Morgan Lewis Moscow/London partner Brian Zimbler and Moscow associate Anastasia Dergacheva recently published an article in Cyber Security Practitioner that provides an analysis of current Russian cybersecurity issues. The article, titled “Russia continues its attempts to tighten control over the internet and IT industry,” discusses two key legal developments in Russia.
The first development is the approval on December 5, 2016 of the “Information Security Doctrine of the Russian Federation,” which the authors note “sets out what the Russian authorities perceive to be major cyber security threats, as well as measures to address them.” The second is the draft bill, introduced the following day, on the “Security of Critical Informational Infrastructure in Russia.” Both developments are “intended to establish a new legal framework for regulating the cyber environment in Russia,” but there is uncertainty regarding what policies, rules, and regulations will follow.
Brian and Anastasia’s article highlights four key topics that they believe to have the “highest potential to affect internet and IT businesses operating in Russia”:
- Security of critical information infrastructure
- Foreign information technologies
- Internet regulation
- Content regulation
Our colleagues note the controversial nature of the Russian doctrines and policies discussed in the article, and state that the identification of the internet, cybersecurity, and the IT sector as national priorities “has broader implications for Russia’s international relations, and may create new opportunities and risks for businesses in the Russian market.”
Check out the full article for Brian and Anastasia’s insightful analysis.