Does Russia have data protection laws?

152-FZ on Personal Data dated 27 July 2006 (the PD Law) is the key law governing data protection in Russia. It was adopted in 2005 following the ratification of the Convention of the Council of Europe for the Protection of Individuals with regard to Automatic Processing of Personal Data (the Strasbourg Convention).

Does GDPR cover Russia?

The GDPR covers companies operating in the 28 EU countries, as well as any business regardless of its location. Russian businesses must understand that complying with domestic law does not automatically ensure compliance with the GDPR, as the EU legislation includes a number of new processes and requirements.

Which countries have data residency requirements?

Dozens of countries have enacted data localization/residency rules. They include China, Israel, Switzerland, Turkey, Belgium, Brazil, South Korea, South Africa, Argentina, Mexico, Uruguay, India, Malayasia, and Singapore.

Is Russia subject to GDPR?

The General Data Protection Regulation (Regulation (EU) 2016/679) (‘GDPR’) formally enters into effect on 25 May 2018. Although the GDPR will not have a direct effect on Russia, as a non-EU Member State, it will impact the operations of multinational business in Russia and Russian businesses abroad.

When did the Russia data residency law come into effect?

One such law that we responded to with rapid pace was the Russia Data Privacy Legislation (RPDL), which came into effect in September 2015. What is the Russia Data Residency Law? Russia Data Privacy Legislation requires companies with employees in Russia to manage master personal information related to their employees in a Russian Data Center.

What is the law on personal data in Russia?

Compliance with the Russian law on personal data. Requirements governing personal data processing were formulated in Russian law as far back as 2006. Since then the legislation has undergone various changes, with the most well-known probably being the requirement to “localise” the personal data of Russian citizens.

Do you need to enable data residency in Russia?

Data Residency feature is not required to be enabled for the customers who have their global instance in Russia (DC18). Because the personal data of the Russian employees will be directly stored in the global instance which is located in Russia that makes compliant with Russian data privacy law”.

Is it against the law to update data in Russia?

Yet, Russian data residency law does not prohibit further processing of Russians’ personal data abroad, if this data was previously included in a Russian database and is updated there as necessary.