One of the most sensational and discussed news in 2019 was an initiative called “Isolation of the Russian Internet”, or “Runet Protection Law”. As explained in the explanatory note to the bill (hereinafter referred to as the “Law”), it was prepared in the context of the adoption in September 2018 of the US National Cybersecurity Strategy, in which Russia, Iran, and North Korea were accused of a number of cyber attacks.
In this regard, there are fears of interruptions in the Internet in the Russian Federation if Russian servers are disconnected abroad.
The idea of the federal law1 means that for the stability of the Internet in Russia it is necessary to create its own infrastructure, which will ensure uninterrupted movement of traffic within Russia, including the creation of a national domain name system.
Centralised traffic management in the Runet will be introduced in the event of a critical external network failure or intentional impact on the national Internet segment from the outside.
To implement the provisions of the above Law, it is proposed to delegate to the Russian Federal Service for Supervision of Communications, Information Technology and Mass Media the authority to control servers and telecom operators, including:
- establishment of requirements for server operation in conjunction with the Federal Security Service of the Russian Federation;
- free of charge provision of technical means of countering threats (hereinafter referred to as the “technical means”) and conduct of exercises on their use;
- centralised management of the Internet through the management of technical means and (or) by transmitting mandatory instructions to telecom operators;
- determination of the procedure for generating information contained in the national system of domain names, as well as the rules for its use, etc.
The conditions under which the telecom operator will have the right not to direct traffic through technical means will be determined by the Government of the Russian Federation.
At the same time, in the event of a malfunction in the system’s operation, telecom operators will not be held accountable (if subscribers incur losses, they will not be obliged to compensate them) if these violations are caused by a malfunction in communication networks as a result of the operation of technical means of countering threats issued to operators by the Russian Federal Service for Supervision of Communications, Information Technology and Mass Media.
If the Russian servers are still disconnected, the lack of Internet in the country can lead to serious consequences, for example:
- shutdown of the entire banking system and the inability to make bank transfers;
- disfunction of electronic public services;
- interruptions in mobile communications;
- impossibility of electronic document circulation;
- interruptions in the transport system, etc.
The text of the Law does not impose any restriction on access to foreign servers or resources.
Thus, we can conclude that the Law is aimed at creating a backup system to ensure the availability of Internet resources for Russian users and is designed to improve the reliability and quality of communication services, so that regardless of various conditions, external or internal, services (electronic public services, online banking, social networks, online stores) would be fully available for citizens.
1Federal Law No. 90-ФЗ«On Amendments to the Federal Law «On Communication» and the Federal Law «On Information, Information Technology and Information Protection»dated 01.05.2019.