Russian Law Demanding User Data Remain On Russian Soil Could Turn Into A Ban On Apple Products

from the old-man-rattles-saber-at-cloud dept

The Russian government's efforts to carve out its own internet continue. It's never been shy about its interest in accessing (and censoring) internet users' activity and data, what with its required registration for bloggers, demands for US-based companies to hand over user data and threats to block content stored on foreign servers -- and that's just since the beginning of this year.

A law outlawing the use of offshore servers to store Russian internet users' data and content goes into effect at the beginning of 2015. That means popular products like Apple's iPhone and iPad will all be technically violating Russian law with their automatic iCloud syncing.

This legislation can be partially blamed on the actions of Russia's most famous guest.

As the adoptive home of Edward Snowden, Russia is all too aware that many of its citizens' communications are stored on servers owned by the scary giants of Silicon Valley. Ultimately, the Kremlin is likely to be worried that cloud services offer the NSA a way to snoop on Russian citizens, state apparatchiks and perhaps even high ranking politicians.
The Russian government isn't that concerned about its citizens being spied on by foreign agencies. It probably just hates the competition. But even acts of unbridled self-interest (state apparatchiks, high ranking politicians) occasionally result in net gains for the otherwise ignored public.

This ban will affect all US tech companies, but local coverage seems to imply that iPhone users will be the first to feel the results. The law effectively bans Apple's products unless it switches iCloud services off for Russian users or decides to rent some space on local servers.

This is more Russian government control wearing the outward trappings of NSA backlash. As The Register notes, earlier this year the Russian government demanded Apple and SAP turn over source code, presumably to check it over for surveillance backdoors.

Other countries have announced their intention to purchase network technology and services from non-US companies in the wake of Snowden's revelations, but much of the noise was there to deflect attention away from their own domestic surveillance programs. But in Russia's case, its surveillance/control desires lay much closer to the surface, if not out in the open completely. This law doesn't look much like NSA backlash. It looks like a convenient excuse for government expansion.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: cloud, localization, russia, surveillance
Companies: apple


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 7 Nov 2014 @ 7:02am

    'Russia has never been shy about its interest in accessing (and censoring) internet users' activity and data'

    and the difference between Russia, a communist, self-serving country, riddled with surveillance, often chastised for the lack of freedom and privacy of both citizens and businesses, and the USA, the UK, Australia and New Zealand, as well as many other supposed democratic countries is exactly what??

    link to this | view in chronology ]

    • identicon
      Pragmatic, 7 Nov 2014 @ 7:24am

      Re:

      Russia stopped being communist during the early Nineties when Boris Yeltzin became their president. It's been an oligarchy since then. Do keep up, comrade.

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 7 Nov 2014 @ 8:40am

        Re: Re:

        One could argue that they were both communist and oligarchic before Gorbatchev and Yeltsin.

        link to this | view in chronology ]

        • icon
          tqk (profile), 7 Nov 2014 @ 9:21am

          Re: Re: Re:

          I would say they were both fascist and oligarchic before and after Gorbachev and Yeltsin. Communism was just window dressing.

          link to this | view in chronology ]

          • icon
            John Fenderson (profile), 7 Nov 2014 @ 9:36am

            Re: Re: Re: Re:

            Communism (or capitalism, for that matter) and fascism are not at all mutually exclusive.

            link to this | view in chronology ]

    • icon
      John Fenderson (profile), 7 Nov 2014 @ 7:49am

      Re:

      Russia tends to be more honest about their oppressive policies.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 7 Nov 2014 @ 7:10am

    the new arms race

    Edward Snowden's NSA spying revelations caused probably the greatest shakeup to hit the Kremlin since the Hiroshima bomb. Suddenly, the Russian government realized that the American military-industrial complex was far more advanced than their own, and that they had better catch up fast or be left in the dust.

    Because, like it or not, the United States sets the world standard. In just about everything, good, bad, ... and ugly. And if the US gets away with spying on its own people (in a hundred different ways, no less) then of course that establishes a blueprint for every other country in the world to follow.

    And the same way that the US started an arms race in nuclear technology, now the US has started what is sure to be another arms race, this time in digital spying technology. And then, as now, the Russians don't want to be left behind.

    link to this | view in chronology ]

    • identicon
      JEDIDIAH, 7 Nov 2014 @ 7:28am

      Re: the new arms race

      > And the same way that the US started an arms race in nuclear technology,

      No. That was Kruschev blustering about missile production he didn't have. We took him at his word because at the time we didn't have the spy tech to contradict him.

      link to this | view in chronology ]

      • icon
        John Fenderson (profile), 7 Nov 2014 @ 7:52am

        Re: Re: the new arms race

        That's not entirely true. Documents that have been declassified in the past few year indicate that we (the executive branch, anyway) knew full well that Russia was exaggerating.

        link to this | view in chronology ]

  • identicon
    Anonymous Coward, 7 Nov 2014 @ 7:33am

    Yes, I know Putin is Devil Incarnate, and I agree, but I simply can NOT blame countries for doing this. Not after NSA/US gov forced their hands to do this.

