Russian MPs adopt bill on severe fines for personal data storage breach
MOSCOW, November 21 (RAPSI) – The lower house of Russian parliament passed a draft law on fines of up to 18 million rubles (about $300,000) for breaching requirements for storage of personal data of Russians in a final third reading on Thursday, according to a statement published on the State Duma official website.
The bill’s authors, two United Russia party MPs Victor Pinsky and Daniil Bessarabov, believe that according to the federal personal data law an operator must provide recording, systematization, storage, updating and retrieval of Russian citizens’ data using bases locating in Russia when they collect information including the use of Internet.
Current legislation does not envisage punishment for failure to meet the database localization requirements.
The draft law stipulates fines from 2 to 6 million rubles ($30,000 – 90,000) for the first breach of requirements and from 6 to 18 million rubles for repeated violations.
The bill also fixes heavy fines for repeated violations related to online distribution of extremist content. Thus, dissemination of calls for terrorism and extremism would result in fines ranging from 150,000 to 300,000 rubles for website owners, from 600,000 to 800,000 rubles ($9,000 – 12,000) for officials and from 1.5 to 5 million rubles ($23,000 – 80,000) for companies.
Moreover, the initiative envisages fines varying from 2 to 6 million rubles for repeated refusal of legal entities to hand over encryption keys to the Federal Security Service (FSB).