Mass surveillance in Russia

Last updated

Mass surveillance is the pervasive surveillance of an entire or a substantial fraction of a population. [1] Mass surveillance in Russia includes surveillance, open-source intelligence and data mining, lawful interception as well as telecommunications data retention.

Contents

Surveillance systems

Semantic Archive

The Commonwealth of Independent States (CIS) uses a special analytical search system designed by the Russian firm Analytic Business Solutions called "Semantic Archive". [2] The advertised features of Semantic Archive are: [3] [4]

It is used by the Federal Security Service (FSB) and Ministry of the Interior (MVD) to monitor open sources and the Internet, including the blogosphere and social networks. [5]

SORM

Russia's System of Operational-Investigatory Measures (SORM) requires telecommunications operators to install hardware provided by the Federal Security Service (FSB) which allows the agency to monitor users' communications metadata and content, including phone calls, email traffic, and web browsing activity. [6]

The SORM-1 (implemented in 1995) system captures telephone and mobile phone communications, SORM-2 (implemented in 1999) intercepts Internet traffic, and SORM-3 collects information from all forms of communication, providing long-term storage of all information and data on subscribers, including actual recordings and locations. [7] In 2014, the system was expanded to include social media platforms, and the Ministry of Communications ordered companies to install new equipment with deep packet inspection (DPI) capability. [6] In 2016, SORM-3 added additional classified regulations that apply to all Internet service providers in Russia. [6]

The FSB is required to obtain a post-collection court warrant to access these records. Surveillance can begin before the warrant is granted or requested, the warrant need not be shown to the telecom operator, and it is only required for the retrieval of collected communications content, not for the metadata. [6]

The European Court for Human Rights deemed Russia's SORM legislation in breach of the European Convention on Human Rights in 2015 ( Zakharov v. Russia ).

Gratitude of the Department of the Ministry of Internal Affairs of the Russian Federation for the Volkhov region of the organization Perspective Scientific Research Development for the creation of the "CAMERTON" system Blagodarnost' Otdela MVD Rossiiskoi Federatsii po Volkhovskomu raionu, kompanii PNIR za sozdanie sistemy "Kamerton".jpg
Gratitude of the Department of the Ministry of Internal Affairs of the Russian Federation for the Volkhov region of the organization Perspective Scientific Research Development for the creation of the "CAMERTON" system

CAMERTON

СAMERTON: Is a global vehicle tracking system, control and tracking, identification of probable routes and places of the most frequent appearance of a particular vehicle, integrated with a distributed network of radar complexes of photo-video fixation and road surveillance camera. [8] Developed and implemented by the "Advanced Scientific - Research Projects" enterprise St. Petersburg. [9] Within the framework of the practical use of the system of the Ministry of Internal Affairs of the Russian Federation, it has made it possible to identify and solve grave and especially grave crimes, the system is also operated by other state services and departments;

2014 Winter Olympics

In response to the threats posed by Islamic insurgents as well as its proximity to the Georgian territory, the Russian government used comprehensive screening practices during the 2014 Sochi Winter Olympics. [10] It was also reported to have served as a testing ground for comprehensive and invasive surveillance, which made Sochi the most policed environment in history. [11] The blanket surveillance program was deployed from February 7 to 23. [12]

The FSB made classified arrangements for significant upgrades to SORM equipment in Sochi prior to the event. All communication and Internet traffic by Sochi residents is now captured and filtered through deep packet inspection systems at all mobile networks using the SORM 3 technology, described as "giant vacuum cleaner which scoops all electronic transmissions from all users all the time". [11] Roskomnadzor, a federal executive body responsible for media control, reported that several local ISPs were fined by the government after they failed to install FSB-recommended SORM devices. [13] The state invoked the right to lawful interception to track all digital activities within its national borders. [10] Aside from security perimeters manned by the police, the government also installed 5,500 closed-circuit television (CCTV) cameras to monitor the surrounding countryside. [10]

Data retention

Bloggers law

"Bloggers Law"
  • On Amending Federal Law “On Information, Information Technologies and Protection of Information” and Other Legislative Acts of the Russian Federation Concerning Putting in Order Information Exchange Using Information and Telecommunication Networks
Citation 97-FZ
Passed5 May 2014

