September 1st, 2016, giving Russian companies – and those in other nations that target them – plenty of time to adjust, or perhaps to build local bit barns.

Coping with the law may not require enormous effort, an assertion Vulture South makes in light of the Australian state of New South Wales Department of Education's adoption of Gmail for nearly a million students. The Department insisted that students' email be stored on Australian soil, a request Google happily accommodated. A local telco – Telstra – stepped in to do the hosting and Gmail reportedly didn't need much tweaking to work under these arrangements.

One last possibility: might the law leave a loophole that allows a copy of data to reside in Russia? If that's possible, lots of synchronisation might do the trick. ®

The essential guide to IT transformation

More from The Register

next story
Super Cali signs a kill-switch, campaigners say it's atrocious
Remote-death button bad news for crooks, protesters – and great news for hackers?
UK government accused of hiding TRUTH about Universal Credit fiasco
'Reset rating keeps secrets on one-dole-to-rule-them-all plan', say MPs
Ex US cybersecurity czar guilty in child sex abuse website case
Health and Human Services IT security chief headed online to share vile images
Don't even THINK about copyright violation, says Indian state
Pre-emptive arrest for pirates in Karnataka
The police are WRONG: Watching YouTube videos is NOT illegal
And our man Corfield is pretty bloody cross about it
Felony charges? Harsh! Alleged Anon hackers plead guilty to misdemeanours
US judge questions harsh sentence sought by prosecutors
prev story

Whitepapers

A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.