Putin signs Runet law to cut Russia's internet off from rest of world

Russia's sovereign internet bill has been signed into law, giving authorities an easier way to block content.

Russia opens case against Facebook and Twitter over data-localization law Facebook and Twitter are in breach of laws requiring personal data to be kept on Russian soil, say the authorities.

In a couple of years, Russia will have the ability to safely disconnect its internet from the wider internet, according to a law signed Wednesday by President Vladimir Putin.

The sovereign 'Runet' law, which was introduced in December, is not popular. A poll a few days ago found only 23 percent of Russians support it. 

But it is now set to come into effect in November, with telecoms operators obliged to abide by its terms from the start of 2021.

The stated purpose of the law is to maintain the stability of the Russian internet and the services running over it, in case foreign aggressors try to cut it off the global whole. That action is something that has never been taken deliberately against any country, and remains highly unlikely.

SEE: Can Russian hackers be stopped? Here's why it might take 20 years (TechRepublic cover story) | Download the PDF version

To that end, Russia will need to build its own Domain Name System (DNS), and internet service providers will need to install special equipment – provided and paid for by the state at a reported cost of 20.8 billion rubles ($320m).

That equipment allows communications regulator Roskomnadzor to direct traffic through Russian exchange points only, at times when the Runet is seen as being under threat.

This centralized approach will also give Roskomnadzor an easier way to block unwanted content, rather than having to get ISPs to comply with its ever-expanding blacklist. Indeed, according to a report from the TASS news agency, ISPs using Roskomnadzor's equipment will no longer have to be responsible for blocking banned content, as the task will be handed over to the regulator.

Again, though, the idea is that Roskomnadzor will only assume this task when the Runet is being threatened. ISPs will also be able to ask to avoid directing certain traffic through Roskomnadzor's hardware. A cabinet of ministers will apparently determine in what cases this would be acceptable.

SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)

As far as civil liberties activists are concerned, the censorship aspects of this centralization drive are the real goal here, rather than countering the imagined threat of an outside force that wants to cut off the Russian internet. 

After all, Roskomnadzor's current blocking abilities are hampered by the ability of services to avoid compliance with Russia's strict online laws by using foreign servers – see Telegram's continued availability in the country despite having been banned, or virtual private network (VPN) providers' refusal to play ball with Roskomnadzor's blacklists.

However, the Russian government has denied that it wants to crack down on internet freedom through the Runet move, with the Kremlin insisting that the law is "designed to ensure [the] internet's viability amid potential aggressive steps in cyberspace against our country". That denial came in March, in response to protests by thousands of people who rallied in Moscow against the bill.

A report issued last month by RIPE NCC, the European regional Internet registry, stated that just three percent of Russian IPv4 traffic is routed outside the country. However, a third of IPv6 traffic seems to be routed through foreign exchange points.

More on Russia and the internet