August 14, 2015 at 08:42

Hosting in law. Where to host the site in the context of "localization of personal data"

    image

    It remains a little more than two weeks before the entry into force of the new law on the localization of personal data of Russians. In connection with the new legislation, the owners of sites on the Russian Internet still have many questions about where it is safer to host the site and what will happen if the personal data of Russian users are primarily collected, processed and stored on servers outside the country. In order to answer these questions and understand where it is worth hosting your site and how not to get into the unpleasant situation associated with bringing Roskomnadzor to responsibility for violating the rules on the processing of personal data of Russian network users, it is necessary to determine the general rules for the legal regulation of hosting in Russia and indicate the limits of the legislative regulation of civil law turnover of personal data,


    HOSTERS AS INFORMATION MEDIATORS

    Since time immemorial, there have been intermediaries in the analogous era engaged in entrepreneurial activities related to the provision of services for citizens and business societies (today these are B2C and B2B). Among them were postmen, warehouse owners, merchants and trade fair organizers. In the digital age, all the same services that existed in the real world appeared in the form of digital. Instead of postmen, Internet providers appeared, instead of owners of warehouses, there were hosters, instead of organizers of fairs, there were search engines, forums and social networks, but Internet shops and web auctions took on the role of market sellers.

    For a long time, the principle of "postal immunity" strictly acted in the analog world. And despite the fact that the SORM analogue was already used in the postal service centers in the Soviet years, postmen never appeared as parties in civil and criminal cases related to the contents of a parcel or letter, with further prosecution.

    However, in the digital era, a moment has come when the role of information intermediaries has noticeably increased in the life of society, and there is a need to give them a special legal status.

    For a long time in the Russian legal system there were no special rules regarding the activities of hosters, access providers and web application operators. However, the Russian lawmaker, based on various international legal experience in regulating the network, has been at a rapid pace since 2012, began to adopt rules imposing new responsibilities and providing for the responsibility of information intermediaries.

    It should be noted that currently there are three legal regimes for the activities of information intermediaries in international practice:
    - direct responsibility - for example, China, where information intermediaries have the responsibility of actively monitoring content under threat of punishment;
    - “quiet harbors”- for example, Singapore, Ghana, Uganda, South Africa and Europe, where information brokers have reliable immunity from liability if they follow the complaint review procedure;
    - almost absolute immunity from responsibility for content created by others - for example, the USA or Chile, where the information broker is not responsible for the content created by others if it does not modify the content. An information broker is only required to remove content by court order.

    The Manila principles developed in the Philippines in 2015 by representatives of the largest human rights organizations in the field of information dissemination, today formulate in most detail the basic principles of the responsibility of information intermediaries, including and hosters.

    Currently, the model of legal regulation of the activities of information intermediaries in Russia is only being formed and so far seems to be a mix of the first and third options.

    The existing Russian legislation in the field of IT distinguishes three types of information intermediaries:
    1. telecom operators (in international practice - ISP);
    2. hosting providers;
    3. organizers of the dissemination of information (OSP).

    In this study, we will consider exclusively the legal regulation of the activities of hosting providers and their responsibility for the content posted and the processing of personal data.

    LEGAL REGULATION OF HOSTING IN THE RUSSIAN FEDERATION

    imageFor the first time, the definition of a hosting provider appeared in Russian law after the entry into force of the first law, which provides for restrictions on access to websites. Federal Law No. 139-ФЗ dated July 28, 2012, which amended Federal Law No. 149-ФЗ “on information”, determined that a hosting provider is a person providing computing power to host information in a constantly connected information system to the Internet;

    The hosting provider, in accordance with the law, was given a special role as an information intermediary. So, according to article 15.1 No. 139-FZ, the hoster must inform the owner of the website served by him on the Internet and inform him about the need to immediately delete the website within 24 hours from the receipt from Roskomnadzor of the inclusion of the site in the registry. containing information the distribution of which is prohibited in the Russian Federation.

    If the owner of the site does not do this within 24 hours, the hoster is obliged to restrict access to such a site within 24 hours. If this is not done, then Roskomnadzor enters the site along with the domain name, web page index (URL) and network address (IP) in the registry, after which all telecom operators are required to restrict user access to it.

