Russian lawmakers on Tuesday approved a bill providing for stricter penalties for foreign internet companies that fail to open an office in Russia, including fines. Moscow has long sought to exert greater control over technology firms, and disputes over content and data have intensified since it sent armed forces into Ukraine on February 24.
Foreign social media giants with more than 500,000 daily users have been obliged since July 1, 2021, to open offices in Russia or risk penalties ranging up to outright bans.
Now, the turnover fines that Russia has imposed on the likes of Alphabet‘s Google and Meta Platforms for hosting banned content could be applied to companies that fail to open offices, after the lower house passed the bill in the second of three readings.
Fines could be as high as 10 percent of a company’s turnover in Russia from the previous year, rising to up to 20 percent for repeat violations.
The state communications regulator Roskomnadzor last November listed 13 mostly US companies required to set up on Russian soil by the end of the year.
Only Apple, Spotify, Rakuten Group’s messaging app Viber and the photo-sharing app Likeme have fully complied — though Spotify closed its office in March in response to Russia’s actions in Ukraine and subsequently suspended its streaming service.
Four other companies have fulfilled at least one other Roskomnadzor requirement but have not established a Russian legal entity or office. Those were Google, Twitter, ByteDance‘s TikTok and Zoom Video Communications, according to the government website.
The chat tool Discord, Amazon‘s live streaming unit Twitch, the messaging app Telegram, the bookmarking service Pinterest and Wikipedia owner Wikimedia Foundation have taken no steps to comply, according to the website.
The new bill would also place restrictions on Russians’ personal data being transferred abroad and require entities planning on doing so to notify the communications regulator in advance.
The law, passed in its second reading by the lower house of parliament, or State Duma, is one of several the government has been working on as Russia deals with the fallout from hefty Western sanctions imposed in response to Moscow’s military campaign in Ukraine.
“Current legislation practically does not regulate the cross-border transfer of personal data, which poses a significant threat in the current foreign policy situation,” read an explanatory note accompanying the bill.
The bill’s authors say more than 2,500 entities registered in Russia handle personal data and transfer them to other countries, including “unfriendly” nations that have imposed sanctions.
Companies wanting to transfer data abroad will have to notify the regulator, Roskomnadzor, for each country a measure that was softened after a raft of internet companies objected, according to the business outlet Forbes.
Roskomnadzor considers countries that are party to Council of Europe data protection regulation as offering adequate safeguards, along with 29 other mostly African and Asian countries, but not the United States.
Among the “unfriendly” countries approved by Roskomnadzor are numerous European members of the NATO defence alliance as well as Australia, Canada, Japan and New Zealand.
The draft still needs to pass a third reading in the Duma and a review by the upper house before President Vladimir Putin can sign it into law.
© Thomson Reuters 2022