Home / Doing business in Russia 2020 / Personal data protection / General approach
Doing business in Russia 2020
  1. Introduction
    1. Political and administrative structure
    2. Legal environment
  2. Common forms of business structures for foreign investors
    1. Main types of structure
    2. Registration, liquidation and reorganisation of business structures
    3. Shareholders’ and participants’ agreements
    4. Strategic industries
  3. Anti-monopoly issues
    1. General legal and regulatory framework
    2. Scope of application of the Competition Law
    3. Anti-competitive practices and restriction of competition
    4. Liability
  4. Tax system
    1. General approach
    2. Corporate taxation
    3. Incentives
    4. Special tax regimes
    5. Taxation of individuals
    6. Double taxation treaties
  5. Customs regulations
    1. General approach
    2. Trade between EEU and non-EEU countries
    3. Mutual trade between the EEU members
  6. Currency control
    1. Foreign currency transactions
    2. Consequences of breach/Penalties
  7. Lending in Russia
    1. Lending documents and governing law
    2. Jurisdiction
    3. International finance transactions and repatriation requirements
    4. Security interests
    5. Recognition of security trusts
    6. Syndicated loans
    7. Enforcement
    8. Suretyships and guarantees
    9. Bankruptcy considerations
    10. Other lending related issues
  8. Employment and migration
    1. Formalising the employment relationship
    2. Managing employment relationships
    3. Terminating an employment agreement
    4. Specifics of employing foreign nationals
  9. Personal data protection
    1. General approach
    2. Scope of the Data Protection Law
    3. Liability
    4. Right to be forgotten
  10. Intellectual property
    1. General approach
    2. Contractual aspects of intellectual property rights
    3. Rights over the results of intellectual activity
    4. Company names, trade names, trademarks and appellations of origin
    5. Intellectual property rights infringements
    6. IP Court
  11. Advertising issues
    1. General approach
    2. Scope of application of the Advertising Law
    3. Violations of the Advertising Law
    4. Liability
  12. Anti-corruption and compliance
    1. General approach
    2. Legal framework
    3. Compliance requirements for companies
    4. Concept of corruption in Russian law
    5. Possible targets of bribery
    6. Liability and penalties for corruption
    7. Example of sector-specific anti-corruption measures
  13. Real estate and construction
    1. Rights to real estate
    2. Real estate transactions
    3. Resolution of real estate disputes
    4. Planning and construction issues
  14. Corporate bankruptcy
    1. Insolvency criteria
    2. Stages of bankruptcy proceedings
  15. Import substitution and production localisation in Russia
    1. Measures affecting goods importation and current import substitution legislation
    2. Localisation incentives
    3. Sector-specific impact of import restrictions and localisation requirements
  16. Banking sector
    1. Legislative and regulatory framework
    2. Licensing and operations
    3. Deposit insurance
    4. The anti-money laundering law
    5. Bank secrecy
    6. FATCA and CRS
  17. Environment, energy efficiency and renewables
    1. Environment
    2. Energy efficiency
    3. Renewables
  18. Infrastructure and public private partnerships
    1. General approach
    2. Key PPP legislation
    3. Russian PPP environment
    4. Financing
    5. Legal issues
    6. Prospects for infrastructure projects
  19. Oil & gas
    1. Legislative framework
    2. Ownership and licensing
    3. Restrictions on foreign investors
    4. Licences
    5. PSAs

Personal data protection

 

General approach
Scope of the Data Protection Law
Liability
Right to be forgotten

Key contacts

Contact
Anton Bankovskiy
Anton Bankovskiy
Partner
Head of Intellectual Property
T +7 495 786 40 63

Expertise

Intellectual Property TMT – Technology, Media & Telecommunications

General approach

Legal and regulatory framework

Federal Law No. 152-FZ “On Personal Data” (the “Data Protection Law”) was adopted in July 2006. A number of its provisions are based on the 1981 Strasbourg Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (the “Strasbourg Convention”) that Russia signed on 7 November 2001.

The Data Protection Law provides a framework that is complemented by a number of regulations of the Russian Government and governmental authorities as well as certain provisions of Russian labour and administrative law.

Key developments

In 2015, the Data Protection Law was amended with a personal data localisation requirement, according to which personal data of Russian citizens must be stored on servers physically located in Russia. In 2019, significant fines for violation of this requirement were introduced in addition to the previous sanctions which include blocking access to the infringer’s website.

In 2017, administrative fines for violation of personal data law requirements were substantially increased.

In 2018, Russia signed an Amending Protocol updating the Council of Europe Convention No. 108 for the Protection of Individuals with regard to Automatic Processing of Personal Data. The national data protection law is expected to be amended in order to comply with this Protocol. For example, an obligation on data controllers to notify the data protection authority and data subjects of any personal data breach, as well as the concept of genetic data as a new category of sensitive personal data, should be introduced in Russian law. At this stage, the law ratifying the Amending Protocol has not yet been adopted.

Supervisory authority

The authority in charge of personal data protection in Russia is the Federal Service for Supervision of Communications, Information Technology and Mass Media (“Roskomnadzor”).

Key contacts

Anton Bankovskiy
Anton Bankovskiy
Partner
Head of Intellectual Property
T +7 495 786 40 63

Expertise

Intellectual Property