A 2014 law dubbed "Bloggers law" includes data retention provisions. According to the law, bloggers with over 3,000 daily readers are required to register and can no longer remain anonymous online. Organizations that provide platforms for their work such as search engines, social networks, and other forums must maintain computer records on Russian soil of everything posted over the previous six months. [14] Major services required to comply include Facebook, Skype, Gmail, and Twitter. [15] [16]

Public Internet

As of August 2014, operators of public Wi-Fi networks in Russia have to identify users by IDs. The identification data is to be stored for at least six months. [17]

Yarovaya law

In July 2016, President Vladimir Putin signed into law two sets of legislative amendments commonly referred to as the Yarovaya Law after their key author, Irina Yarovaya. According to the amendments, Internet and telecom companies are required to store communications and metadata for 6 months to 3 years. They are required to disclose them, as well as "all other information necessary," to authorities on request and without a court order. It also requires an email and messaging service providers to have cryptographic backdoors. The surveillance regulations have taken effect on 1 July 2018.

Anonymity

Operators of free Wi-Fi hotspots (restaurants, libraries, cafes etc.) are legally required to collect personal details of all users, identify them using passports, and store the data. [18] [17]

All VPN software and anonymizers that do not implement Russia's internet blacklist are banned in Russia as of November 2017. [19] [20] [21]

"Organizers of information dissemination" such as online messenger services that allow unidentified users are banned as of January 2018. [22]

Messaging services, email and social networks that use encrypted data are required to permit the Federal Security Service (FSB) to access and read their encrypted communications without a court order starting in July 2018. [23] [24] [25]

Related Research Articles

Wiretapping, also known as wire tapping or telephone tapping, is the monitoring of telephone and Internet-based conversations by a third party, often by covert means. The wire tap received its name because, historically, the monitoring connection was an actual electrical tap on an analog telephone or telegraph line. Legal wiretapping by a government agency is also called lawful interception. Passive wiretapping monitors or records the traffic, while active wiretapping alters or otherwise affects it.

Computer and network surveillance is the monitoring of computer activity and data stored locally on a computer or data being transferred over computer networks such as the Internet. This monitoring is often carried out covertly and may be completed by governments, corporations, criminal organizations, or individuals. It may or may not be legal and may or may not require authorization from a court or other independent government agencies. Computer and network surveillance programs are widespread today and almost all Internet traffic can be monitored.

<span class="mw-page-title-main">Internet service provider</span> Organization that provides access to the Internet

An Internet service provider (ISP) is an organization that provides myriad services related to accessing, using, managing, or participating in the Internet. ISPs can be organized in various forms, such as commercial, community-owned, non-profit, or otherwise privately owned.

<span class="mw-page-title-main">Mass surveillance</span> Intricate surveillance of an entire or a substantial fraction of a population

Mass surveillance is the intricate surveillance of an entire or a substantial fraction of a population in order to monitor that group of citizens. The surveillance is often carried out by local and federal governments or governmental organizations, but it may also be carried out by corporations. Depending on each nation's laws and judicial systems, the legality of and the permission required to engage in mass surveillance varies. It is the single most indicative distinguishing trait of totalitarian regimes. It is often distinguished from targeted surveillance.

Deep packet inspection (DPI) is a type of data processing that inspects in detail the data being sent over a computer network, and may take actions such as alerting, blocking, re-routing, or logging it accordingly. Deep packet inspection is often used for baselining application behavior, analyzing network usage, troubleshooting network performance, ensuring that data is in the correct format, checking for malicious code, eavesdropping, and internet censorship, among other purposes. There are multiple headers for IP packets; network equipment only needs to use the first of these for normal operation, but use of the second header is normally considered to be shallow packet inspection despite this definition.

Internet privacy involves the right or mandate of personal privacy concerning the storage, re-purposing, provision to third parties, and display of information pertaining to oneself via the Internet. Internet privacy is a subset of data privacy. Privacy concerns have been articulated from the beginnings of large-scale computer sharing and especially relate to mass surveillance.

<span class="mw-page-title-main">FAPSI</span> Russian signals intelligence agency

FAPSI or Federal Agency of Government Communications and Information (FAGCI) was a Russian government agency, which was responsible for signal intelligence and security of governmental communications.

Data retention defines the policies of persistent data and records management for meeting legal and business data archival requirements. Although sometimes interchangeable, it is not to be confused with the Data Protection Act 1998.

