Bill on fines for personal data storage breach passes first reading in State Duma
MOSCOW, September 10 (RAPSI) – The lower house of Russian parliament passed a bill on fines of up to 18 million rubles (about $300,000) for breach of requirements for storage of personal data of Russians in the first reading on Tuesday. A relevant statement was published on the State Duma official website.
The bill’s authors, two United Russia party MPs Victor Pinsky and Daniil Bessarabov, believe that according to the federal personal data law an operator must provide recording, systematization, storage, updating and retrieval of Russian citizens’ data using bases locating in Russia when they collect information including the use of Internet.
Current legislation does not envisage punishment for failure to meet the database localization requirements.
The draft law stipulates fines from 2 to 6 million rubles ($30,000 – 90,000) for the first breach of requirements and from 6 to 18 million rubles for repeated violations.
The bill also fixes heavy fines for repeated violations related to online distribution of extremist content. Thus, dissemination of calls for terrorism and extremism would result in fines ranging from 150,000 to 300,000 rubles for website owners, from 600,000 to 800,000 rubles ($9,000 – 12,000) for officials and from 1.5 to 5 million rubles ($23,000 – 80,000) for companies.
Moreover, the initiative envisages fines varying from 2 to 6 million rubles for repeated refusal of legal entities to hand over encryption keys to the Federal Security Service (FSB).