Advertisers are increasingly using online messenger systems to promote businesses, as well as their goods and services. In this context, the Federal Anti-monopoly Service recently issued an official letter clarifying, among other things, the application of the Federal Law on Advertising to messenger systems such as Viber and WhatsApp. The letter is notable as it reveals the regulator's approach to advertising campaigns disseminated via various instant messaging services.
The president recently signed the Digital Rights Law, which will take effect on 1 October 2019. The law has introduced a number of new legal concepts into Russian legislation, including digital rights, e-transactions, smart contracts and Big Data. Companies doing business on the digital level in Russia should familiarise themselves with the background and key provisions of the law to ensure that they are ready to operate in the new legislative environment.
Roscomnadzor (the Russian data protection authority) recently filed a landmark action against illegal personal data processing by Google Analytics and Yandex Metriсa. If the authority succeeds in the appeal court, Russian websites will have to welcome users with EU General Data Protection Regulation-style cookie banners and privacy policies. Prior to this case, the Russian internet community had not considered statistical information concerning web traffic and user actions to constitute personal data.
Bill 424632-7 on the Amendment of Parts 1, 2 and 4 of the Civil Code of the Russian Federation (the Digital Rights Bill) and Bill 571124-7 on the Amendment of the Federal Law on Information, Information Technologies and Data Protection (the Big Data Bill) were recently submitted to Parliament for discussion. Both bills are essential developments, especially given the increasing interest in and high value of Big Data in the current digital reform.
The EU General Data Protection Regulation (GDPR) applies internationally and can encroach on the national laws of non-EU countries. In Russia, international companies must fulfil the requirements of both the GDPR and local laws, even though they may contradict each other. Companies should follow a number of recommendations in order to find the most practical solutions, mitigate relevant legal risks and keep their noses clean should Roscomnadzor try to find fault with them.
New data storage rules recently took effect for telecoms operators in Russia. Although the rules are aimed at fighting e-terrorism and preserving national cybersecurity, their application and implementation will inevitably lead to substantial financial and material investments by telecoms operators. Therefore, it will be interesting to see how this legislation will be complied with in practice.
New data storage rules recently took effect for online data distributors (organisers) in Russia. The new rules form an integral part of the ongoing reform of the legislation on the national governance of internet sovereignty, data privacy and cybersecurity, which includes the package of laws known as the 'Yarovaya Law'. However, both the Yarovaya Law and the new data storage requirements have been widely criticised.
The Audiovisual Services Law recently took effect and has introduced an innovative legal regime for the operation of streaming and video on demand services in Russia. The law has defined 'audiovisual services', imposed special obligations on audiovisual service owners and introduced penalties for non-compliance with the law.