Russia’s sovereign internet law comes into force
Experts say the country lacks the technology to implement the controversial legislation.
When the chairman of Russia’s Committee on Informational Policy, Leonid Levin, stepped on stage in Moscow’s Lomonosov building on Oct. 28 to give a speech during the second All-Russian Digital Forum he couldn’t have chosen a better place. The venue is not just the home of Russia’s fastest supercomputer, it’s also overshadowed by the iconic Moscow State University building, built under Stalin.
He told a specialized audience that Russia’s State Duma is in the process of passing over 50 laws to regulate new technologies in the IT sector, which last year generated almost 5% of GDP and is growing at a rate of 10 to 15%.
The most controversial of them — the so-called sovereign internet law that will allow Russia to cut itself off from the rest of the World Wide Web — came into effect Friday. Thousands of Russians took to the streets in March after the bill passed its first reading in February 2019, and President Vladimir Putin signed it into law in May.
Levin told delegates he doesn’t believe “sovereign internet” is the correct term for the new set of rules.
“It’s more about creating a reliable internet that will continue to work in the event of external influences, such as a massive hacker attack,” he said.
There are two parts to the law. It allows for the creation of an alternative domain name system (DNS) so that, in case of an emergency, Russia will be able to disconnect itself from the rest of the internet. It also demands more filtering by obliging Russian internet providers to buy and install deep package inspection (DPI) tools.
While the law is now in force, commentators say it’s unlikely that much will change for Russian internet users over the next few months, not because the law won’t have any effect, but because Russian technology can’t support it yet.
Neither internet providers nor state officials have commented on the outcome of DPI technology tests that have been underway since September in the Urals region. The investigative Novaya Gazeta newspaper reported in October that the trials were unsuccessful, with users having been able to bypass the technology. However, Interfax news agency on Thursday quoted a source in the IT industry saying the first tests had been successful.
Authorities have until January 2021 to implement technology to support the new legislation. The tests in the Urals region will continue until the end of 2019.
Technology journalist and analyst Alexandra Prokopenko said that state communications watchdog Roskomnadzor will be the main beneficiary of the law. Founded in 2008, the body oversees a registry of forbidden resources that can’t be accessed by Russian internet users.
These include websites containing pornography or information on suicide, but also those containing information about political extremism or the locations of unsanctioned rallies. Roskomnadzor’s current filter is not considered to be very effective, as Russian internet users can use VPNs or proxy tools to bypass it.
The watchdog is trying to change that by using DPI technology provided by RDP.RU, a tech company based in Moscow, the RBC news site reported. Rostelecom, one of Russia’s biggest telecommunications providers, owns 15% of the company.
Vladislav Zdolnikov, a Moscow-based IT blogger, considers this technology to be “high quality.” He said he fears that with this equipment, Roskomnadzor could not only block content more effectively, but also slow down specific internet services without the user knowing — including YouTube and Facebook.
Artem Kozlyuk, founder of the digital rights NGO Roskomsvoboda, said that testing is being conducted without public control.
“I wouldn’t be surprised if, after the law comes into force, we hear from users that there are problems with the Internet in certain regions serviced by Rostelecom,” he told The Moscow Times. He also described the law as badly written, “on both a juridical and technical level.“
But Kozlyuk doesn’t share some critics’ fears that Russia’s internet could suddenly be cut off from the rest of the world. He said that Russia’s internet infrastructure spread quickly in the 1990s through thousands of internet operators and a huge amount of transborder connections, in contrast with China where the internet was centralized from the beginning.
“Russia separating itself from the World Wide Web would be like closing down its airspace,” Kozlyuk said, adding that a more likely scenario would be specific regions within the country experiencing internet shutdown for short periods.
This wouldn’t be unprecedented. In October 2018, during protests about a land swap in Ingushetia, the authorities shut down mobile internet for almost two weeks, meaning some protesters couldn’t share information on social media.
Russian officials like Levin emphasize that legislation allowing authorities to shut down whole regions will be used in case of “exterior threats,” like hacker attacks from other countries.
When asked if the internet in Russian will differ in 2021 from the internet today he promised that there will be no serious changes for the ordinary user:
“The ordinary user will be able to continue using the services to which they have become accustomed,” he said.
This article first appeared in The Moscow Times and is republished in a sharing partnership with the Barents Observer.