Federal Registrar

[Jay]

 

[Jay]

Federal Laws No(s). 312-324 on Data Privacy and Digitalization
Russian Federal Code 18​

Digital Identity and Authentication Act:

This legislation lays the groundwork for a secure and efficient digital identity system. It establishes legal provisions for creating and managing digital identities, emphasizing stringent standards for authentication mechanisms. The law aims to protect citizen data and privacy, ensuring a reliable and secure foundation for Russia’s digital bureaucracy.

Under the legislature, Russian citizens will receive an e-ID which will serve in complement to their physical id. The e-ID will be used for all government services online including voting, requesting travel documents, paying taxes, and other federal government activities.

As part of the legislature, Russian citizens will be required to authenticate their biometric information at their local government offices for authentication in order to receive an e-ID. The data protection and privacy act protects Russian citizen’s from undue aggregation of their data both digital and biometric.

Data Protection and Privacy Enhancement Act:

Building on existing data protection laws, this act addresses the unique requirements of a digital bureaucracy. It strengthens measures for securely handling, storing, and transmitting citizen data. The law prioritizes enhanced safeguards, reflecting Russia’s commitment to protecting the privacy of its citizens in the digital era.

The legislature protects Russian citizens, residents, and those under its jurisdiction from being directly or indirectly from data that is available. This prohibits data sharing that include a person's name, location data, IP addresses and cookie identifiers can be considered as personal data.

Additionally, under the law, personal data that includes information about racial or ethic origin, political opinions, religious beliefs, membership of trade unions, genetic and biometric data, health information and data is prohibited.

The prohibition means that Russian companies, foreign entities operating inside Russia, and the Russian Government can not commercialize personal data. The Russian Information Commission Office (OIK) will be responsible for determining what data falls outside of those explicitly prohibited under the statute.

Interoperability Standards and Data Exchange Act:

This legislation defines crucial standards for interoperability among diverse government systems. Its primary focus is to facilitate seamless data exchange between government agencies while prioritizing security and compliance. By promoting standardized communication protocols, the law aims to enhance efficiency and coordination across the digital landscape.

Under the legislature there would be a single national digital service which regional, provisional, and self-governing republics, may opt-into. The remaining public sector services will remain interoperable with each other and ensure that data exchanges are securely done within the confines to the Data Protection and Privacy Act.

Digital Service Accessibility Act:

Ensuring inclusivity, this act mandates that all government digital services be accessible to citizens with disabilities. It establishes clear guidelines for user interface design, emphasizing accessibility and an improved user experience. This reflects Russia’s commitment to providing equal access to public services for all citizens.

Under the legislature the Digital Accessibility Act aims to provide services that are accessible to those with physical, mental, and other forms of disability.

Cybersecurity and Incident Response Framework:

Enacted to fortify government digital systems, this legislation mandates robust cybersecurity measures. It defines a clear incident response framework, ensuring prompt identification and mitigation of cyber threats. The law underscores Russia’s dedication to safeguarding its digital infrastructure from potential cyber risks.

The Federal Protective Service (FSO) has been tasked with enhancing government infrastructure form cyberattack and malware operation using modern best practices. The FSO is provided expansive resources and legal frameworks to undertake these measures within the public's interest and national security interests.

Digital Literacy and Inclusion Act:

Focusing on citizen empowerment, this act develops a legal framework to promote digital literacy. It includes measures to bridge the digital divide, ensuring inclusivity in accessing digital services. By fostering digital literacy, Russia’s aims to empower all citizens to fully participate in the digital governance model. Under the act, Russia’s education system would require computer science courses for all its students.

Electronic Transactions and Signatures Act:
Recognizing the evolution of transactions, this law affirms the legal validity of electronic signatures. It establishes a clear legal framework for electronic contracts and agreements, fostering the digitalization of official transactions while ensuring legal certainty and security.

Under this Act, documents will be recognized by courts with an electronic signature with the exception of emails and insofar as emails are concerned it will be determined based on judicial review and extrinsic evidence.

Government Procurement for Technology Act:

Streamlining the acquisition of digital technologies, this act optimizes the government procurement process. It encourages healthy competition and innovation among technology providers, ensuring efficient and cost-effective deployment of digital solutions for government projects.

Digital Infrastructure Investment Act:

Addressing the backbone of digital transformation, this legislation allocates funds and resources for developing and maintaining digital infrastructure. It ensures a sustainable financial model to continuously enhance and optimize digital systems for the benefit of citizens.

Public-Private Partnership in Digital Governance Act:

This act establishes guidelines for collaboration between the government and the private sector in implementing digital solutions. It encourages innovation and investment through public-private partnerships, fostering a collaborative approach to advancing digital governance in Russia.

International Collaboration and Standards Adoption Act:

Facilitating global cooperation, this legislation encourages collaboration with international partners. It promotes the sharing of best practices and the adoption of international standards to ensure compatibility and global interoperability in Russia's digital governance initiatives.

Digital Government Transparency and Accountability Act:

Prioritizing transparency, this act ensures citizens have access to information about government processes and decisions within the digital bureaucracy. It defines mechanisms for accountability, fostering trust and openness in the functioning of digital governance.

Authorization for and Standards of Pilot Programs and Evaluation:

Providing a structured approach, this law establishes a legal framework for initiating pilot programs. It outlines procedures for the thorough evaluation and refinement of digital systems based on pilot outcomes, ensuring a systematic and adaptive implementation process.

Continuous Review and Update Act:

Mandating regular assessments, this legislation ensures periodic reviews of digital governance laws to adapt to technological advancements. It emphasizes the importance of a responsive legal framework, reflecting Russia's commitment to staying at the forefront of digital innovation.