From Wikipedia, the free encyclopedia

The System for Operative Investigative Activities (SORM; Russian: Система оперативно-разыскных мероприятий) is the technical specification for lawful interception interfaces of telecommunications and telephone networks operating in Russia. The current form of the specification enables the targeted surveillance of both telephone and Internet communications. Initially implemented in 1995 to allow access to surveillance data for the FSB, in subsequent years the access has been widened to other law enforcement agencies.



SORM was first implemented in 1995, requiring telecommunications operators to install FSB-provided hardware allowing the agency to monitor users’ communications metadata and content, including phone calls, email traffic and web browsing activity, despite the low internet penetration rate at the time.[1]


In July 1998 the system was replaced by SORM‑2. Under SORM‑2, Russian Internet service providers (ISPs) must install a special device on their servers to allow the FSB to track all credit card transactions,[2] email messages and web use.[3] The device must be installed at the ISP's expense.[4] It has been estimated to cost $10,000–30,000.[2] Other reports note that some ISPs have had to install direct communications lines to the FSB and that costs for implementing the required changes were in excess of $100,000.[citation needed]

In July 2000, Russia's Minister of Information Technology and Communications Leonid Reiman issued the order No 130 "Concerning the introduction of technical means ensuring investigative activity (SORM) in phone, mobile and wireless communication and radio paging networks" stating that the FSB was no longer required to provide telecommunications and Internet companies documentation on targets of interest prior to accessing information.[5]

In August 2014, SORM-2 usage was extended to monitoring of social networks, chats and forums, requiring their operators to install SORM probes in their networks.[6][7]


A ministerial order from the Russian Ministry of Communications from 16 April 2014 introduced requirements for the new wiretapping system SORM-3. Telecommunications operators were required to install compliant equipment by 31 March 2015.[8]

According to regulations of Russian Ministry of Communications,[9] SORM-3 equipment supports the following selectors for targeted surveillance:

  1. Single IPv4 or IPv6 address
  2. IPv4 or IPv6 networks identified with address mask
  3. User ID within telecom operator's system, supporting "*" and "?" as globbing symbols (wildcards)
  4. email address, if targeted user connects via POP3, SMTP or IMAP4; connections protected with cryptography are specifically excluded
  5. email address, if targeted user connects to a webmail system from a predefined list of services:;;;;;;;; again, connections protected with cryptography are specifically excluded
  6. User's phone number
  7. IMSI
  8. IMEI
  9. MAC address of user's equipment
  10. ICQ UIN

The equipment has deep packet inspection (DPI) capability.[1]

Architecture and deployment[edit]

Russia uses deep packet inspection (DPI) on a nationwide scale, with part of the DPI infrastructure used for SORM.[10] Some mobile networks use DPI to additionally filter traffic.[11]

The SORM device recommended by the FSB is named Omega.[11] Equipment by Cellebrite appears to be in use.[12] SORM also enables the use of mobile control points, a laptop that can be plugged directly into communication hubs and immediately intercept and record the operator's traffic.[4]

Roskomnadzor, a federal executive body responsible for media control, reported that several local ISPs were fined by the government after they failed to install FSB-recommended SORM devices.[11]

Access by government agencies[edit]

On January 5, 2000, during his first week in office, President Vladimir Putin amended the law to allow seven other federal security agencies (next to the FSB) access to data gathered via SORM. The newly endowed agencies included:[13][14]

Warrant and notification regulations[edit]

The acquisition of communications by entitled security services in general requires a court warrant, but at the same time they are allowed to start wiretapping before obtaining such warrant. The warrant is also only required for communications content, but not metadata (communicating parties, time, location etc.), which may be obtained without the warrant.[15]

In cases where an FSB operative is required to get an eavesdropping warrant, he is under no obligation to show it to anyone. Telecom providers have no right to demand that the FSB provide a warrant, and are denied access to the surveillance boxes. The security service calls on the special controller at the FSB headquarters that is connected by a protected cable directly to the SORM device installed on the ISP network.[4]

Since 2010, intelligence officers can wiretap someone's phones or monitor their Internet activity based on received reports that an individual is preparing to commit a crime. They do not have to back up those allegations with formal criminal charges against the suspect.[16] According to a 2011 ruling, intelligence officers have the right to conduct surveillance of anyone who they claim is preparing to call for "extremist activity."[16]

Zakharov v. Russia[edit]

In December 2015, The European Court of Human Rights ruled on a case on the legality of Russian SORM legislation.[17][18] In a unanimous Grand Chamber decision, the Court ruled that Russian legal provisions "do not provide for adequate and effective guarantees against arbitrariness and the risk of abuse which is inherent in any system of secret surveillance." It noted that this risk "is particularly high in a system where the secret services and the police have direct access, by technical means, to all mobile telephone communications." It ruled that therefore, the legislation violated Article 8 of the European Convention on Human Rights.[17][18]

Yarovaya law[edit]

In July 2016, President Vladimir Putin signed into law two sets of legislative amendments commonly referred to as the Yarovaya law, after their key author, Irina Yarovaya, a leading member of the ruling party United Russia.[19] The new regulations took effect on July 1, 2018.

