Press Center

Since the beginning of 2025, Russian courts have issued several landmark rulings in the field of personal data processing. These cases affect the interests of banks, marketplaces, solid waste management operators, employers, and online platforms. Some positions confirm long-standing approaches (withdrawal of consent does not terminate processing where a contract or legal obligation exists), while others establish new guidelines for businesses (processing of a beneficiary's data without consent, inadmissibility of contacting a previous employer without the candidate's permission).

Our review covers seven recent cases with conclusions that will help DPOs, legal teams, and information security departments minimize risks and establish compliant processes.

On April 24, 2026, the First All-Russian Conference of Young Specialists "LAW_EXPO" was held at St. Petersburg State University. The event brought together scholars, leading expert practitioners, and early-career researchers for a comprehensive analysis of key issues in information law.

Alina Smakova, an associate in the Data Protection & Technology practice at Lidings, took part in the conference.

Lidings takes high positions in the new rating of the leading legal advisors in Russia based on the analytical research held annually by the “Kommersant” newspaper. In 2026 the firm is ranked among the TOP leading legal advisors in Russia. 

Active public discussions continue regarding the draft law “On the Foundations of State Regulation of Artificial Intelligence Technology Applications in the Russian Federation”, drafted by the Ministry of Digital Development of the Russian Federation. The document covers the development, implementation and use of artificial intelligence (hereinafter – “AI”), and establishes obligations for service owners, developers and users. Below is an overview of the key changes that will affect businesses.

The Federal Service for Technical and Export Control (hereinafter referred to as the "FSTEC") has prepared a draft methodological document "Activities and measures to protect information contained in Information Systems" (hereinafter referred to as the "Draft Methodological Document").

On 2 February 2024, the Online Safety Act, No. 9 of 2024 (hereinafter referred to as the “OSA”) was officially published in Sri Lanka. The OSA is a significant and controversial element of information security regulation in Sri Lanka. It establishes provisions prohibiting the communication of prohibited statements online and aims to prevent the use of online accounts and inauthentic online accounts for prohibited purposes.

We suggest to review the changes in the legislation on the safety of Critical Information Infrastructure (CII), which entered into force in 2025, as well as new initiatives that are planned to be considered and/or come into force in 2026.

Lidings held a series of webinars dedicated to the practical aspects of complying with the legislation on Critical Information Infrastructure (CII) security. 

On 4 December 2025 the results of the annual Pravo-300 law firms’ ranking were announced at an awarding ceremony at The Carlton Hotel in Moscow. This year Lidings expertise is highly praised in 17 key practice areas.