On June 24, 2016, the State Duma, the lower chamber of the
Russian Parliament, discussed and passed the Federal Law of
06.07.2016 No. 374-FZ "On the Introduction of Amendments to
Federal Law 'On the Counteraction of Terrorism' and to
Certain Legislative Acts of the Russian Federation with Regard to
Establishing Additional Measures Designed to Counteract Terrorism
and Promote Public Safety" (the Law), generally known as the
Yarovaya Law. Five days later, the Federation Council of Russia,
the higher chamber of the Russian Parliament, passed the Law as
well. The Law was finally signed by President Vladimir Putin on
July 7, 2016.1
The Law is named after its main author, Irina Yarovaya, a member
of the State Duma and the ruling United Russia party. Yarovaya is
known for previous conservative legislative initiatives, including
the obligation for non-governmental organizations (NGOs) to
register as "international agents" if they receive
The Yarovaya Law both amends and adds legislation. It is
primarily aimed at battling terrorism and extremism, but also
imposes new data retention obligations on telecoms and online
messaging providers that offer or assist communication services on
the Internet (called "arrangers of information distribution by
means of Internet") and secures the provision of information
to federal investigators and prosecutors.
Russia's telecom companies are now required to store the
contents of telephone calls, text messages, videos, sounds, and
picture messages for a period of six months. The metadata of these
communications (information about transmission, delivery and
receipt) are must be stored for three years. The same rules apply
to Internet arrangers, the difference being that the metadata must
only be stored for one year.
Besides data retention, the new obligations also require
telecoms and Internet arrangers to provide information about users
(and any other information that is deemed necessary) and to help
the Federal Security Service with data encryption. Additionally,
telecoms and Internet arrangers can be asked to cease the provision
of communication services to a certain user if the user's
identity cannot be identified.
Refusing to co-operate or store data according to the new rules
can be quite costly, with administrative fines of up to 1 million
rubles (approximately USD$15,500). How these liabilities will be
applied in practice will be subject to future case law and
Russian telecoms and Internet arrangers are concerned that the
implementation of the Yarovaya Law will be technically
complex and very expensive, as most infrastructure for data storage
has yet to be bought and built. In a joint letter to the head of
the Federation Council, four of Russia's largest mobile
operators claim that building the necessary storage capacity will
cost them 2.2 trillion rubles (USD$33.3 billion) and will lead to
Because the Yarovaya Law will be applicable to all providers of
communication services and data operators that offer their services
in the Russian Federation, some of these companies may be located
abroad. Being subject to the Law and following its requirements
could be in conflict with international privacy laws. Therefore,
international data operators could face a serious dilemma in cases
where they are already operating in Russia or are planning to enter
the Russian market.
Most of the amendments came into force on July 20, 2016. The
requirements concerning the storage of data will come into effect
on the July 1, 2018, due to the technical complexity of fulfilling
the obligations and setting up the needed infrastructure. The State
Duma is currently considering a new draft law to postpone the
effective date of the data retention obligations to the July 1,
The prospect of an internal investigation raises many thorny issues. This presentation will canvass some of the potential triggering events, and discuss how to structure an investigation, retain forensic assistance and manage the inevitable ethical issues that will arise.
From the boardroom to the shop floor, effective organizations recognize the value of having a diverse workplace. This presentation will explore effective strategies to promote diversity, defeat bias and encourage a broader community outlook.
Staying local but going global presents its challenges. Gowling WLG lawyers offer an international roundtable on doing business in the U.K., France, Germany, China and Russia. This three-hour session will videoconference in lawyers from around the world to discuss business and intellectual property hurdles.
In this article Filippo Noseda examines the impact of the Common Reporting Standards (CRS), based on practical examples of data transfer and data breaches and analysed in the light of general tax law principles.
Four years after the overhaul of European data protection laws began, the final text of the new General Data Protection Regulation (GDPR) was approved in Spring 2016 and the new rules will come into effect on 25 May 2018.
This update is dedicated to covering the latest legislative developments affecting the way data is managed and protected, as well as reporting on the most recent news governing data breaches and industry developments.
The market of the so-called "connected vehicles" has been considerably growing since 2015. According to a recent study by AlixPartners, 78 million of connected vehicles will be commercialized in 2018, generating a EUR40 billion turnover.
Some comments from our readers… “The articles are extremely timely and highly applicable” “I often find critical information not available elsewhere” “As in-house counsel, Mondaq’s service is of great value”
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).