The Russian Ministry of Digital Development has updated the requirements for owners of communications networks that are obliged to ensure the operation of SORM systems, according to the Russian publication Kommersant, citing a new order issued by the ministry on 22 May.
Among the requirements is the expansion of the list of data that must be available for search and transfer to the requests of authorised bodies. This includes passport lists of subscribers, addresses, individual tax numbers, bank details, IP addresses, domains, logins and geo-coordinates.
The Insider writes that earlier operators were obliged to pass to law enforcement agencies only metadata and the content of messages and calls.
In addition, the document specifies the methods of data exchange. In particular, GraphQL query language will be used for more accurate data retrieval and WebSocket protocol will be used to ensure constant communication in real time.
The ministry told the publication that “the installation of such equipment is necessary to ensure security”.
Since April 1, the Russian FSB bodies can receive free of charge copies of databases or their parts from any organisations if the information is “necessary to ensure security, carry out operational and investigative activities or perform other duties stipulated by law”.