posted on Jul 08, 2014 by Mike Smart
Tags: Cloud/Utility Computing, Network Management, Data Center Outsourcing, Web Hosting, Application Hosting
The Russian parliament has passed a law to require internet companies to store the personal data of Russia users inside the country’s borders.
Although the bill has passed through the Duma, it still needs to be pass in the Federation Council of Russia and President Vladimir Putin before it comes into effect. If put into law, all internet companies operating in Russia will be required to store the personal data of Russian citizens within Russia’s borders by September 2016.
This decision by the Russian parliament to put pressure on internet companies follows recent stories and whistleblowing about NSA spying and data seizures. This is not the first time Russia’s isolationist nature in regards to the internet has affected users within the country, for example blocking sites that offer news labelled as extremist and requiring internet writers with more than 3,000 daily visitors to register with the government. In the latter case, only those writers whose pieces are hosted within Russia are susceptible under the law. The new law would require blogs and social media to be hosted within the country; an open internet would not be able to operate without strict enforcement.
The data center outsourcing market in Russia is immature. NelsonHall estimates the data center outsourcing market size in Eastern Europe is less than 20% of that of the U.K. despite having almost 50% more internet users.
Clients looking to remain with their current data center supplier will put pressure on vendors to expand their operations within Russia if the cost of expansion is viable. Vendors slow to take up operations in Russia will lose out to those that can support operations, i.e. the larger IT infrastructure vendors who already have Russian operations/partners or Russian centric suppliers.
This is not the first time regulations have forced a number of vendors to expand their data center operations. For example, the German Federal Data Protection Act (FDPA) forced some cloud providers to operate German data centers for storage of some personal information. The subtle difference between the German and Russian attempts to force center location is built on cause: in the case of Germany the law was conceived to help quash data privacy concerns; with Russia it can be seen as data control.