The System for Operative Investigative Activities is the technical specification for lawful interception interfaces of telecommunications and telephone networks operating in Russia. The current form of the specification enables the targeted surveillance of both telephone and Internet communications. Initially implemented in 1995 to allow access to surveillance data for the FSB, in subsequent years the access has been widened to other law enforcement agencies.

<span class="mw-page-title-main">Andrei Soldatov</span> Russian investigative journalist and writer (born 1975)

Andrei Alekseyevich Soldatov is a Russian investigative journalist and Russian security services expert. Together with fellow journalist Irina Borogan he is co-founder and editor of the Agentura.Ru website.

<span class="mw-page-title-main">Internet in Moldova</span>

Internet in Moldova is one of the fastest and least expensive in the world. The country ranks 3rd in the world by gigabit coverage with around 90% of the population having the option to subscribe to a gigabit plan. The overall infrastructure is well developed which allows many users to experience good quality services throughout the country. However, despite high speeds and cheap prices, the penetration level is quite low when compared with many EU or CIS countries. In 2018, 49% of Moldovan households had broadband access. In 2015, there were 80 registered Internet Service Provider's (ISP's) in the country, with the majority being local or regional with only a few offering their services throughout the country. Moldtelecom and StarNet are the country's leading providers sharing around 88% of the market. The remaining 12% are shared between other ISPS, like SunCommunications, Arax Communications and others. Almost all ISPs that offer their services across the country have their headquarters located in the capital-city of Chişinău.

Internet in Tajikistan became present within the country during the early 1990s. Tajikistan had just become independent in 1992, with Emomali Rahmon as the new ruler, when the internet was introduced to the country. Nevertheless, it was after over a decade that the country’s internet became more accessible. The history of the internet’s foundation in Tajikistan extends from 1992 to present-day Tajikistan. By 2009, internet penetration had developed since the initial conception of the internet in Tajikistan and Internet Service Providers (ISPs) had increased in number. For most of the applications vpn is necessary inside tajikistan except for government use

The Internet in Kazakhstan is growing rapidly. Between 2001 and 2005, the number of Internet users increased from 200,000 to 1 million. By 2007, Kazakhstan reported Internet penetration levels of 8.5 percent, rising to 12.4 percent in 2008 and 34.3% in 2010. By 2013, Kazakhstani officials reported Internet penetration levels of 62.2 percent, with about 10 million users. There are five first-tier ISPs with international Internet connections and approximately 100 second-tier ISPs that are purchasing Internet traffic from the first-tier ISPs. As of 2019, more than 75% of Kazakhstan's population has access to the internet, a figure well ahead of any other country in Central Asia. The Internet consumption in the country rose from 356 PB in 2018 to 1,000 PB in 2022.

<span class="mw-page-title-main">Internet censorship in Russia</span>

In Russia, internet censorship is enforced on the basis of several laws and through several mechanisms. Since 2008, Russia maintains a centralized internet blacklist maintained by the Federal Service for Supervision of Communications, Information Technology and Mass Media (Roskomnadzor).

<span class="mw-page-title-main">Oleg Syromolotov</span>

Oleg Vladimirovich Syromolotov was Deputy Director of Russia's Federal Security Service (FSB), the successor of the Soviet-era KGB. He has headed the DKR, the organisation's counterintelligence branch. He was chief of security for the 2014 Winter Olympics in Sochi.

Zakharov v. Russia was a 2015 court case before the European Court of Human Rights involving Roman Zakharov and the Russian Federation. The Court ruled that Russia's legal provisions governing communications surveillance did not provide adequate safeguards against arbitrariness or abuse, and that therefore a violation took place of Article 8 of the European Convention of Human Rights.

IT-backed authoritarianism, also known as techno-authoritarianism, digital authoritarianism or digital dictatorship, refers to the state use of information technology in order to control or manipulate both foreign and domestic populations. Tactics of digital authoritarianism may include mass surveillance including through biometrics such as facial recognition, internet firewalls and censorship, internet blackouts, disinformation campaigns, and digital social credit systems. Although some institutions assert that this term should only be used to refer to authoritarian governments, others argue that the tools of digital authoritarianism are being adopted and implemented by governments with "authoritarian tendencies", including democracies.

