The Russian president has just signed a law that will make things extremely difficult for all foreign companies that hope to reach users in the country.
Putin has validated a law that requires Internet companies to store personal data of Russian users within the country’s borders. This means that all companies that don’t even have offices in Russia, need to store user data into local data centers, ZDNet reports.
Despite this being veiled as an effort to keep people’s data safe inside Russia and away from the watchful eye of the NSA and the GCHQ and any other foreign intelligence service, there’s more to the decision.
The most important part is that using Russian data centers makes companies subject to Russian laws on government access to information. Basically, the government gave itself the right to get whatever data it wants from these companies.
Even so, lawmakers continue to claim that it’s all about minimizing the risk of Russian citizens’ data being hacked and stolen by criminals, as if keeping things locked inside the country will automatically fend off those with ill intent.
If they managed to refuse this type of access before, now the entire opposition has been crushed and the companies will have to comply or risk being blocked in the country entirely.
The Russian Association of Electronic Communications, which is essentially a group that lobbies in the name of Internet companies, believes that the law will make it impossible for many global Internet services to operate.
Furthermore, the two-year deadline included in the law to have companies comply with the new regulations isn’t nearly enough. While some smaller companies would likely just try to find some data center to store the data, companies such as Facebook, Google, and many others would need to build data centers.
The process is obviously a lengthy one since companies need to find a location, to create a project, to build the center, bring in the necessary equipment, test it out and so on.
The new law is part of a larger effort in Russia to control the Internet through various measures and, perhaps more importantly, to compel foreign companies to abide by Russian laws and requests of data without question.
The idea of having big companies store data within a country’s borders isn’t exactly new since in the past year the notion has come up more than once, mostly following the NSA scandal and the international implications of the mass surveillance effort.