Facebook has paid a 4 million ruble ($53,000) fine, which was levied in February, for violating Russia’s personal data storage law. Proceedings against the company have been dropped, Russian state-run news agencies reported — without specifying whether or not Facebook now complies with the law.
Over the past years the regulator Roskomnadzor requested Facebook and Twitter several times to report on their compliance with the law. The digital giants held an ambiguous position, sending both positive and negative signals on the matter.
A range of other international businesses — including Alibaba, AliExpress, Apple, and Google — have been more law-abiding, managing to transfer user data from foreign data centers to Russia.
According to a legislation applicable since September 2015, companies operating in Russia are required to store Russian users’ or clients’ personal data on servers physically located in the country. Numerous foreign and domestic players were concerned, including global players who tended to store their users’ data in borderless clouds (see white paper by EWDN and EY).
Under a new law imposing stiffer fines that President Vladimir Putin signed in December 2019, fines for repeat offenses go up to 18 million rubles (almost $290,000).
The authorities may even block access to their sites from Russia – as was the case with LinkedIn in 2016, following two court decisions.