A stricter regime for profiling07 June 2016
Russia Releases Data Localization Inspection Plan for 2016
For instance, the inspection plan of Roskomnadzor's territorial division for the Russian Central Region (in Russian) contains a number of organizations with an online presence directed to Russia, including Microsoft, Samsung, Hewlett-Packard, VKontakte (Russian social network), HeadHunter.ru (online job search service), Ostrovok.Ru (online booking service), Cronwell Hotels, Chrysler, Volkswagen, Amway, Oriflame, UniCredit Bank, and LaModa.ru (online shop). The full list of data operators included in the inspection plan of Roskomnadzor's territorial division for the Russian Central Region is available here (in Russian).
This policy of extending the inspections to entities having online activities is in line with the position Roskomnadzor expressed at its November 2015 Personal Data Conference, where Roskomnadzor's representative informed attendees that in 2016 the regulator would focus its enforcement efforts on organizations acting via Internet (e.g., social media sites, online retailers, financial institutions).
At the same conference, a Roskomnadzor representative announced that its inspections as of that date resulted in three administrative fines issued under the data localization requirement. Roskomnadzor's representative also announced that 104 websites were included in the Register of violators of Russian privacy laws, although these were because of violations of general provisions of Russian privacy law unrelated to data localization.
Companies operating in Russia should check these inspection lists to determine whether they, or members of their industry, will be subject to audits in the upcoming year.
The Regulation aims to strengthen the rights of individuals. It does so by retaining rights that already exist under the Data Protection Directive and introducing the new rights of data...06 June 2016
Grounds for processing03 June 2016