The Russian data protection authority, Roscomnadzor, has given major U.S. technology companies extra time to comply with the Russian data localization law.
The law, which went into effect on September 1, 2015, requires companies to store and
Russia’s data protection authority, Roscomnadzor, has held a number of meetings with business associations to respond to the wave of questions that have arisen about the interpretation and application of Russia’s personal data localization law.
The law, which enters into force on September 1, 2015, requires that an operator, while collecting personal data, ensures the recording, systematization, accumulation, storage, rectification (update, change) and extraction of Russian citizens’ personal data using databases located in Russia. The meetings sought to address at least two key concerns — whether data stored locally could also be transferred outside of Russia, and the reach of the law’s jurisdiction.
According to news reports in Russia, the Russian Federation’s data protection authority – Roscomnadzor – may be targeting Western companies for enforcement action. What appears to be the first enforcement action of this kind is directed at Twitter.
At