Russia's Federal Service for Supervision of Communications, Information Technology and Mass Media, the Roskomnadzor, summarized recent changes adopted for the Federal Law on Personal Data will take effect Sept. 1. The updates include required data breach notification and language to prohibit contractual data processing that includes conditions to restrict data subject rights. The Roskomnadzor also proposed future amendments to create a stiffer penalty and liability scheme around data breaches.Fu... Read More

A Russian-linked ransomware group stole more than a terabyte of Costa Rican government data, Tech Monitor reports. Conti took credit for the attack, which targeted six Costa Rican governmental departments, including tax and customs administration and finance ministry. Conti demanded a $10 million payment by April 23. Following Costa Rica’s refusal to pay, the group claimed to release 80% of the stolen data on the dark web. The Costa Rican government website has been down since the attack took pl... Read More

The city of Moscow launched "Face Pay," a facial recognition fare system for their network of more than 240 metro stations in the city, Reuters reports. "Moscow is the first city in the world where this system is operating on such a scale," Maxim Liksutov, head of the the city's transport department, said. The Moscow metro system serves a population of 12.7 million people in Moscow. Using "Face Pay" as a way to pay your fare is not required, Liksutov added, and the previous payment methods will ... Read More

ZDNet reports U.K. and U.S. intelligence agencies accused hackers from a Russian foreign intelligence service of executing various cyberattacks, including the SolarWinds data breach. In the U.S., the accusation was included in a joint advisory from the National Security Agency, Cybersecurity and Infrastructure Security Agency, and Federal Bureau of Investigation, also noting five ongoing system vulnerabilities that need patching. The U.K. National Cyber Security Centre issued its own claim placi... Read More

According to the Country Commercial Guide of the U.S. International Trade Administration, Russia is the sixth-largest economy globally, and its gross domestic product purchasing power parity is USD 4.016 trillion. The country has more than 140 million people with growing purchasing power that demand well-known global brands and quality service. All these factors make Russia a strategic market for different international companies.  Russian legislation evolves rapidly, and the personal data laws... Read More

Russian law mandates data controllers store and update data collected from Russian citizens using Russian servers. Not only is this obligation technically complicated and often costly from the business perspective, but it is also a headache for the data protection officer. After all, keeping a portion of your user database located outside of the EU in a country that is not deemed adequate under Article 45 of the EU General Data Protection Regulation may conflict with data minimization and may ne... Read More