    In 2013, the Anti-Piracy Law ver.1.0 (Federal Law No. 187 of July 2, 2013)Article 1253.1 of the Civil Code of the Russian Federation was enforced. So another rule was established on the responsibility of hosting providers for posting content in violation of exclusive copyrights. In accordance with Art. 1253.1 an information intermediary providing the opportunity to post material in an information and telecommunication network is not responsible for intellectual property infringement resulting from the placement of material in an information and telecommunication network by a third party or at his direction, while the following conditions are met by the information intermediary:
    1) he I did not know and should not have known that the use of the corresponding result of intellectual activity or means of individualization, rzhaschihsya in such material, is inappropriate;
    2) if he received a written statement from the copyright holder about a violation of intellectual rights indicating the page of the site and (or) the network address on the Internet where such material is posted, he promptly took the necessary and sufficient measures to stop the violation of intellectual rights. The list of necessary and sufficient measures and the procedure for their implementation may be established by law.

    Article 17 No. 149-FZ “On Information” provides for a limitation of the host’s liability. So, if the distribution of certain information is limited or prohibited by federal laws, the civil liability for the distribution of such information does not lie with the person providing the services:
    1) either on the transfer of information provided by another person, subject to its transfer without changes and corrections;
    2) either to store information and provide access to it, provided that this person could not know about the illegality of the dissemination of information.

    The hosting provider, telecom operator and website owner on the Internet are not liable to the copyright holder and to the user for restricting access to information and (or) restricting its distribution.

    The law established that an information intermediary who is not responsible for the violation of intellectual rights may be required to protect intellectual rights that are not related to the application of civil liability measures, including the removal of information that violates exclusive rights, or to restrict access to it.

    However, an analysis of law enforcement practice showed that despite the limitation of liability, hosting providers have become quite frequent persons involved in lawsuits for a variety of reasons: in the Moscow City Court - on blocking pirated sites, in district courts - on recovering compensation for intellectual property rights, as well as in claims of prosecutors in defense of an unlimited circle of persons in connection with the posting of information recognized by state bodies as illegal. Often, if the Claimant cannot or does not want to attract the owner of the Internet resource or domain administrator (for example, if such a person is outside the jurisdiction of the Russian Federation, and it becomes obvious that the court decision will be difficult to enforce), which have a real opportunity moderate site content, Claims are filed against Russian hosting providers as joint defendants. This allows prosecutors, as well as citizens and legal entities, subject to the principle of jurisdiction, to nevertheless initiate proceedings in Russian courts by filing lawsuits at the location of the hosting providers.

    In such cases, the owner of the site, not located in the Russian Federation, but aimed at the Russian audience, is forced to find a compromise with the person who filed the lawsuit in order to prevent blocking of the resource and loss of Internet traffic.

    If the foreign owner of the website does not do this, the decision is made in the absence of the parties. The hosting provider, as a rule, has no personal interest in the outcome of the case and is not able to send lawyers representing the interests of both himself and his clients to various corners of the country in a wide variety of cases related to the placement of illegal information. However, even in the absence of fault, the hoster, as the losing side, is charged with reimbursement of legal costs, incl. state fees, costs of providing evidence, payment of lawyers by the Claimant.

    In addition to constant judicial subpoenas, Russian hosting providers also receive many other requests from various structures, but most often these are the Ministry of Internal Affairs (department K) and the FSB. Sometimes precinct.

    Tighter regulation of the Russian IT sector and the chaotic practice of curbing the flow of illegal information in cyberspace undoubtedly affected the decrease in the attractiveness of the Russian hosting market. This is recognized by industry representatives themselves, who at the XXIV All-Russian Forum of Hosting Providers, held May 28-30, 2015 in St. Petersburg, appealed to the Internet Ombudsman to support the initiative to improve the legal situation in the field of hosting services.

    IMMIGRATION OF SITES

    imageOver the past 3 years, Russian Internet users and domestic IT businesses have been able to observe a sharp pace of legal regulation of the flow of information on the network. Within a short period of time, without any discussion with the society and taking into account industry proposals, 6 federal laws were passed that empowered 5 different authorities to decide on restricting access to Internet sites for more than 15 reasons .

    The activities of Roskomnadzor to independently determine the IP addresses of “sites with illegal content” with further sending requirements to Russian telecom operators to restrict access, including to network addresses, naturally led to a violation of the connectivity and integrity of the Russian network. According to the results of public monitoring, more than 260,000 websiteswas blocked during this time, only because they were located at the same addresses as sites with information to which there were claims of authorized state bodies and copyright holders. The introduction of child protection legislation, anti-piracy law ver.2.0 with the possibility of perpetual blocking of sites, against the background of ubiquitous non-systemic blocking of sites at the request of district and city ​​prosecutors, created generally unfavorable soil for placement of sowing projects in the Russian jurisdiction, as well as ready-made b2b and b2c services, forums, blog platforms and other web applications.