The Yarovaya law, also Yarovaya package or Yarovaya — Ozerov package is a set of two Russian federal bills, 374-FZ and 375-FZ, passed in 2016. The bills amend previous counter-terrorism laws and separate laws which regulate additional counter-terror and public safety measures. The public names the law after the last name of one of its creators—Irina Yarovaya.

A virtual private network (VPN) service provides a proxy server to help users bypass Internet censorship such as geo-blocking and users who want to protect their communications against data profiling or MitM attacks on hostile networks.

References

  1. "Mass Surveillance Technologies". Electronic Frontier Foundation. Retrieved 26 August 2014.
  2. "Russia's Surveillance State | World Policy Institute". www.worldpolicy.org. Retrieved 2017-07-03.
  3. "Analytical Business Solutions, Inc. - Semantic Archive". old.anbr.ru. Retrieved 2017-07-03.
  4. "Welcome". www.anbr.ru. Retrieved 2017-07-03.
  5. Soldatov, Andrei; Borogan, Irina (2011-10-25). "The Russian state and surveillance technology". openDemocracy. Retrieved 2017-07-03.
  6. 1 2 3 4 Maréchal, Nathalie (2017-03-22). "Networked Authoritarianism and the Geopolitics of Information: Understanding Russian Internet Policy". Media and Communication. 5 (1): 29–41. doi: 10.17645/mac.v5i1.808 . ISSN   2183-2439.
  7. Soldatov, Andrei; Borogan, Irina (2013). "Russia's Surveillance State". World Policy Journal. 30 (3): 23–30. doi:10.1177/0740277513506378. ISSN   0740-2775.
  8. "What is "professionalitet", how it will be useful for a student, a specialist and the labor market" (2021-10-09). "Website about business and economics (in Russian)". Wall Wayxar (Moscow) (in Russian). Retrieved 2021-10-17.{{cite web}}: CS1 maint: multiple names: authors list (link)
  9. "Digital-Report" - information and analytical magazin (2021-08-13). "Saboteur developers: pests at work and how to find them". Digital Report (in Russian). Retrieved 2021-10-17.
  10. 1 2 3 Arrigo, Bruce A. (2016-06-15). The SAGE Encyclopedia of Surveillance, Security, and Privacy. SAGE Publications. ISBN   9781483359953.
  11. 1 2 Hesterman, Jennifer (2014). Soft Target Hardening: Protecting People from Attack. Boca Raton, FL: CRC Press. p. 150. ISBN   9781482244229.
  12. Toor, Amar (2014-01-28). "Spy games: behind Russia's massive Olympic surveillance program". The Verge. Retrieved 2019-05-21.
  13. "As Sochi Olympic venues are built, so are Kremlin's surveillance networks". The Guardian. 6 October 2013.
  14. Macfarquhar, Neil (2014-05-06). "Russia Quietly Tightens Reins on Web With 'Bloggers Law'". The New York Times. ISSN   0362-4331 . Retrieved 2017-07-03.
  15. "Facebook, Gmail, Skype face Russia ban under 'anti-terror' plan". CNET. Retrieved 2017-07-03.
  16. "Facebook and Gmail face blacklist under Russian web laws". Telegraph.co.uk. Retrieved 2017-07-03.
  17. 1 2 "Passport now required to use public Wi-Fi in Russia". RAPSI. Retrieved 2017-07-03.
  18. "Passport now required to use public Wi-Fi in Russia". RAPSI. 2014-08-08. Retrieved 2014-09-22.
  19. "Putin bans VPNs in web browsing crackdown". BBC News. 2017-07-31. Retrieved 2017-07-31.
  20. "Russia: New Legislation Attacks Internet Anonymity". Human Rights Watch. 2017-08-01. Retrieved 2017-08-01.
  21. "Официальное опубликование правовых актов ∙ Официальный интернет-портал правовой информации".
  22. "Russia: New Legislation Attacks Internet Anonymity". Human Rights Watch. 2017-08-01. Retrieved 2017-08-01.
  23. "Russia Asks For The Impossible With Its New Surveillance Laws". 2016-07-19. Retrieved 2016-08-10.
  24. "ФСБ избавила мессенджеры от сертификации средств шифрования по "закону Яровой"". Interfax.ru (in Russian). 2016-07-20. Retrieved 2017-07-20.
  25. "Russia: 'Big Brother' Law Harms Security, Rights". Human Rights Watch. 2016-07-12. Retrieved 2017-07-02.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.