On the first day of May, the President signed the law 'On Sovereign Runet', previously adopted by the State Duma and the Federation Council, which means that it will come into force in 6 months – November 1, 2019. The law was controversial and continues to cause a storm of discussion and discontent from the public.
In communicating with numerous acquaintances and colleagues, I found that few of them read the text of the law, or even tried to grasp its essence. If you are also among them, then I suggest you read my today's material. In it we will talk about eight important facts about the law, which I decided to present for you in simple and understandable words.
- There is no specifics in the law yet
- Roskomnadzor will get more powers, but not in 'peace' time
- There is no information about the equipment in the law yet
- Who will bear the costs and how much will it cost?
- There will be no new reasons for blocking, but the old ones will remain
- Operators will have drills, but no responsibility
- Users are not liable for 'banned' and VPN
There is no specifics in the law yet
The text, which was adopted by the two chambers of the Russian parliament and signed by the president, is a framework law. He describes only basic things in general terms, that is, conveys only the basic meaning. At the moment, there is very little practical information in the law.
Much more will depend on how the further bylaws will look like: decrees, orders, regulations, orders and other documents. Only in them will there be specifics about how exactly the “Law on the Sovereign Runet” will work, in what cases it will be applied and what exactly threatens us – ordinary Internet users. So far, there are more questions than answers.
The meaning of the law, judging by its text, is very simple: to make sure that no one from the outside could destabilize the work of the Russian segment of the Internet and even more so physically disconnect Russia from the Internet. That is, to make Runet functioning independently of other segments located abroad.
The implementation of the law should ensure the protection of Runet in the event of “threats to the stability, security and integrity of the Internet and communications.” There is no list of potential threats in the law, but it seems that it should appear in future bylaws.
Roskomnadzor will get more powers, but not in 'peace' time
The oversight agency, within the framework of the law, will be endowed with a large list of powers, but it will be able to apply them in practice only in the event of threats to the stability of Runet. For example, Roskomnadzor will be able to centrally manage traffic and block resources on its own. Until these threats come, everything will remain the same: operators will exercise control over traffic on their own.
This also applies to resource locks. At the moment, Roskomnadzor is sending operators a list of resources blocked in Russia, after which the operators independently implement physical blocking of IP addresses. It will act in the same way in the “peace” time for Runet after November 1. However, after the implementation of the law, if any threats from the list (which has not yet been published) arise, the RKN will have a tool for self-blocking.
Another important point. Despite the fact that the powers of Roskomnadzor to control Runet will only come during threats, the agency will still oblige operators to provide it with detailed information about their own networks, routing and software and hardware communication systems. Moreover, RKN will closely monitor which networks the operator is connected to, and cross-border highways will come under even closer control.
There is no information about the equipment in the law yet
As part of the implementation of the law, it is planned that Russian operators will install special software and hardware systems that will allow centralized control of Internet traffic. But in its current form there is nothing about the equipment, except for the mention of some 'technical means'.
The equipment should be Russian, but due to the lack of specifics, it is not yet clear to what extent it should be. We know that many Russian hardware and software systems often consist of imported components, even if they are generally developed and manufactured in Russia. How it will be in this case is still unknown.
Who will bear the costs and how much will it cost?
The equipment will be purchased by operators at the expense of the budget, but it is not yet clear how much it will eventually cost. The financial substantiation of the bill indicates that no expenses will be required from the state, however, figures from 20 to 30 billion rubles are heard from the lips of officials. Allegedly, these expenses have already been included in the budget of the Russian Federation for 2019-2021 as part of the implementation of the Digital Economy national program.
There will be no new reasons for blocking, but the old ones will remain
The law does not say about any new reasons for blocking resources, but it will not affect the old ones either. Also, there will be no innovations regarding the transfer of information about users to special services. Any restrictions on foreign resources are also not described in the law. That is, in the absence of threats to Runet, everything should work in the same way as it does now.
Many of you are probably interested in the question of the effectiveness of blocking those services that are actually blocked, but continue to work. So, the text of the law does not directly say about this, but it is likely to be a 'pleasant' bonus for Roskomnadzor. Despite the fact that Roskomnadzor will not have the right to independently control traffic in peacetime, it will still be able to indicate to operators the resources that need to be blocked. At the same time, within the framework of the law 'On Sovereign Runet', operators will have equipment that will allow them to control all passing traffic, albeit independently. And operators at the direction of the RKN will block such traffic.
Operators will have drills, but no responsibility
As part of the implementation of the law, operators, together with Roskomnadzor and other subjects, will conduct exercises, but how they will look is still unknown. At the same time, if something goes wrong during the exercise or during the further regular operation of the new equipment, the operators will not bear any responsibility either to subscribers or to the state.
Users are not liable for 'banned' and VPN
There are no rules in the law that would concern the subscribers themselves and their use of prohibited resources. If you know how to bypass the blocking of this or that resource, then you can safely use it, no punishment will threaten you from November 1 for this. This applies to proxies, anonymizers, VPN services and other blocking bypass tools. That is, the fact that you are using something prohibited in Russia is Roskomnadzor's problem, not yours.
Overall, I went through all the main points of the new law related to the Internet. Perhaps the national domain name system and domestic cryptography are left behind, but it is still more vague and vague there, and will only come into force in 2021.
What do you think, will something change as early as November 1? Will we strongly feel this law on ourselves, or in general, everything will remain the same?