Mass surveillance in Russia

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

Mass surveillance is the pervasive surveillance of an entire or a substantial fraction of a population.[1] Mass surveillance in Russia includes surveillance, open-source intelligence and data mining, lawful interception as well as telecommunications data retention.

Surveillance systems[edit]

Semantic Archive[edit]

The Commonwealth of Independent States (CIS) uses a special analytical search system designed by the Russian firm Analytic Business Solutions called "Semantic Archive".[2] The advertised features of Semantic Archive are:[3][4]

  • Automated collecting and processing of information obtained from heterogeneous sources, both internal (file documents, proprietary databases, e-mails) and external (online databases, news media, blogs, forums, social networks).
  • Single uniform storage for all types of collecting documents.
  • Knowledge extraction, i.e. automatic and semi-automatic extraction of objects, events and relationships from documents.
  • Maintaining of knowledge base and collecting dossiers on particular projects, investigations, partners, competitors, clients, etc.
  • Revealing of hidden or implicit relationships between objects.
  • Visual presentation of knowledge in the form of semantic network.
  • Variety of reports used to present results of research.

It is used by the Federal Security Service (FSB) and Ministry of the Interior (MVD) to monitor open sources and the Internet, including the blogosphere and social networks.[5]

SORM[edit]

Russia's System of Operational-Investigatory Measures (SORM) requires telecommunications operators to install hardware provided by the Federal Security Service (FSB) which allow the agency to monitor users' communications metadata and content, including phone calls, email traffic and web browsing activity.[6]

The SORM-1 (implemented in 1995) system captures telephone and mobile phone communications, SORM-2 (implemented in 1999) intercepts Internet traffic, and SORM-3 collects information from all forms of communication, providing long-term storage of all information and data on subscribers, including actual recordings and locations.[7] In 2014, the system was expanded to include social media platforms, and the Ministry of Communications ordered companies to install new equipment with Deep Packet Inspection (DPI) capability.[6] In 2016, SORM-3 added additional classified regulations that apply to all Internet Service providers in Russia.[6]

The FSB is required to obtain a post-collection court warrant to access these records. Surveillance can begin before the warrant is granted or requested, the warrant need not be shown to the telecom operator, and it is only required for the retrieval of collected communications content, not for the metadata.[6]

The European Court for Human Rights deemed Russia's SORM legislation in breach of the European Convention on Human Rights in 2015 (Zakharov v. Russia).

2014 Winter Olympics[edit]

In response to the threats posed by Islamic insurgents as well as its proximity to the Georgian territory, the Russian government used comprehensive screening practices during the 2014 Sochi Winter Olympics.[8] It was also reported to have served as a testing ground for comprehensive and invasive surveillance, which made Sochi the most policed environment in history.[9] The blanket surveillance program was deployed from February 7 to 23.[10]

The FSB made classified arrangements for significant upgrades to SORM equipment in Sochi prior to the event. All communication and Internet traffic by Sochi residents is now captured and filtered through deep packet inspection systems at all mobile networks using the SORM 3 technology, described as "giant vacuum cleaner which scoops all electronic transmissions from all users all the time".[9] Roskomnadzor, a federal executive body responsible for media control, reported that several local ISPs were fined by the government after they failed to install FSB-recommended SORM devices.[11] The state invoked the right to lawful interception to track all digital activities within its national borders.[8] Aside from security perimeters manned by the police, the government also installed 5,500 closed-circuit television (CCTV) cameras to monitor the surrounding countryside.[8]

Data retention[edit]

Bloggers law[edit]

"Bloggers Law"
On Amending Federal Law “On Information, Information Technologies and Protection of Information” and Other Legislative Acts of the Russian Federation Concerning Putting in Order Information Exchange Using Information and Telecommunication Networks
Citation97-FZ
Passed5 May 2014

A 2014 law dubbed "Bloggers law" includes data retention provisions. According to the law, bloggers with over 3,000 daily readers are required to register and can no longer remain anonymous online. Organizations that provide platforms for their work such as search engines, social networks and other forums must maintain computer records on Russian soil of everything posted over the previous six months.[12] Major services required to comply include Facebook, Skype, Gmail and Twitter.[13][14]

Public Internet[edit]

As of August 2014, operators of public Wi-Fi networks in Russia have to identify users by IDs. The identification data is to be stored for at least six months.[15]

Yarovaya law[edit]

In July 2016, President Vladimir Putin signed into law two sets of legislative amendments commonly referred to as the Yarovaya Law after their key author, Irina Yarovaya. According to the amendments, Internet and telecom companies are required to store communications and metadata for 6 months to 3 years. They are required to disclose them, as well as "all other information necessary," to authorities on request and without a court order. It also requires email and messaging service providers to have cryptographic backdoors. The surveillance regulations has taken effect on 1 July 2018.

