From 01.07.2025 the Federal Law No. 23-FZ dated 28 February 2025 “Concerning Personal Data and Certain Legislative Acts of the Russian Federation" will enter into force, containing a new version of part 5 of Article 18 of Federal Law No. 152-FZ

On November 20, 2024, the Ministry of Industry and Trade prepared a draft of amendments to the rules for providing access to information contained in state information monitoring system, approved by Government Decree No. 1955 dated 31.12.2019.

More in our update.

On November 27, 2024 the Federation Council approved laws amending the Criminal Code of the Russian Federation (hereinafter referred as the “Criminal Code”) and the Code of Administrative Offences of Russian Federation (hereinafter referred as the “Administrative Offences Code”) to and toughening liability for violations of law in the area of personal data (in accordance with the previously introduced Draft Laws: No. 502104-8 “On Amending the Code of Administrative Offences of the Russian Federation” and No. 502113-8 “On Amending the Criminal Code of the Russian Federation”).

More in our update.

On October 29, in the first reading, the State Duma of the Russian Federation adopted Bill No. 679980-8 "On Amendments to Article 9 of the Federal Law "On Personal Data" ("Law on Personal Data") and Article 10 of the Law of the Russian Federation "On Consumer Protection" ("Law on Consumer Protection") (hereinafter - the "Bill").

The draft Law № 540256-8 “On Amendments to the Federal Law "On Digital Financial Assets, Digital Currency and on Amendments to Certain Legislative Acts of the Russian Federation"” (hereinafter “Draft Law”) has been submitted to the State Duma.

The Draft Law introduces spot changes to the Digital Financial Assets Law¹ in terms of the definition of the term “secured stablecoins” and the procedure for the use of secured stablecoins in foreign trade contracts.

According to the Group-IB research, last year the amount of publicly released databases of Russian companies six times outnumbered those unlawfully made public in 2021. At the same time, special provisions, regulating liability for personal data leaks, are not foreseen neither in the Code of Administrative Offenses of Russia nor in the Criminal Code.

Therefore, on 4 December 2023, the draft laws No. 502104-8 “On Amendments to the Code of Administrative Offences of the Russian Federation” (“draft law No. 502104-8") and No. 502113-8 “On Amendments to the Criminal Code of the Russian Federation” (“draft law No. 502113-8”), providing toughening liability for personal data leakage, were submitted to the State Duma.

According to the explanatory notes to these draft laws, currently existing liability is disproportional and incomparable to the potential social harm which can personal data leakage result in.

The President has signed a law which may have an impact on Internet users and website owners.

The Law amends the Act "On Information, Information Technologies and the Protection of Information" and the Act "On Communications". The law introduces new requirements for the owners of Internet sites and their users.

By March 1, 2023, it is necessary to submit a notification on the implementation of cross-border transfer of personal data.

If you cannot access the website of a Russian state body or a bank check whether its SSL/TLS certificate has been revoked.

In October 2022, the European Commission approved the eighth package of sanctions against Russia. Among other restrictions it established a ban on the provision of legal services to Russian companies. A few weeks later, on October 24, the European Commission published answers to frequently asked questions including explanations as to what kind of legal services fall under the ban and whether the extension of sanctions to this sphere does not entail restrictions on the right to protection.