PrivacyRules local expert, Sergey Medvedev from Gorodissky & Partners, elaborates on the risks related to the non-compliance with the Russian data privacy law in these complex times.
You may wonder if the Russian data protection law must be complied with even during the Covid-19 times, the answer is yes! Beware that the Russian data protection law has been recently amended giving higher powers to the Russian IT Regulator (Roskomnadzor) which can now impose truly heavy fines against non-compliant companies. Worth noting, the Roskomnadzor can now start random inspections and, if the inspection reveals that a company is non-compliant, the Regulator can initiate an administrative proceeding before the competent Court without the need of a prosecutor.
The sanctions can be of civil, administrative or criminal nature. An example of a heavy sanction is the blockage of the website for an online business or an e-commerce company (which is what happened in the LinkedIn case). Furthermore, in certain cases fines are imposed on the basis of the number of the employees the sanctioned company has.
To know more about the risks related to the complexity of the Russian privacy regulations, watch this video and contact Sergey for guidance and advice!