While storage of personal data on servers located abroad is allowed under the existing legislation with some restrictions, the new rules demand that only servers located physically on the Russian territory be used. Should an online resource fail to respect this obligation, access to it from Russia may be restricted or blocked by state regulator Roskomnadzor.
International companies which currently centralize data from all countries on their own or third-party servers will have to treat and store Russian personal data separately. This concerns international websites, mobile application publishers, airlines, brands, manufacturers and even local small businesses with Russian users or clients.
In the vast majority of cases, however, compliance with the new requirements will not be out of reach for businesses. For companies dealing only with Russian users or clients, data repatriation will be a manageable task.
As for international databases, several examples show that segregating user data by country of origin is also a manageable task.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now