Gartner News

Complying with Russia’s New Privacy Law

The majority of CIOs say the law will likely increase IT infrastructure costs.

As of September 1, organizations operating in Russia must comply with amendments to the privacy law to store personal data on local citizens in Russia. This legislation, which some have speculated could be a precursor to clamping down on foreign social networks, significantly effects a range of companies, and executives must be aware of its legal and financial implications.

CIOs Are Concerned but Confident
In the third quarter of 2015, Gartner conducted a survey of large foreign companies operating in Russia, which found that 42 percent of CIOs were unsure whether or not they could comply with the amendment on time. Some were also unclear on its provisions.

However, Russia’s federal executive body, Roskomnadzor, which is responsible for the field of communications, IT and mass media, provided guidance to businesses face-to-face and online. Roskomnadzor officials also stated that companies must have a master database of local citizen’s records stored in the country, but they are permitted to replicate this to data centers abroad.

“The survey found that almost a third of CIOs said the new law would negatively impact their business, due to higher costs for IT infrastructure, as well as a feared increase in audits and associated penalties for noncompliance (see Figure 1),” said Petr Gorodetskiy, senior research analyst at Gartner. “However, the majority of CIOs expected no changes to their business in Russia. The consensus was that major business processes would at least remain unaffected.”

Find out more about CIO’s Expectations and Impact of the Law on their Business on Smarter With Gartner website.
For more insight on this subject, including a breakdown of responses to the CIO survey, Gartner clients can read the research note, “Data Protection Law Amendment in Russia: A Business Opportunity for IT Providers?” To view the broader subject of privacy, read the Gartner report, “Hype Cycle for Privacy, 2015.”
You may also like
The IoT Effect: Opportunities and Challenges
Are You A Venture CIO?
How CIOs Need to Think About Top Talent
How CIOs Should Launch an IoT Product