Why "Spring Package" will forever change the fate of the Russian Internet

On Friday, 24 June, the State Duma in the second and third reading of the resonant anti-terrorism package of bills deputy Irina Spring and Senator Viktor Ozerov. Russian Internet companies have already pointed out that the adoption of laws jeopardize their business and limit the freedom of the network. "To Lenta.ru" explains why the "Spring Package" does not help in the fight against terrorism, but will forever change the fate of the Russian Internet.

What is offered Spring and Lake

In "Spring Package" contains a number of proposals to combat extremism and terrorism in the network. In particular, it is proposed to strengthen the responsibility for his advocacy - justification of terrorist acts or appeal to them is supposed to be punished with imprisonment up to seven years.

But the most resonant amendments directly related to Russian Internet companies. The text of the bill they are called "the organizers of the dissemination of information on the network," so that by the "Spring Package" potentially get news portals, email services, social networks, instant messenger, forums and even online stores. All of them will be obliged to retain any information about the transmission and processing of text messages, images, audio files and video users. Special services will be able to gain access to this data, if it is required to investigate or state security.

In addition, companies will be obliged to give state agencies the tools to decrypt protected services. It will also affect owners of sites that use HTTPS Internet protocol. In case of failure they face fines of up to one million rubles.

Proposed laws require that operators within six months kept a record of all calls of subscribers, and information about their incoming and outgoing calls were available for special services for three years. Moreover, the bill does not regulate the procedure for the storage of the data. Operators also need to authenticate user identity within 15 days.

How much is it

Russian companies will make at his own expense to install all the necessary equipment and hire a data center for data storage. This will require huge expenditures primarily from mobile operators who are forced for months to keep records of all incoming and outgoing calls. In the "Megaphone" costs estimated at 20.8 billion dollars, "VimpelCom" - at $ 18 billion, and MTS - to 22.7 billion dollars. And for all of 2015 the "big three" and Tele2 earned 17.8 billion dollars.

Sounding the alarm and Internet companies. At Mail.Ru Group considered that the installation of the equipment they have to spend up to $ 2 billion, the annual cost of its support to make another 80-100 million. Revenue Mail.Ru for 2015 - 592 million dollars.

Internet Ombudsman Dmitry Marinichev explicitly stated that on Friday, the State Duma will consider the "death sentence to the Russian telecom."

Try whether Internet companies to prevent the adoption of the law

Yes. Russian Association of Electronic Communications (RAEC), which includes more than 200 Russian Internet companies, has filed a presidential aide Igor Shchegolev, Minister of Communications Nikolay Nikiforov, the Speaker of the Federation Council Valentina Matvienko and head of the Duma Committee on Information Policy Leonid letter to Levin with a request to prevent the adoption of the "package Spring".

The RAEC rightly believe that the bill would lead to an invasion of the privacy of citizens. They will be deprived of the right to privacy of correspondence, all their actions in social networks and conversations will be recorded and stored for six months at the company servers.

In addition, the anti-terrorism package would jeopardize the national security of Russia. Hackers and foreign intelligence agencies theoretically be able to get access to the stored encryption keys from the state of the protected services. The same argument in May 2015 negated the attempts by the US President Barack Obama to make Apple, Google and Microsoft to provide the FBI and the CIA access to encrypted data.

Because of the huge costs for the rental of servers and the installation of Internet equipment companies and mobile operators will reduce investment in many promising projects. And this is including the expansion of 4G networks and the introduction of 5G, increasing the speed of the Internet and development of the "Internet of Things", not to mention the research in the field of artificial intelligence and neural networks.

In addition, equipment for data storage will be mainly purchased abroad since it in Russia today or not, or it is inferior to Western counterparts. This will increase Russia's dependence on foreign companies like IBM, Cisco and Huawei, which directly contradicts the policy of import substitution. In addition, information security can provide a large market players, and small can easily become victims of hacking and data users enter the network.

A foreign company may well refuse to enforce the law or to limit its presence on the market. The Russians will be deprived of access to new options, Google and Facebook, timely updates iOS and Android, as well as many other emerging technologies. This will lead to an overall degradation of the Russian Internet industry.

Is "Spring Package" will help to combat terrorism on the Internet

It is a very controversial issue. The massive collection and processing of information are really able to help identify potential terrorists and extremists. A similar program metadata analysis in the United States, according to the FBI alleged that the CIA and the NSA, really helped prevent many terrorist attacks, although subjected to severe criticism after revelations of Edward Snowden. However, the Americans have spent on its implementation of the billions of dollars, as well as offset the costs involved in the project of Internet companies, including Google, Facebook and Microsoft.

On the other hand, the world is expanding encrypted traffic, and Russia is no exception. The head of Roskomnadzor, Alexander Zharov estimates its share of 15-20 percent, but the same Google claims that it has in Russia to HTTPS encrypted protocol accounts for up to 81 percent of traffic, and Rostelecom, the figure is 50 percent.

When using HTTPS forwarded all materials can be seen online service, for example, the administration "VKontakte", but are not available provider. In some cases, you can only read the conversation is going online session, ie the user is online. Once the session is terminated, the encryption key is deleted automatically. This makes storage meaningless, because now they still can not decipher.

At the same time, terrorists prefer to use secure services, including messenger Telegram. There are information channels banned in Russian terrorist group "Islamic State", which is conducted through the propaganda of extremist ideas and recruiting new fighters. According to reports, crack Telegram is not yet possible, and its founder Pavel Durov strongly opposed to cooperation with the secret services.

Do not give out user data and encryption through recently included WhatsApp and Viber messaging services, and programs such as FireChat even when forwarding a message can go without standard network operators. All these companies are likely to simply ignore the notification million fine for non-compliance of Russian legislation, because they are registered in other countries and, with the exception of Viber, do not have a server in Russia. Similarly, go and Facebook, stores data of Russians to their European and American servers.

Is it possible to block the services are not subject to Russian law

It is theoretically possible. In 2015, Chinese and Iranian authorities have tried to limit the Telegram and achieved some success in this. The Celestial Messenger worked in several provinces and central cities, and Iranian intelligence services were able to track down to 30-50 per cent of its traffic. However, after Tehran denied the report and copied to all open Internet cable.

However, this lock requires constant monitoring and powerful operating resources. In China and Iran limitation operation of certain services - a common practice, and the state annually allocates to it a lot of money. In China more than 10 years, operates a unique system of "Golden Shield", able to monitor and VPN-anonymizer services.

In Russia, there is practically no experience tracking encrypted traffic of mobile applications, and the same Roskomnadzor blocks sites only domain. Moreover, to restrict access to secure messenger is necessary to develop the legislative framework, which today is simply absent.

But even if domestic intelligence services and be able to restrict access to the Telegram and WhatsApp, then the terrorists will surely find other ways of communication. For example, the Tor network hack that is not able to do even the US government.