Anonymity[edit]

Operators of free Wi-Fi hotspots (restaurants, libraries, cafes etc.) are legally required to collect personal details of all users, identify them using passports, and store the data.[16][15]

All VPN software and anonymizers that do not implement Russia's internet blacklist are banned in Russia as of November 2017.[17][18][19]

"Organizers of information dissemination" such as online messenger services that allow unidentified users are banned as of January 2018.[20]

Messaging services, email and social networks that use encrypted data are required to permit the Federal Security Service (FSB) to access and read their encrypted communications without a court order starting in July 2018.[21][22][23]

References[edit]

  1. ^ "Mass Surveillance Technologies". Electronic Frontier Foundation. Retrieved 26 August 2014.
  2. ^ "Russia's Surveillance State | World Policy Institute". www.worldpolicy.org. Retrieved 2017-07-03.
  3. ^ "Analytical Business Solutions, Inc. - Semantic Archive". old.anbr.ru. Retrieved 2017-07-03.
  4. ^ "Welcome". www.anbr.ru. Retrieved 2017-07-03.
  5. ^ Soldatov, Andrei; Borogan, Irina (2011-20-25). "The Russian state and surveillance technology". openDemocracy. Retrieved 2017-07-03. Check date values in: |date= (help)
  6. ^ a b c d Maréchal, Nathalie (2017-03-22). "Networked Authoritarianism and the Geopolitics of Information: Understanding Russian Internet Policy". Media and Communication. 5 (1): 29. doi:10.17645/mac.v5i1.808. ISSN 2183-2439.
  7. ^ Soldatov, Andrei; Borogan, Irina (2013). "Russia's Surveillance State". World Policy Journal. 30 (3): 23–30. doi:10.1177/0740277513506378. ISSN 0740-2775.
  8. ^ a b c Arrigo, Bruce A. (2016-06-15). The SAGE Encyclopedia of Surveillance, Security, and Privacy. SAGE Publications. ISBN 9781483359953.
  9. ^ a b Hesterman, Jennifer (2014). Soft Target Hardening: Protecting People from Attack. Boca Raton, FL: CRC Press. p. 150. ISBN 9781482244229.
  10. ^ Toor, Amar (2014-01-28). "Spy games: behind Russia's massive Olympic surveillance program". The Verge. Retrieved 2019-05-21.
  11. ^ "As Sochi Olympic venues are built, so are Kremlin's surveillance networks". The Guardian. 6 October 2013.
  12. ^ Macfarquhar, Neil (2014-05-06). "Russia Quietly Tightens Reins on Web With 'Bloggers Law'". The New York Times. ISSN 0362-4331. Retrieved 2017-07-03.
  13. ^ "Facebook, Gmail, Skype face Russia ban under 'anti-terror' plan". CNET. Retrieved 2017-07-03.
  14. ^ "Facebook and Gmail face blacklist under Russian web laws". Telegraph.co.uk. Retrieved 2017-07-03.
  15. ^ a b "Passport now required to use public Wi-Fi in Russia". RAPSI. Retrieved 2017-07-03.
  16. ^ "Passport now required to use public Wi-Fi in Russia". RAPSI. 2014-08-08. Retrieved 2014-09-22.
  17. ^ "Putin bans VPNs in web browsing crackdown". BBC News. 2017-07-31. Retrieved 2017-07-31.
  18. ^ "Russia: New Legislation Attacks Internet Anonymity". Human Rights Watch. 2017-08-01. Retrieved 2017-08-01.
  19. ^ https://translate.google.com/translate?act=url&depth=1&hl=en&ie=UTF8&prev=_t&rurl=translate.google.com&sl=auto&sp=nmt4&tl=en&u=http://publication.pravo.gov.ru/Document/View/0001201707300002%3Findex%3D0%26rangeSize%3D1
  20. ^ "Russia: New Legislation Attacks Internet Anonymity". Human Rights Watch. 2017-08-01. Retrieved 2017-08-01.
  21. ^ "Russia Asks For The Impossible With Its New Surveillance Laws". 2016-07-19. Retrieved 2016-08-10.
  22. ^ "ФСБ избавила мессенджеры от сертификации средств шифрования по "закону Яровой"". Interfax.ru (in Russian). 2016-07-20. Retrieved 2017-07-20.
  23. ^ "Russia: 'Big Brother' Law Harms Security, Rights". Human Rights Watch. 2016-07-12. Retrieved 2017-07-02.