According to the amendments, Internet and telecom companies are required to disclose communications and metadata, as well as "all other information necessary," to authorities, on request and without a court order.[20]

See also[edit]


  1. ^ a b Maréchal, Nathalie (2017-03-22). "Networked Authoritarianism and the Geopolitics of Information: Understanding Russian Internet Policy". Media and Communication. 5 (1): 29–41. doi:10.17645/mac.v5i1.808. ISSN 2183-2439.
  2. ^ a b "Internet surveillance program in Russia – COMM 100C". Retrieved 2020-10-22.
  3. ^ "Приказ Минкомсвязи об утверждении Правил применения оборудования систем коммутации, включая программное обеспечение, обеспечивающего выполнение установленных действий при проведении оперативно-розыскных мероприятий". Российская газета. Retrieved 2016-03-16.
  4. ^ a b c "In Ex-Soviet States, Russian Spy Tech Still Watches You". WIRED. Retrieved 2016-03-16.
  5. ^ SORM Archived 2006-03-08 at the Wayback Machine,, 21 August 2000; full text of the order in Russian: Russian full text,
  6. ^ "Постановление Правительства РФ от 31 июля 2014 г. N 743 Об утверждении Правил взаимодействия организаторов распространения информации в информационно-телекоммуникационной сети Интернет с уполномоченными государственными органами, осуществляющими оперативно-разыскную деятельность или обеспечение безопасности Российской Федерации". Retrieved 2017-07-03.
  7. ^ Pierluigi Paganini (2014-08-18). "New powers for the Russian surveillance system SORM-2". Security Affairs. Retrieved 2014-08-24.
  8. ^ "СОРМ-3 будет внедрен до 31 марта 2015 года". 2014-10-11. Retrieved 2014-10-12.
  9. ^ "ПРАВИЛА применения оборудования систем коммутации, включая программное обеспечение, обеспечивающего выполнение установленных действий при проведении оперативно-разыскных мероприятий" (PDF).
  10. ^ Soldatov, Andrei; Borogan, Irina (2012-01-11). "The Kremlin's New Internet Surveillance Plan Goes Live Today". Retrieved 2017-07-03.
  11. ^ a b c Soldatov, Andrei; Borogan, Irina; Walker, Shaun (6 October 2013). "As Sochi Olympic venues are built, so are Kremlin's surveillance networks". The Guardian.
  12. ^ "Cellebrite Sold Phone Hacking Tech to Repressive Regimes, Data Suggests". Motherboard. Retrieved 2017-07-03.
  13. ^ Tracy, Jen (13 January 2000). "Police Get Window Of Access To E-mail". Moscow Times. Retrieved 6 June 2014.
  14. ^ Russia: Surveillance Policy (Report). Privacy International. 12 December 2006.
  15. ^ Kodachigov, Valery (3 April 2008). Слушать подано. Kommersant (in Russian). Vol. 35, no. 3852. p. 20.
  16. ^ a b Borogan, Irina (2012-12-27). "The Kremlin Is All Ears". The Moscow Times. Retrieved 2017-07-02.
  17. ^ a b "ECHR, Russian Federation: Breaches of Human Rights in Surveillance Legislation – Global Legal Monitor". 2016-03-02. Retrieved 2016-04-14.
  18. ^ a b "CASE OF ROMAN ZAKHAROV v. RUSSIA (Application no. 47143/06)". HUDOC – European Court of Human Rights. Paragraph 175. Retrieved 2016-04-14.
  19. ^ Ermoshina, Ksenia, Benjamin Loveluck, and Francesca Musiani (2021). "A market of black boxes: The political economy of Internet surveillance and censorship in Russia". Journal of Information Technology & Politics.{{cite journal}}: CS1 maint: multiple names: authors list (link)
  20. ^ "Russia: 'Big Brother' Law Harms Security, Rights". Human Rights Watch. 2016-07-12. Retrieved 2017-07-02.

External links[edit]


Official instructions[edit]