Tag: Russia

Moscow adds facial recognition to its network of surveillance cameras

2. October 2017

Moscow adds facial recognition to its network of 170.000 surveillance cameras across the city to be able to identify criminals and boost security, Bloomberg reports. The camera surveillance started in 2012. The recordings of the camera surveillance system have been held for five days after they are captured, with an amount of 20 million hours of video material stored at any one time. “We soon found it impossible to process such volumes of data by police officers alone,” Artem Ermolaev, who is Head of the Department of Information Technology in Moscow, said according to Bloomberg. “We needed an artificial intelligence to help find what we are looking for.”, he further said.

A Russian start-up, named N-Tech.Lab Ltd designed the facial recognition technology. The start-up is known for its mobile app FindFace which was released last year. With FindFace it is possible to search for users of the Russian social network VKontakte by making a picture of a person’s face and match it against the user profiles of VKontakte.

However, due to high costs the face recognition technology should not be deployed to every camera and therefore only be installed selectively within specific districts where it is needed the most. To maintain the camera surveillance, the Moscow government already should spend about $ 86 million a year and this amount would triple if every camera would use the new facial recognition technology.

The new technology is used to cross-reference images captured by the cameras with those from the Interior Ministry’s database.

Roskomnadzor publishes privacy guidelines for data operator

17. August 2017

The Russian data protection authority Roskomnadzor published guidelines for data operators on the drafting of privacy policies on July 31.

Russian data operators must adopt a privacy policy to comply with Russian data protection law. The policy must describe how they process of personal data. This policy shall be published online if personal data is collected online. In case of collecting personal data offline an unrestricted access to the policy has to be guaranteed.

The policy shall be detailed so that data subjects are aware of all potential actions.

According to the guidance the policy must contain in general the following information:

  • main purpose of the policy and definitions used in the policy
  • main rights and obligations of the data operator and data subjects,
  • purposes for personal data processing,
  • legal grounds for personal data processing
  • volume and categories of personal data processed. For each category of data subjects, Roskomnadzor recommends that a company list all the personal data it collects and processes tied to specific purposes and indicate all cases of processing special categories of personal data or biometric data,
  • procedures and conditions for personal data processing,
  • procedures for updating, correcting, deleting, or destroying personal data and
  • procedures for responding to data subjects’ requests.

In addition the guideline regulates the case of sharing personal data with third parties. The data operator has to explain the taken measures to protect personal data and beside the purpose of sharing, the volume of personal data to be transferred, the data use restrictions and security measures. Furthermore the name and the address of the the third party need to be published in the policy.

Finally it shall be mentioned that the guidance is recommendatory nature and non-binding. Nonetheless data operators should strongly take these recommendations into account if they develop new privacy policies to be compliant with the Personal Data Law.

LinkedIn was banned in Russia

27. January 2017

The Russian data protection authority “Roskomnadzor” sent on November, 17 2016 an order to the telecommunication companies to block access to LinkedIn within Russia. The reason for this step was, according to Roskomnadzor, that LinkedIn does not protect subjects’ data rights in a way that complies with the Russian data protection law.

The order of Roskomnadzor refers to a Moscow District court decision from August, 4 2016.

The case of LinkedIn is the first major test of the Russian law, which is on effect since September, 1 2015.

Roskomnadzor judges, that LinkedIn not only violates against the data localization requirement furthermore LinkedIn also violates a number of other requirements such as collecting personal data from non-users without their consent before they complete the registration process.

Now LinkedIn can take action against this decision within the six-month period to the Moscow Court and then appeal to the Russian Supreme Court. However, LinkedIn has not announced its intentions yet.