    Excessive government regulation and the intervention of the Russian legislator in the work of the network and the law enforcer created two rules for doing business in Runet.

    The first rule for the implementation of any project on the Internet was the rule not to register domains in the .ru zone. This is associated with a number of very real risks:
    - the obligation of the Russian domain name registrar to give all information to third parties (including competitors) about the domain name administrator;
    - the seizure of a domain name by a court decision using the rules of legislation on industrial property;
    - extrajudicial suspension of the delegation of a domain name at the request of the authorities implementing the ARD.

    The second rule of doing business in RuNet was the storage of information on servers located outside the territory of the Russian Federation.This is due to the possibility of disclosing information about the website, clients, and other sensitive information in the Russian Federation that may be obtained by cybercriminals or at the request of law enforcement agencies, seizing servers and a number of other risks, which will be discussed below.

    Indiscriminate blocking of sites along with constant requirements for providing information and deleting information in the Russian Federation in a compartment with a more attractive price / quality indicator for renting server space in the EU and the USA led to a massive migration of Russian Internet resources aimed at Russian audiences to foreign hosters where law enforcement is more predictable and the cost of services is lower.

    Until 2012, the share of .ru domain zone sites hosted abroad was 15%, and most of the sites were Russian versions of Internet sites of large international companies. According to the Openstat study for 2014, only among sites in the .ru zone more than ⅓ of all resources have already been hosted abroad. According to Reg.Ru, the German company Hetzner, the largest provider of hosting the .ru zone, has 13.8% of the sites of the main domain of Russia on its servers.

    In 2014, MP Klimov presented the results of a study of expertsAll-Russian Popular Front, which, as part of monitoring public procurements, selectively examined 9,000 websites of government customers. Curiously enough, more than a third of them also ended up on foreign servers, mainly in the USA and Germany. In total, according to a study by ONF, 1560 federal budgetary institutions, 1230 government agencies, 720 municipal institutions and 350 enterprises with strategic signs use foreign hosting.

    REPATRIATION COURSE

    The increase in legal risks of the sudden shutdown of websites with constant pressure on Russian hosts by law enforcement and judicial authorities, as well as copyright holders, undoubtedly forced a large number of websites to physically leave for more “quiet harbors” of foreign jurisdictions. It was obvious that, on the one hand, it damages the economy of the Russian Federation and Russian data centers, on the other hand, it does not allow agencies engaged in operational-search activities to receive information and, if necessary, to monitor users of various resources. In order to force Russian websites to return to servers in the Russian Federation at the highest level, a decision was made to take a number of legislative measures.

    In neighboring Belarus, residents were simply legally banned from hosting sites outside their homeland (which, despite the prohibitions, is practically not being implemented everywhere). In Russia, they decided to follow the path of declaring a direct obligation of the state at all costs to protect the personal data of Russians and ensure the security of the websites of government agencies. Obviously, in the context of an overdue information war, it is necessary to take all measures to minimize the risks of destruction, blocking and changing information on the official websites of government agencies, as well as to reduce vulnerability to cyber attacks and information espionage.

    And while the legislative requirement for hosting websites on the territory of the Russian Federation, adopted at the end of December 2014 and coming into force on July 01, 2015, was understandable from the point of view of national security, the imperative requirement of the resonant Federal Law No. 242-FZ on the localization of personal data of Russians from September 1, 2015 caused the largest number of lively discussions and publications at various venues.

    It should be noted that Snowden’s revelations about the NSA’s mass surveillance very well fit into the new national concept of why personal data (hereinafter referred to as IPA) of Russian Internet users and government agencies' websites must be stored on Russian servers.

    HOSTING ABROAD IN THE CONTEXT OF PERSONAL DATA

    imageThe law on “localization of personal data” has raised many questions in the industry . Only the lazy did not scold him. But dura lex sed lex. Undoubtedly, it was very poorly thought out, technically unrealizable and poorly correlated with the level of technological progress. Oil was added to the fire by the media.

    The adoption of the law on “localization of personal data” was accompanied by widespread coverage of the legislative initiative in various media, as a result of which two main myths about Federal Law No. 242-FZ were created:

    - Russians are now prohibited from posting their personal data abroad;
    - All foreign companies were banned from receiving and processing personal data of Russians on servers outside the Russian Federation.

