Amendments Approved to Russia’s State Secrets Classification Rules

The Russian government has updated the “Rules for Assigning Information Constituting State Secrets to Various Levels of Secrecy,” significantly shortening the document. The corresponding decree (No. 1868 dated October 30, 2021) will take effect on January 1 of next year.

The rules for classifying information, in effect in Russia since 1995, were developed in accordance with the law “On State Secrets.” These regulations are intended for those responsible for compiling lists of information whose loss could threaten national security.

In the new version of the government document, the clause requiring government agencies, authorized state corporations (such as Rosatom and Roscosmos), and other holders of important data to follow the established secrecy ranking system has been removed. As a result, it is now unclear who is responsible for incorrect classification of information.

Explanations regarding the procedure for compiling, revising, and distributing lists of classified information have also been deleted. The provision describing how to assess the potential damage in the event of a leak has been removed as well.

Only a general recommendation for assigning secrecy labels remains:

“The level of secrecy of information constituting a state secret should correspond to the severity of the damage that may be caused to the security of the Russian Federation as a result of the dissemination of such information.”

Classification of Secret Documents

The classification of secret documents itself has remained almost unchanged:

• Top Secret Information – Information about military, foreign policy, economic, scientific-technical, intelligence, counterintelligence, and operational-investigative activities, the disclosure of which could harm the interests of the Russian Federation.
• Absolutely Secret Information – The same types of data, but in this case, a leak could harm the interests of a government agency or sector of the economy.
• Secret Information – All other state secrets, the disclosure of which would infringe upon the interests of an enterprise, institution, or organization of the above-mentioned profiles.

Impact on Information Security Measures

The level of secrecy is taken into account when evaluating information security tools (IST) for compliance with the requirements of Russian regulators—FSTEC and the FSB. For example, based on the level of control for the absence of undeclared capabilities (software code with unsafe functions), ISTs are divided into four groups. Three of these groups—TS (Top Secret), AS (Absolutely Secret), and S (Secret)—include tools intended for protecting information constituting state secrets.