Russian Law Demanding User Data Remain On Russian Soil Could Turn Into A Ban On Apple Products

from the old-man-rattles-saber-at-cloud dept

The Russian government’s efforts to carve out its own internet continue. It’s never been shy about its interest in accessing (and censoring) internet users’ activity and data, what with its required registration for bloggers, demands for US-based companies to hand over user data and threats to block content stored on foreign servers — and that’s just since the beginning of this year.

A law outlawing the use of offshore servers to store Russian internet users’ data and content goes into effect at the beginning of 2015. That means popular products like Apple’s iPhone and iPad will all be technically violating Russian law with their automatic iCloud syncing.

This legislation can be partially blamed on the actions of Russia’s most famous guest.

As the adoptive home of Edward Snowden, Russia is all too aware that many of its citizens’ communications are stored on servers owned by the scary giants of Silicon Valley. Ultimately, the Kremlin is likely to be worried that cloud services offer the NSA a way to snoop on Russian citizens, state apparatchiks and perhaps even high ranking politicians.

The Russian government isn’t that concerned about its citizens being spied on by foreign agencies. It probably just hates the competition. But even acts of unbridled self-interest (state apparatchiks, high ranking politicians) occasionally result in net gains for the otherwise ignored public.

This ban will affect all US tech companies, but local coverage seems to imply that iPhone users will be the first to feel the results. The law effectively bans Apple’s products unless it switches iCloud services off for Russian users or decides to rent some space on local servers.

This is more Russian government control wearing the outward trappings of NSA backlash. As The Register notes, earlier this year the Russian government demanded Apple and SAP turn over source code, presumably to check it over for surveillance backdoors.

Other countries have announced their intention to purchase network technology and services from non-US companies in the wake of Snowden’s revelations, but much of the noise was there to deflect attention away from their own domestic surveillance programs. But in Russia’s case, its surveillance/control desires lay much closer to the surface, if not out in the open completely. This law doesn’t look much like NSA backlash. It looks like a convenient excuse for government expansion.

Filed Under: , , ,
Companies: apple

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Russian Law Demanding User Data Remain On Russian Soil Could Turn Into A Ban On Apple Products”

Subscribe: RSS Leave a comment
Anonymous Coward says:

‘Russia has never been shy about its interest in accessing (and censoring) internet users’ activity and data’

and the difference between Russia, a communist, self-serving country, riddled with surveillance, often chastised for the lack of freedom and privacy of both citizens and businesses, and the USA, the UK, Australia and New Zealand, as well as many other supposed democratic countries is exactly what??

Anonymous Coward says:

the new arms race

Edward Snowden’s NSA spying revelations caused probably the greatest shakeup to hit the Kremlin since the Hiroshima bomb. Suddenly, the Russian government realized that the American military-industrial complex was far more advanced than their own, and that they had better catch up fast or be left in the dust.

Because, like it or not, the United States sets the world standard. In just about everything, good, bad, … and ugly. And if the US gets away with spying on its own people (in a hundred different ways, no less) then of course that establishes a blueprint for every other country in the world to follow.

And the same way that the US started an arms race in nuclear technology, now the US has started what is sure to be another arms race, this time in digital spying technology. And then, as now, the Russians don’t want to be left behind.

Anonymous Coward says:

Yes, I know Putin is Devil Incarnate, and I agree, but I simply can NOT blame countries for doing this. Not after NSA/US gov forced their hands to do this.

And yes I know Putin has other agendas with the data as well. But listen – it’s like this:

Say the US says “we’re against torture and we promote freedom of speech” – you countries X, Y and Z are BAD for doing torture and silencing opponents!

Maybe at least the people in those countries will see a point in US’s vision and demand the same kind of protections in their countries, too. But then US starts DOING torture and silencing critics. What credibility will US have then? ZERO.

Same with the data hosting. Whether Putin, China and others will use this data to crack down on their own citizens is an entirely different matter. But US GAVE THEM A REASON to adopt such laws, by stealing their users’ data THEMSELVES.