    But is it? Let's figure it out.

    Federal Law No. 242-ФЗ provides that “when collecting personal data, including via the Internet, the operator is obliged to record, systematize, accumulate, store, clarify (update, change), extract personal data of citizens of the Russian Federation using databases located in the Russian Federation. " Otherwise, access to the site found to have been in the primary collection and storage of personal data of Russian citizens in databases not within the jurisdiction of the Russian Federation may be limited.

    On September 1, 2015, Federal Law No. 149 “On Information, Information Technologies and Information Protection” will be supplemented by Article 15.5, which stipulates that all unique identifiers of sites that violate the requirement of the new law must be entered by Roskomnadzor into a special register of personal data violators and further blocked by all Internet providers.

    The news of the new law created a real panic in Runet and generated a lot of feelings for the owners of Russian sites, who previously preferred to place their resources on hosting abroad.

    In order to dispel myths, it is necessary to deal in detail with the law itself, as well as with the concept of “personal data” and “databases”.

    First, the legislator, when adopting the new norm, simultaneously provided for exceptions.These requirements do not apply to sites that process personal data for:
    - achieving the goals stipulated by the international treaty of the Russian Federation or the law, in order to fulfill the functions, powers and obligations assigned to the operator by the legislation of the Russian Federation;
    - enforcement of a judicial act;
    - the exercise of powers of state and municipal authorities;
    - the professional activities of a journalist and (or) the legitimate activities of the media or scientific, literary or other creative activities, provided that this does not violate the rights and legitimate interests of the subject of personal data;

    As you can see, the law provides for a legal mechanism for the so-called exemptions. itconfirms the Minister of Communications Nikolai Nikiforov himself: “if certain types of activities are regulated by international agreements or relevant legislation, they do not fall within the scope of this law.”

    Secondly, the law does not prohibit the creation of a replica of any sites with its storage on servers located in countries that have signed the Council of Europe Convention ETS No. 108, as well as the cross-border transfer of personal data.According to the Council of Europe Convention ETS No. 108 “On the Protection of Individuals with Automatic Processing of Personal Data”, ratified by Russia, part 2 of article 12 stipulates that countries that join it will not prohibit or put under special control information flows of personal data going to the territory the other side of the Convention, as Art. 25 prohibits any reservations to the Convention.

    Thus, the storage and processing of personal data abroad will be considered lawful in the states that have signed the Convention: Austria, Belgium, Bulgaria, Denmark, Great Britain, Hungary, Germany, Greece, Ireland, Spain, Italy, Latvia, Lithuania, Luxembourg, Malta, the Netherlands , Poland, Portugal, Romania, Slovakia, Slovenia, Finland, France, Czech Republic, Sweden, Estonia, as well as it follows from the explanations of Roskomnadzor, in countries that provide adequate protection of personal data. Such are recognized as countries that have national regulatory legal acts in the field of personal data protection and an authorized supervisory authority for the protection of the rights of personal data subjects: Andorra, Argentina, Israel, Iceland, Canada, Liechtenstein, Norway, Serbia, Croatia, Montenegro, Switzerland, South Korea, Japan.

    Thirdly, the law is only about personal data. According to Article 3 of the Federal Law of July 27, 2006 No. 152 “On Personal Data”, personal data is any information relating directly or indirectly to a specific or determinable natural person (subject of personal data).

    Despite the fact that the Russian definition is somewhat incorrect and outdated, which has been repeatedly addressed by the industry (in terms of a separate definition of identification data), it is supplemented by the provision of Art. 2 of the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, signed in Strasbourg on 28 January 1981. The Convention states that “personal data” means any information about a specific or identifiable natural person (data subject). ”

    At the same time, the Council of Europe Convention, which entered into force for the Russian Federation on September 1, 2013, occupies a higher status in the hierarchy of regulatory documents in the system of Russian law, as according to the Constitution of the Russian Federation, universally recognized principles and norms of international law and international treaties of the Russian Federation are an integral part of its legal system. If other rules are established by an international treaty of the Russian Federation than stipulated by law, then the rules of the international treaty shall apply.

    Based on this, it can be concluded that personal information is not all information about a person, but information with which you can determine a specific citizen. Roskomnadzor also adheres to this position., which indicates that “the placement of the last name, first name and patronymic on the pages of Internet sites without additional information allowing identification of an individual as a subject of personal data cannot indicate the processing of personal data of a particular individual”. The position of the agency with respect to photographs is similar. “Placing photographs on the pages of sites on the Internet without additional information allowing identification of an individual as a subject of personal data cannot testify to the processing of personal data of a particular individual.”

