Russia’s Communications Ministry has drafted an order that would require Internet providers to install monitoring equipment to give the country’s security services — the FSB (Federal Security Bureau) — access to all traffic through their servers, Kommersant daily reported on Monday, Oct 21.
Russian Internet users immediately voiced their concern over the ministry’s initiative, fearing that it would lead to omnipresent government surveillance as described in Orwell’s famous novel, “1984.”
Experts, however, see no reason to panic, because Russian Internet providers have already been required to have such equipment to get a license. Under current law, Internet and telecommunications operators are required to provide information about their clients’ phone number and location to the security service, but they are not obliged to store this data.
According to Kommersant, Russian telecommunications company VimpelCom, which runs the Beeline brand, has sent a letter of complaint to the ministry, saying that the document violated the privacy provisions of the Russian Constitution.
They state that no mail, telephone or other communications may be monitored without a court order.
The Communication Ministry’s draft bill stipulates that, from July 1, 2014, all Internet providers should buy and install recording equipment that would store up to 12 hours of Internet traffic, with the direct access provided to the FSB.
Under the new project, all users’ account names on email services, IP addresses, phone numbers and the whereabouts of users of Skype, Google Voice and other VoIP services will fall under authorities’ control.
The move came just several days after the Russian government submitted amendments that would give the FSB the right to investigate and fight hacker attacks — events or actions “constituting threats to the information security” of the country.
The Communications Ministry tried to calm Russian Internet users, who went wild after the news hit the headlines. “The system is not a threat to a law abiding citizen, it only brings additional security,” the ministry said in a statement.
Russian President Vladimir Putin previously called data surveillance an acceptable measure if done within the law, adding that surveillance “is becoming a global phenomenon in the context of combating international terrorism,” and that, in Russia, “you cannot just go and tap into someone’s phone conversation without a warrant issued by court.”
Russia’s version of PRISM?
Russian tech-expert Eldar Murtazin says that Russian security services have had access to Russian Internet communications since 2008, when obligatory connection of servers’ dataflow to the FSB’s Operational-Investigative System was introduced.
“Now, the FSB simply upgrades the existing system in cooperation with Russia’s Communications Ministry. And, while the information volume is growing exponentially, FSB servers cannot handle the data stream,” Murtazin wrote in his personal blog.
This is why they want telecommunications companies to store all the data for 12 hours — so they can sideload it later. “They want to keep doing what they have been doing, spreading the workload to business,” wrote the expert.
Andrei Soldatov, an author of several books on Russian security services, says that the Russian surveillance system is more advanced than the NSA’s PRISM. “There has also been a massive increase in its activity recently, provoked in part by the Moscow opposition protests […] and by the changes in the political situation,” he told the Moscow News.
According to Soldatov, the surveillance system known as SORM — the Russian acronym for System for Operative Investigative Activities — was initially developed by the FSB’s predecessor, the KGB, in the mid-1980s, in order to monitor telephone traffic.
Later, SORM developed into three branches: SORM-1 monitors Internet traffic, SORM-2 wiretaps Internet communication, while SORM-3 collects information from all types of communication media.
The system is quite simple: After obtaining a court warrant, the FSB can order an Internet provider to buy, install and maintain a SORM device on its networks. Under current law, the FSB is not required to disclose any information about whom it is monitoring and why, or even show the warrant to the provider.
In the U.S., however, the government cannot avoid going through service providers, who act as middlemen.
Edward Snowden was not available for comment.