    And yes I know Putin has other agendas with the data as well. But listen - it's like this:

    Say the US says "we're against torture and we promote freedom of speech" - you countries X, Y and Z are BAD for doing torture and silencing opponents!

    Maybe at least the people in those countries will see a point in US's vision and demand the same kind of protections in their countries, too. But then US starts DOING torture and silencing critics. What credibility will US have then? ZERO.

    Same with the data hosting. Whether Putin, China and others will use this data to crack down on their own citizens is an entirely different matter. But US GAVE THEM A REASON to adopt such laws, by stealing their users' data THEMSELVES.

    So as I said - can't blame them AT ALL - no matter what they plan to do with the data - that's an INTERNAL issue and the citizens of that country need to deal with it. But keeping the data internally is their prerogative.

    link to this | view in chronology ]

    • identicon
      Call me Al, 7 Nov 2014 @ 8:48am

      Re:

      Fully agreed.

      If you are going to lecture other countries on such matters then you must live up to your own hype. The US, UK and various other countries do not and yet still try to lecture. It is nonsense.

      link to this | view in chronology ]

      • icon
        John Fenderson (profile), 7 Nov 2014 @ 8:50am

        Re: Re:

        The pragmatic argument for why the US needs to operate in a moral fashion is exactly this: nobody will take your scolding seriously if you are no better.

        link to this | view in chronology ]

        • identicon
          Anonymous Coward, 8 Nov 2014 @ 11:04am

          Re: Re: Re:

          Well, the bullying-effect is still there, even if it works best when the hypocricy is on the down low.

          link to this | view in chronology ]

  • identicon
    Anonymous Coward, 7 Nov 2014 @ 8:13am

    Wider Implications?

    So what about airlines and other such companies that maintain user preferences and profiles. If a Russian citizen has registered at Lufthansa.com for his seat,meal preferences does that data have to stay within Russia?

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 7 Nov 2014 @ 8:21am

    "This ban will affect all US tech companies..."

    Will it? How exactly does Russia intend to enforce the law against US companies operating on US soil?

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 7 Nov 2014 @ 8:46am

      Re:

      Is So Possible

      link to this | view in chronology ]

    • identicon
      Call me Al, 7 Nov 2014 @ 8:47am

      Re:

      From banning those companies from operating in Russia. Apple do still want to sell to Russians you know.

      link to this | view in chronology ]

    • identicon
      Anonymous Coward, 7 Nov 2014 @ 6:04pm

      Re:

      I'm guessing the same way the US expects to enforce US law on Irish (Microsoft) or NZ (MegaUpload) soils. Seems appropriate, right?

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 7 Nov 2014 @ 8:31am

    unintended consequences

    The US-spearheaded sanctions on Russia are having an unintended consequence: helping domestic (and state-owned) Russian companies compete where they couldn't before. Maybe a ban on Boeing and Airbus planes will reinvigorate the Russian aircraft industry, which was wiped out by foreign competition.

    I wonder if I need to visit Russia to get one of their credit cards that will be immune from US/EU blacklists?

    http://rt.com/business/202839-russia-bank-issues-card/

    link to this | view in chronology ]

  • icon
    JustMe (profile), 7 Nov 2014 @ 9:11am

    That isn't what it says

    Been following the law for a couple of months now and have talked to (but am not myself) lawyers. Short version - the law was poorly written/worded in the first place and domestic and international IT people have been telling them it was unworkable. Here is a good summary of this week's new information (normal caveats apply, check the source, etc.) http://eng.rkn.gov.ru/news/news29.htm (not my site, but their info matches up with what I'm getting from different sources.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 7 Nov 2014 @ 9:52am

    Guys, this is not correct. The Russian law will only become effective in 2016

    link to this | view in chronology ]

  • icon
    Mason Wheeler (profile), 7 Nov 2014 @ 10:51am

    As The Register notes, earlier this year the Russian government demanded Apple and SAP turn over source code, presumably to check it over for surveillance backdoors.

    That's not a bad idea at all, actually. One of the most fundamental laws of cryptography and information security, Kerckhoff's Principle, essentially states that you can't trust any product to be secure if you can't analyze the system. For software, that means getting the source.

    link to this | view in chronology ]

    • icon
      John Fenderson (profile), 7 Nov 2014 @ 12:15pm

      Re:

      I agree with this in principle, but in practice it's hard to see how it works. There would still have to be some mechanism that would allow you to be sure that the binaries you're running were actually from the source code that you reviewed.
      Asking to look at the source code doesn't get you very much unless you also get to build it yourself and use that build.

      link to this | view in chronology ]

      • icon
        Mason Wheeler (profile), 7 Nov 2014 @ 1:08pm

        Re: Re:

        And if you have the source, what's stopping you from doing exactly that?

        link to this | view in chronology ]

        • icon
          John Fenderson (profile), 8 Nov 2014 @ 8:33am

          Re: Re: Re:

          Two things: the build system itself and the legal right.