    Thus, a photograph of a person is non-identifying data, as well as full name, in and of themselves. At the same time, their combination is already related to personal data. The phone number in combination with the name, e-mail and delivery address also do not belong to personal data, since there is no public access to the bases of mobile numbers, which means that the possession of this information does not allow identification of a person. However, if the owners of web resources instead of the “delivery address” field use the “place of residence” field, then in combination with other information about the citizen, such data will be considered personal data, as allow you to uniquely identify a person.

    Fourth, the law does not contain any requirements prohibiting the storage of personal data of Russians on servers outside the territory of the Russian Federation. The only thing that is is the requirement for the operator to record, systematize, accumulate, store, clarify (update, change), extract personal data of citizens of the Russian Federation using databases located on the territory of the Russian Federation.

    As the Internet ombudsman and the owner of his own hosting Dmitry Marinichev rightly noted at the St. Petersburg International Legal Forum (May 27-30, 2015):
    Software running on a smartphone runs on a localized device in the Russian Federation. It collects, aggregates, stores personal data in databases that are stored in the memory of a mobile device. After that, the law says - to transfer cross-border - it is possible, it is within the framework of the law, we have a Convention. The device has transmitted. Where does the law say that servers should be stored in Russia with a single replica of personal data of citizens of the Russian Federation?


    Obviously, regressive legislation creates certain problems for large web service operators, however, in some cases, the adopted law cannot restrict certain actions of the website owner with the user data provided, even if the website is hosted in foreign data centers. The federal law “on data localization” does not prohibit the placement of sites abroad due to the processing of information about citizens of the Russian Federation. Even if the legislator tried to do this, the law would be absolutely impossible and ineffective in the conditions of modern network technologies.

    WHO IS SUBJECT TO THE LAW

    imageFirst, those who should not be subject to the law on the localization of personal data:
    1. Web sites that process visas;
    2. Web sites state. and municipal authorities;
    3. Media websites and online publications (news feeds, individual blogs, copyright projects);
    4. Information resources that are not aimed at capturing user data;
    5. Web sites aimed at scientific, literary or any other creative activity, as well as UGC-oriented resources (blog platforms, platforms for collective creativity, including on the wiki engine);
    6. Online stores and sites for the provision of consumer services, business card sites (landing page), on which the application form is placed to receive the name, phone and e-mail of the client (as well as the delivery address, because the delivery address is not identical to the address living place).
    7. Web sites and services (including “counters”) that collect and transmit the following anonymized information in automatic mode: information about the date and time of the request, type of browser or other application, language, device data, such as model , version of the operating system, unique identifiers of the device, including the IP address, as well as data on the mobile, wireless or other network, information about the actions in the server logs, including information about the use of services, search queries, referral URLs, used links and functions, browsing the requested or requested content, data on hardware events, including system crashes and actions, as well as cookies and other similar files and technologies, such as local shared objects, web beacons, etc.,
    8. Websites in the B2B segment that do not sell services / goods to individuals and do not process personal data of citizens.
    9. User forums and chats;
    10. Websites of airline ticket aggregators A

    literal reading of the law makes it possible to conclude that the following types of resources will fall under the law:
    1. Web sites that collect user passport data (car rental services, hotel reservation services, etc.);
    2. Social networks;
    3. Web sites collecting biometric data of citizens (including fingerprints, iris, DNA tests, height, weight and others, as well as other physiological or biological characteristics of a person, including a person’s image (photo and video) ), which allow to establish a person’s personality and are used by the operator to establish a personality);
    4. Payment services;
    5. Web sites of banks, MFIs and other financial / insurance enterprises that allow you to make applications for the provision of financial services;
    6. Web sites of medical institutions, retailers using loyalty programs, educational institutions, social institutions that have the functionality of a personal account and uniquely identify the client by passport data, contract number, as well as other data provided by the citizen himself;
    7. Websites of recruiting agencies and staffing companies.

    In such cases, the personal data operator (as a rule, this is the owner of the website) in order to avoid liability must carry out the initial processing of data at the data center, which, in addition to being in Russia, must also meet the technical requirements for the protection of confidential information (TZKI) with the necessary level of protection . At the same time, the host must have a FSTEC license for technical protection of confidential information and an FSB license for the provision of services using encryption (cryptographic) means.

