Russia’s new Sovereign Internet Law, that allows the government to create its own DNS, monitor web traffic across the country, and isolate the Internet from the rest of the world came into force earlier this month.
In February this year, the lower house of the Russian parliament passed a law that allowed the government to isolate Russia from the Internet to prevent enemy countries from launching offensive cyber actions against Russia’s digital assets.
“The new legislation was drafted in response to the new US cyber strategy that accuses Russia, along with China, Iran, and North Korea, of using cyber tools to “undermine” its economy and democracy,” noted Russia Today, adding that the US government has promised dire consequences for anyone conducting cyber activity against the country.
The new law, commonly known as the Sovereign Internet Law, also enabled the Russian government to set up a national DNS system that would store details of all Russian IP addresses and internet domains.
In order to bring its own DNS system into fruition, Russia enacted a new data protection legislation, popularly known as the Yarovaya law, in 2016 which mandates telecom providers to store voice calls, data, images and text messages of Russian citizens for 6 months. It also requires all messaging services, email and social networks to allow the FSB, the equivalent of the UK’s GCHQ, to access and read their encrypted communications.
The Sovereign Internet law came into force earlier this month, and immediately came under fire from critics and cyber security experts who believe the law will be used by the Russian government to clamp down on critics and to monitor citizens’ digital activities.
Sovereign Internet Law will allow government to jeopardise freedom of information online
“Now the government can directly censor content or even turn Russia’s internet into a closed system without telling the public what they are doing or why. This jeopardizes the right of people in Russia to free speech and freedom of information online,” said Rachel Denber, deputy Europe and Central Asia director at Human Rights Watch.
“The “sovereign internet” law purports to provide a legal basis for mass surveillance and allows the government to effectively enforce online existing legislation that undermines freedom of expression and privacy.
“For a law to provide a legitimate legal basis for restricting the protected rights or freedoms under international norms, it must be drafted with sufficient precision to be foreseeable in how it can be applied. The overly broad and vague provisions in the “sovereign internet” law do not meet this standard,” Human Rights Watch noted.
Ryan Kalember, Executive Vice President of Cyber Security Strategy at Proofpoint, told TEISS that Russia’s focus on an autonomous Internet infrastructure is part of a larger global trend towards the balkanisation of the Internet.
“China’s Internet censorship is one of the most known examples, but restrictive governments all around the world have blocked access to major parts of the Internet for decades now. While the underlying protocols that make the Internet work remain open, there is nothing stopping governments from putting up walls that are quite difficult to get around if they can accept the economic consequences.
“For example, with restricted or no access to the World Wide Web, entrepreneurs within a country may struggle to innovate as they remain unaware of many of the world’s latest trends and practices.
“Additionally, Russia has historically been known to launch nation state attacks against targets across the world. If they are successful in cutting the entire country off from the global internet, they will have created a significant obstacle for countries looking to launch counter-cyber attacks,” he added.