Ministry of Digital Development Eases Data Transfer Rules for Corporate Subscribers

The Ministry of Digital Development has revised a draft government decree that sets the rules for telecom operators to provide subscriber data to help identify unauthorized (“gray”) SIM cards. According to Kommersant, which cites the document published by the ministry, the changes soften some of the previously proposed requirements.

Amendments to the Communications Law, adopted in December 2020 to regulate the circulation of gray SIM cards, require all new corporate clients of telecom operators to register SIM card users in the Unified Identification and Authentication System starting June 1. To monitor compliance, Roskomnadzor (the Russian communications regulator) can request data on calls, data transfers, subscriber locations relative to the nearest base stations, and more. Operators have criticized these requirements, arguing that they violate the confidentiality of communications. Initially, it was expected that operators would have to transfer all subscriber billing data to Roskomnadzor’s monitoring center. These requirements came into effect in early October of this year.

The new version of the draft decree states that Roskomnadzor can request billing data for a two-week period no more than once every six months. The list of data that the regulator can request remains unchanged, but the updated version stipulates that Roskomnadzor can only obtain certain information—such as the international subscriber identification number, the date and time services were provided, and the volume of data sent and received—by court order. However, Roskomnadzor can still request information about data transfers, calls, SMS, and geolocation without a court order.

The Ministry of Digital Development notes that work on the regulations will continue, emphasizing the importance of bringing order to the gray SIM card market, avoiding the collection of excessive data by operators, and ensuring the security of subscriber information.

A source at a major telecom operator insists that the regulator’s requirements are still excessive. “Roskomnadzor definitely doesn’t need this much information to combat gray SIM cards. Even law enforcement agencies don’t have access to this much data,” agrees Irina Levova, Director of Strategic Projects at the Internet Research Institute.

According to another operator, the new system will involve the transfer of data not only about corporate subscribers but also about individuals. The cost of creating such a system is estimated at 1–2 billion rubles for a large operator. Companies declined to provide official comments, and Roskomnadzor did not respond to the publication’s inquiry.

Source

Kommersant

Our Other Channels

• Our friends and partners