          What Russia very likely demanded and got is probably the same thing the the US government gets from the company that I work for: the ability to review the source code in controlled circumstances under observation, but not actual possession and control of the code. This is usually how these things are done.

          link to this | view in chronology ]

      • identicon
        Anonymous Coward, 7 Nov 2014 @ 2:46pm

        Re: Re:

        Don't forget about the compiler. Can you really trust it to compile your sources correctly? Did you compile the compiler yourself? And what did you use to compile the compiler?

        link to this | view in chronology ]

        • icon
          John Fenderson (profile), 8 Nov 2014 @ 8:40am

          Re: Re: Re:

          You're correct, of course. Let's not forget the famous Thompson login hack and the compiler modification that ensured it couldn't be removed by recompilation: http://cm.bell-labs.com/who/ken/trust.html

          It's turtles all the way down. This is another reason why source code examination is insufficient if what you want is 100% assurance. However, if what you want is 100% assurance of anything, then you're seeking the impossible.

          From a security point of view, it is advisable to assume that all software and hardware is compromised and to put into place multiple layers of anomaly checking to make it as difficult as possible for hacks to go undetected if they're used. You can't get 100% security, but usually getting 99.9% is good enough.

          link to this | view in chronology ]

  • identicon
    Anonymous Coward, 7 Nov 2014 @ 11:34am

    It could leave a fag a ciarette choice in health.

    link to this | view in chronology ]

  • identicon
    Pixelation, 7 Nov 2014 @ 2:28pm

    And so the fragmentation of the web begins...

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 7 Nov 2014 @ 3:15pm

    quis compiles ipsos compilers? or something

    link to this | view in chronology ]

  • identicon
    Ismail, 7 Nov 2014 @ 5:49pm

    After the Snowden revelations

    I'd trust my cloud data in Russian servers before I'd trust Apple, Google and Microsoft. Russia never claimed it was the bastion of freedom like the US has. Besides, I'd bet that there isn't anyone in Russia who would know and/or care who I am anyway.

    link to this | view in chronology ]

  • identicon
    Dianna Fienstein, 7 Nov 2014 @ 9:13pm

    We should refer to Intelligence Agency officials as Apparatchiks, too.

    link to this | view in chronology ]

  • icon
    Coyne Tibbets (profile), 7 Nov 2014 @ 10:57pm

    No point

    Sorry, Russia, there's no point in keeping the data on your soil. NSA already has taps in all your servers.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 8 Nov 2014 @ 11:12am

      Re: No point

      Why don't they just hack NSA? All the data they need and with a nice bow tie of a program to search it.

      link to this | view in chronology ]

      • icon
        John Fenderson (profile), 8 Nov 2014 @ 11:40am

        Re: Re: No point

        I think the odds are excellent that they have (or have done the functional equivalent of it -- such as having informants on the inside). but that doesn't address the problem they're worried about: they're worried about counterintelligence -- stopping adversaries from spying on them. hacking into NSA databases doesn't address that.

        Historically, the major nations have all so thoroughly infiltrated each other that they effectively have no secrets from each other anyway. Even that biggest of US secrets (that we know of) such as the development of nuclear weapons, spy satellites, etc,. were well known to the Soviets all along. And we knew theirs as well.

        But that doesn't stop every nation from trying to prevent that eventuality!

        Remember also that the main purpose of governmental secrecy is not as much to prevent its enemies from learning the secrets (since they probably already know anyhow) as it is to prevent the citizens from learning them.

        link to this | view in chronology ]

        • identicon
          Anonymous Coward, 9 Nov 2014 @ 10:29pm

          Re: Re: Re: No point

          "Historically, the major nations have all so thoroughly infiltrated each other that they effectively have no secrets from each other anyway."

          If that were true, then the Iraq invasion would never have happened, because the US government would then have known the truth about the (phantom) nuclear, chemical, and biological weapon stockpiles that Iraq was supposedly amassing, as well as Iraq's (non-existent) partnership with Al Quaide and (equally non-existent) plans to launch those weapons against the United States and therefore exterminate the population.

          Bush Jr. was interviewed today promoting his new book, and once again on the subject of Iraq, he says he regrets nothing. Not even regretting the abysmal lack of intelligence -- both within the Pentagon and between his ears.

          link to this | view in chronology ]

          • icon
            John Fenderson (profile), 10 Nov 2014 @ 7:56am

            Re: Re: Re: Re: No point

            "the US government would then have known the truth about the (phantom) nuclear, chemical, and biological weapon stockpiles that Iraq was supposedly amassing"

            I think they did know.

            link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.