Dr., Assistant professor in Cyber-Security and Politics,
The year 2019 was an eventful one for Internet freedom in Russia. While online privacy and freedom of speech have seen a steady decline over the past decade, a series of new laws indicates that the coming year may well be decisive for the role the Internet plays in Russian society. For example, the 2015 data localization law, which stipulates that all data on Russian citizens should be stored on servers located on in Russia, was strengthened by significantly increasing the fines for violation. Data localization makes it easier for, for example, the Federal Security Service (FSB) to access communications and identify (social media) users. Whereas Facebook and Twitter were fined a mere 3000 roubles (around €42) for non-compliance in 2019, the fine for legal entities has now been increased to one to six million roubles (approximately €15.000–85.000). On 31 January 2020, Roskomnadzor, the federal agency charged with enforcement, initiated renewed administrative procedures against Facebook and Twitter for failing to demonstrate their compliance with the data localization requirement. While some international companies have previously complied (e.g. Viber), others have been blocked for their refusal to do so (most notably, LinkedIn).
Roskomnadzor also warned major VPN providers, whose services enable users to encrypt their Internet traffic, that their continued failure to block access to sites that are banned in Russia may lead to their own services being blocked. If enforced, this would limit the ability of Russians to circumvent the website ‘blacklisting’ system. At the same time, Google has been fined for a second time for including hyperlinks to banned websites in its search results.
In parallel to these restrictions on privacy and online anonymity, the list of categories of speech that are prohibited online – which already comprised extremism, the promotion of suicide and offending the feelings of believers, among others – was expanded through the adoption of laws prohibiting the spread of fake news and expressions that exhibit “blatant disrespect for the society, government, official government symbols, constitution or governmental bodies of Russia”. These additions may further stifle the opportunities for political debate, critical journalism and activism via online platforms.
The most important trend, however, concerns the push towards ‘nationalising’ the Russian Internet. In the software domain, all smartphones, computers and smart TV sets sold in Russia will be legally required to come with pre-installed Russian, rather than foreign, software from July 2020 onwards. The law was introduced as a measure to strengthen the relative competitive position of Russian tech companies and software developers, e.g. vis-à-vis Apple and Google, and to better serve the needs of Russian customers (for example, elderly citizens). On the infrastructural side, the ‘Internet sovereignty law’, which came into effect on 1 November 2019, calls for the restructuring of network infrastructures to enable the Russian Internet to function independently from the global Internet in case of a threat to its integrity.
While Russia has reportedly already conducted the first tests, critics question its ability to successfully implement the Internet sovereignty law by 2021. The circumstances under which the law allows the government to ‘disconnect’ the Russian Internet are strict; therefore, a complete severing of ties does not yet appear imminent. Yet the creation a sovereign Internet serves other purposes as well. For example, the restructuring will increase the ability of to enforce Internet regulation, e.g. to finally block the banned messenger Telegram.
The introduction of measures that aim to impose national boundaries onto and increase state control over the physical infrastructure and application layer of the Internet is indicative of the shifted understanding of the neutrality of technology, software and apps – also beyond Russia. Whereas the digital domain was long framed in technological or economic terms (e.g. competition), recent years have seen a distinct hardening of the debate and resurgence of geopolitical narratives. Even seemingly harmless apps that were previously seen as entertainment only (for example, the globally popular Chinese video sharing social media platform TikTok), can now quickly become securitized.
Examples of the conflation of economic, technological and national security spheres abound. Consider, for example, the US government decision of 2017 to prohibit government agencies from using cybersecurity products and software developed by (Russian) Kaspersky Lab or the current controversy in Europe and the US regarding the involvement of Chinese company Huawei in the development of 5G networks. The responses to the perceived digital threats emanating from foreign powers and their presumably aligned private actors shows a tendency towards territorializing the digital domain – imposing national conditions and restrictions, as well as assessing threat levels based on geopolitical criteria – and reaffirming state control. While there continues to be a great measure of differentiation among states and regions in this respect, the shift in imagination is already being translated into actual policy. Russia’s move towards establishing its ‘digital sovereignty’ may well sketch the first contours of a territorially defined and divided digital future.
Expert article 2679