Photo via Paul L Dineen (CC-BY)
A massive surveillance bill is now on its way to becoming law in Russia.
The "anti-terrorism" legislation includes a vast data-eavesdropping and -retention program so that telecom and internet companies have to record and store all customer communications for six months, potentially at a multitrillion-dollar cost.
Additionally, all internet firms have to provide mandatory backdoor access into encrypted communications for the FSB, the Russian intelligence agency and successor to the KGB.
The bill, with support from the ruling United Russia party, passed Friday in the Duma, Russia's lower legislative house, with 277 votes for, 148 against, and one abstaining. It now moves to Russia's Federal Council and the Kremlin, where it's expected to pass into law.
Any internet service that supports encryption—apps like WhatsApp, Viber, and Telegram were specifically called out by legislators, but the law will extend to the entire Russian internet—will have to give the FSB access any message they ask to see. Fines for noncompliance can go as high as 1 million rubles, or $15,000.
The "anti-terrorism" bill extends beyond just encryption.
Rules about incitement to terrorism on social media have been tightened, and the prison term facing offenders will be seven years. The act of not informing authorities about a crime like terrorism or rebellion will itself become a criminal offense, with a potential sentence of up to one year in prison. You soon won't be allowed to preach the tenets of religion without a state permit.
In addition to keeping all call and message records for six months, internet firms will have to store all communications metadata for a year while telecom companies will have to do it for three years.
The vast majority of technologists argue that special access backdoors into encrypted data weakens cybersecurity, leaving that data vulnerable to hackers around the world.