We use cookies to deliver our online services. Details of the cookies we use and instructions on how to disable them are set out in our Cookies Policy. By using this website you agree to our use of cookies. To close this message click close.

Russia Releases Data Localization Inspection Plan for 2016

Bret S. Cohen

Bret S. Cohen,

Washington, D.C.

Maria Sedykh

Maria Sedykh,

Moscow

04 February 2016
In mid-January, the territorial divisions of Russia’s Data Protection Authority, Roskomnadzor, uploaded their 2016 plans for conducting inspections of local companies’ compliance with Russia’s data localization requirements, and there are a number of prominent multi-national companies on the list.
Russia Releases Data Localization Inspection Plan for 2016

For instance, the inspection plan of Roskomnadzor's territorial division for the Russian Central Region (in Russian) contains a number of organizations with an online presence directed to Russia, including Microsoft, Samsung, Hewlett-Packard, VKontakte (Russian social network), HeadHunter.ru (online job search service), Ostrovok.Ru (online booking service), Cronwell Hotels, Chrysler, Volkswagen, Amway, Oriflame, UniCredit Bank, and LaModa.ru (online shop). The full list of data operators included in the inspection plan of Roskomnadzor's territorial division for the Russian Central Region is available here (in Russian).

This policy of extending the inspections to entities having online activities is in line with the position Roskomnadzor expressed at its November 2015 Personal Data Conference, where Roskomnadzor's representative informed attendees that in 2016 the regulator would focus its enforcement efforts on organizations acting via Internet (e.g., social media sites, online retailers, financial institutions).

At the same conference, a Roskomnadzor representative announced that its inspections as of that date resulted in three administrative fines issued under the data localization requirement. Roskomnadzor's representative also announced that 104 websites were included in the Register of violators of Russian privacy laws, although these were because of violations of general provisions of Russian privacy law unrelated to data localization.

Companies operating in Russia should check these inspection lists to determine whether they, or members of their industry, will be subject to audits in the upcoming year.

Bret S. Cohen

Bret S. Cohen,

Washington, D.C.

Maria Sedykh

Maria Sedykh,

Moscow

Future-Proofing Privacy: New and Stronger Rights

The Regulation aims to strengthen the rights of individuals. It does so by retaining rights that already exist under the Data Protection Directive and introducing the new rights of data...

06 June 2016
Loading data