So as I said – can’t blame them AT ALL – no matter what they plan to do with the data – that’s an INTERNAL issue and the citizens of that country need to deal with it. But keeping the data internally is their prerogative.

Anonymous Coward says:

unintended consequences

The US-spearheaded sanctions on Russia are having an unintended consequence: helping domestic (and state-owned) Russian companies compete where they couldn’t before. Maybe a ban on Boeing and Airbus planes will reinvigorate the Russian aircraft industry, which was wiped out by foreign competition.

I wonder if I need to visit Russia to get one of their credit cards that will be immune from US/EU blacklists?

JustMe (profile) says:

That isn't what it says

Been following the law for a couple of months now and have talked to (but am not myself) lawyers. Short version – the law was poorly written/worded in the first place and domestic and international IT people have been telling them it was unworkable. Here is a good summary of this week’s new information (normal caveats apply, check the source, etc.) (not my site, but their info matches up with what I’m getting from different sources.

Mason Wheeler (profile) says:

As The Register notes, earlier this year the Russian government demanded Apple and SAP turn over source code, presumably to check it over for surveillance backdoors.

That’s not a bad idea at all, actually. One of the most fundamental laws of cryptography and information security, Kerckhoff’s Principle, essentially states that you can’t trust any product to be secure if you can’t analyze the system. For software, that means getting the source.

John Fenderson (profile) says:

Re: Re:

I agree with this in principle, but in practice it’s hard to see how it works. There would still have to be some mechanism that would allow you to be sure that the binaries you’re running were actually from the source code that you reviewed.
Asking to look at the source code doesn’t get you very much unless you also get to build it yourself and use that build.

John Fenderson (profile) says:

Re: Re: Re: Re:

Two things: the build system itself and the legal right.

What Russia very likely demanded and got is probably the same thing the the US government gets from the company that I work for: the ability to review the source code in controlled circumstances under observation, but not actual possession and control of the code. This is usually how these things are done.

John Fenderson (profile) says:

Re: Re: Re: Re:

You’re correct, of course. Let’s not forget the famous Thompson login hack and the compiler modification that ensured it couldn’t be removed by recompilation:

It’s turtles all the way down. This is another reason why source code examination is insufficient if what you want is 100% assurance. However, if what you want is 100% assurance of anything, then you’re seeking the impossible.

From a security point of view, it is advisable to assume that all software and hardware is compromised and to put into place multiple layers of anomaly checking to make it as difficult as possible for hacks to go undetected if they’re used. You can’t get 100% security, but usually getting 99.9% is good enough.

John Fenderson (profile) says:

Re: Re: No point

I think the odds are excellent that they have (or have done the functional equivalent of it — such as having informants on the inside). but that doesn’t address the problem they’re worried about: they’re worried about counterintelligence — stopping adversaries from spying on them. hacking into NSA databases doesn’t address that.

Historically, the major nations have all so thoroughly infiltrated each other that they effectively have no secrets from each other anyway. Even that biggest of US secrets (that we know of) such as the development of nuclear weapons, spy satellites, etc,. were well known to the Soviets all along. And we knew theirs as well.

But that doesn’t stop every nation from trying to prevent that eventuality!

Remember also that the main purpose of governmental secrecy is not as much to prevent its enemies from learning the secrets (since they probably already know anyhow) as it is to prevent the citizens from learning them.

Anonymous Coward says:

Re: Re: Re: No point

“Historically, the major nations have all so thoroughly infiltrated each other that they effectively have no secrets from each other anyway.”

If that were true, then the Iraq invasion would never have happened, because the US government would then have known the truth about the (phantom) nuclear, chemical, and biological weapon stockpiles that Iraq was supposedly amassing, as well as Iraq’s (non-existent) partnership with Al Quaide and (equally non-existent) plans to launch those weapons against the United States and therefore exterminate the population.

Bush Jr. was interviewed today promoting his new book, and once again on the subject of Iraq, he says he regrets nothing. Not even regretting the abysmal lack of intelligence — both within the Pentagon and between his ears.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...