Russian Hosting Providers to Verify and Disclose Client Identities

The Russian Ministry of Digital Development has drafted a new regulation requiring hosting providers to verify the identities of their clients. This requirement will take effect on December 1, 2023.

Methods of Client Identification

According to the draft published on regulation.gov.ru, hosting providers can identify clients using one of the following four methods:

• Through the “Gosuslugi” infrastructure and the Unified Biometric System
• Using an enhanced qualified electronic signature (UKEP)
• By transferring funds from a bank account in Russia or other EAEU countries
• By providing documents in person

Required Documents

• Individuals: Must provide a passport or another identity document.
• Sole proprietors: Must provide a passport and an extract from the Unified State Register of Individual Entrepreneurs (EGRIP).
• Representatives of legal entities: Must provide an extract from the Unified State Register of Legal Entities (EGRUL) and a document confirming their authority to sign a contract with the hosting provider.

Background and Regulatory Changes

This tightening of regulations follows amendments to the federal laws “On Communications” and “On Information,” which were signed by President Putin on July 31. Under these amendments, Roskomnadzor will maintain a registry of hosting providers. Additionally, hosting providers will be required to cooperate with law enforcement agencies. The new rules also prohibit registering users on websites operating in Russia without using an electronic signature.