The new Stable Runet law would give the Russian communications regulator, known as Roskomnadzor, broader powers to monitor network traffic and potentially provide a “kill switch” to disconnect Russia from the wider internet in the event of cyberattack. Essentially, the law is meant to help create a digital drawbridge between Russia and the rest of the world that the country can raise in an emergency.
While the Kremlin says the law is meant to increase security, many observers, especially human rights groups, have speculated it will further increase censorship initiatives from Putin’s government.
That’s because the law was proposed by the same group of lawmakers in Russia who recently passed a law criminalizing the spread of online news that disrespects the government, said Aleksandr Yampolskiy, CEO of network security rating company SecurityScorecard.
“First, they made the language very broad. If you operate a network in Russia, you are required to create a way to have government oversight of that information,” he said.
The law also lacks specifics, Yampolskiy said, an indication the Kremlin is building in some wiggle room for how exactly it will be enforced.
“The language is deliberately vague and broad, so that will also be something for [business] to consider, since it’s unclear what you are going to have to do to comply,” he said.
But it will probably become another tool to enforce positive messaging about Putin’s government, Yampolskiy said.
The law also doesn’t provide much information as to how it will be accomplished technologically, said Natalia Gulyaeva, head of the Moscow intellectual property, media and technology practice group for law firm Hogan Lovells.
“Theoretically, the law encompasses installing new equipment on data transfer points in order to secure functionality of [the] Russian part of Internet in case of any global shutdowns,” she said. “The authors of the law have not provided any comments on the technical side of the law.”