    It can be concluded that if the website collects applications only in the form of a name and phone, or e-mail, or allows you to exchange electronic messages with users that specify only a name and email address, it also does not fall under the localization rule personal data. Only the information subject to protection under the legislation on personal data is used to determine that this information relates to a specific person. The primary processing, storage and dissemination of information from which it is impossible to make an unambiguous conclusion about its belonging to a particular person (including anonymized data) cannot violate the rights and freedoms of an individual, and therefore can be carried out anywhere.

    At present, it is impossible to give a legal interpretation with an accurate list of information related to personal data, as well as cases of attributing certain online resources to the requirements “on the localization of personal data” of Russians. No one knows what the real practice will be after the adoption of a number of by-laws and the beginning of enforcement by Roskomnadzor and the courts. The regulator, until the adoption of the law of orders and orders, refrains from any explanation.

    After the appearance of news about the adoption of the law establishing new rules for working with personal data, several important questions arose before the companies:
    1. is it worth making changes to their own local regulatory acts and entering into new agreements with Russian data centers;
    2. whether the control by Roskomnadzor will be strengthened and how much the number of legal proceedings to protect the subject of his rights will increase.

    However, despite the legal uncertainty of the law, industry experts agree that it is not worthwhile to expect increased attention on the part of the regulator to all site owners in Runet in the near future. And given the many new responsibilities entrusted to the department, it can definitely be said that Roskomnadzor does not have human resources to check more than 3 million companies working in the Runet area for their compliance with the requirement to localize personal data. . Therefore, this law is likely to become a law of selective enforcement. The Roskomnadzor said they were ready to start checking 0.01 companies (317 companies)working with personal data of Russians on the subject of compliance with the localization requirement. The ministry also claims that Twitter is not subject to the law, as it does not store personal data of Russians, and Facebook and Google will not touch or block it yet.

    Some issues related to the application of the new legislation were disclosed on the official portal of the Ministry of Communications . The site provides clarifications on the law on the localization of personal data 242-FZ, which allows companies to determine what changes they need to make to their IT infrastructure and (or) business processes in order to comply with the law.

    In addition, the portal pd-info.rf was created by the forces of RAEC and ILVdedicated to the implementation of federal law No. 242-FZ, on which there are also many questions and answers regarding the requirement for the processing of personal data of Russian Internet users.

    RISKS AND RESPONSIBILITY

    image Let me remind you that for non-compliance with the requirements of the new Russian localization legislation, a number of negative consequences are envisaged.

    First of all, the law “on the localization of personal data” amended laws 152-FZ (On personal data) and 149-FZ (On information) and envisages the creation under RosKomNadzor of a “register of violators of the rights of subjects of personal data”, which since September 1, 2015 Internet resources will be included that violate the requirement to store information about personal data of citizens in the Russian Federation in databases located on the territory of the Russian Federation, and on this basis they may be blocked on the basis of a court decision.

    In addition to blocking the site, a violation will also result in a fine on the site owner. Current legislation, namely Art. 13.11 of the Code of Administrative Offenses, currently provides fines from 500 rubles (for citizens) to 10 thousand rubles (for legal entities) for violation of the established rules (without explanation of the types of violations). However, these fines did not seem to be enough, and in 2015 a legislative initiative of the Government to increase the collected fines appeared (at the time of this publication it was not adopted). The bill stipulates that if personal data will be processed with the consent of the subject, but in violation of existing standards, the fine will be from 700 rubles for citizens to 50 thousand rubles for legal entities. Total in Art. 13.11 of the Code of Administrative Offenses is proposed to include 8 points,

    Administrative responsibility will not be extended to hosters as information intermediaries.

    It is doubtful that the measures taken by state enforcement can significantly increase the demand for data center services in Russia, but to lower investment and client attractiveness is quite, because new regulation rules cause misunderstanding and fear among many business representatives. According to a study by the European Center for International Political Economy (ECIPE) , the entry into force of the Law on Personal Data will lead to a drop in Russian GDP by 0.27%, which corresponds to 286 billion rubles.

    Instead of stimulating the use of the country's natural potential for the construction of data centers operating on renewable energy sources in the Russian zone of the north, there is currently a legislative trend towards unpopular decisions, the main purpose of which is to pressure Western IT giants, which have the lion's share of consumption among Russian users Runet. All this puts domestic hosting providers in a non-competitive environment with the rest of the world and seriously inhibits the development of the Russian IT market.

    The material was prepared with the support of the hosting provider FASTVPS.RU
    Tags:

    Also popular now: