The Sovereign Runet and the Great Chinese Firewall: a comparative legal analysis
Instagram Facebook and social media platforms, including the sale of products, are prohibited on the territory of the Russian Federation on the grounds of extremist activity.
A legal entity registered in the Republic of Latvia, SIA "Medusa Project" (registration number 40103797863, registration date 06/10/2014) is an organization represented in Russia by a foreign agent.
The paper provides a comparative analysis of the development of legal regulation of the Internet information and telecommunications network in the Russian Federation and the legal formation of the Golden Shield project in the People's Republic of China. The peculiarities of observing and restricting the rights of citizens to freedom of thought and speech are studied, the normative legal acts of Russia for the period from 2010 to 2021 regulating the duties of telecom operators, the rights and obligations of network users are analyzed, a similar overview of Chinese legislation is given. There is a certain similarity in the texts and meanings of legal acts of Russia and China in the field of cybersecurity. It is concluded that it is impossible to form a closed Internet on the territory of the Russian Federation.
Keywords: Internet, legal regulation of the Runet, sovereign Runet, Great Chinese firewall, "Golden Shield".
On November 1, 2019, Federal Law No. 90-FZ of May 1, 2019 "On Amendments to the Federal Law "On Communications" and the Federal Law "On Information, Information Technologies and Information Protection" came into force, which was also called "On the Sovereign Runet" in the media (hereinafter - The law).
In the two years since the adoption of the Law, concerns have been repeatedly expressed in the media related to the creation of a closed Russian Internet disconnected from the world Wide web, and analogies have been drawn with the Great Chinese Firewall and other representatives of the Asian model of the functioning of a local network on the territory of the state <1>. In this regard, it is interesting to analyze the history of the emergence and development of the Chinese model of restricting access to information, as well as to compare the legal justification for such restrictions on the territory of the Russian Federation and in the People's Republic of China.
--------------------------------
<1> Russia will be disconnected from the Internet by the end of 2021 // Federal online publication "Capital of the country".
The issue of restricting access to information is regulated by Article 9 of the Federal Law No. 149-FZ dated July 27, 2006 "On Information, Information Technologies and Information Protection". The procedure for identifying information resources in order to take measures to restrict access to information resources, requirements for methods (methods) of restricting such access, as well as requirements for posted information on restricting access to information resources are determined by the Federal Service for Supervision of Communications, Information Technology and Mass Communications (hereinafter - Roskomnadzor). At the same time, there is a wide list of restricted information that a citizen cannot get acquainted with without having a separate right to do so. Such information includes information containing state and commercial secrets, personal data, investigative secrets, tax, banking, medical secrets, and many others, according to the List of regulatory acts that classify information as restricted access <2>.
--------------------------------
<2> Background information: A list of regulations that classify information as restricted access.
It is also necessary to pay attention to the fact that, despite the existence in the Russian legal field of the wording "information the dissemination of which is prohibited in the Russian Federation", there is no single exhaustive list of such categories of information, fixed by a normative legal act. The final version is set out in clause 5 of Article 15.1 of Federal Law No. 149-FZ of June 27, 2006 and is supplemented by another resolution.
In 2007, the Federal List of Extremist Materials (FSEM) was published, updated by the Ministry of Justice of Russia on the basis of court decisions recognizing the materials as extremist, i.e. encroaching on the violent change of the foundations of the constitutional system, violation of the territorial integrity of the country, containing public justification of terrorism, incitement of social, racial, national or religious discord, etc. <3>. Initially, the FSEM consisted of 14 items: leaflets, books, videos, later articles, materials, and quotes from the Internet began to get there, and as of August 29, 2021, the list contains 5,193 items.
--------------------------------
<3> Federal Law No. 114-FZ of July 25, 2002 "On Amendments to the Constitution of the Russian Federation".
Federal Law No. 187-FZ of July 2, 2013 "On Amendments to Legislative Acts of the Russian Federation on the Protection of Intellectual Property Rights in Information and Telecommunications Networks", also known as the "Anti-Piracy Law" and "Russian Sopa" (by analogy with the American anti-piracy law on the Internet), allowed blocking sites containing unlicensed content, at the request of the copyright holder. One of the results of the adoption of the bill in the first reading was the mass deletion and renaming of music tracks on the VKontakte social network.
On September 1, 2014, Federal Law No. 242-FZ of July 21, 2014 "On Amendments to Certain Legislative Acts of the Russian Federation in Terms of Clarifying the Procedure for Processing Personal Data in Information and Telecommunications Networks" began to take effect, obliging foreign companies collecting, processing and storing personal data of Russians to do so in the data-centers on the territory of Russia. For example, Google, Apple, Twitter, Samsung, Lenovo, AliExpress, eBay, PayPal, Uber, Booking.com and many others. Failure to transfer data will result in a large fine and blocking of the resource.
The year 2016 was marked by the adoption of two Federal Laws: dated July 6, 2016, No. 374-FZ "On Amendments to the Federal Law "On Countering Terrorism" and Certain Legislative Acts of the Russian Federation regarding the establishment of additional measures to counter terrorism and ensure public safety" and dated July 6, 2016. No. 375-FZ "On Amendments to the Criminal Code of the Russian Federation and the Code of Criminal Procedure of the Russian Federation regarding the Establishment of additional measures to Counter Terrorism and Ensure Public Safety", also known as the "Yarovaya package", which oblige telecom operators and Internet companies to store the contents of calls for six months from July 1, 2018 and user correspondence, so that law enforcement agencies can get access to them. The law forced operators and Internet companies to significantly increase the capacity of their data centers; Internet services engaged in encrypting information transmitted by users (for example, WhatsApp messengers, telegrams, Viber, ICQ, etc.) must provide, at the request of government agencies, appropriate tools for decoding user correspondence (the beginning of a well-known trial in the future about blocking the Telegram messenger due to refusal to provide the FSB with encryption keys). It is impossible not to pay attention to the contradiction of these laws of art. 23 and 24 of the Constitution of the Russian Federation, guaranteeing the inviolability of private life, the secrecy of correspondence, restrictions on the collection, storage and dissemination of information about a person's private life, even if this information is transmitted by telecom operators to authorized state bodies engaged in operational investigative activities "in cases established by federal laws" <4>.
--------------------------------
<4> Federal Law No. 374-FZ of July 6, 2016 "On Amendments to the Federal Law "On Countering Terrorism" and Certain Legislative Acts of the Russian Federation regarding the establishment of additional measures to counter terrorism and ensure public safety."
2017 was marked by an extensive report by the international human rights group Agora on Internet freedom in Russia. Thus, according to the report, 115,706 separate facts of restriction of freedom on the Internet were recorded in 2017. 110 thousand of them are related to blocking, filtering or banning information for various reasons <5>, regardless of the legality of the blocking.
--------------------------------
<5> Agora. Internet Freedom 2017: Creeping criminalization.
As we can see, over 13 years of active regulation of Internet activities, the Russian Federation has made significant progress on the path from virtually complete lack of regulation to almost universal interference in the work of telecom operators and owners of Internet resources. Many normative legal acts, some of which we have reviewed, are controversial from the point of view of respect for human and civil rights and freedoms, material support for their implementation and common sense, and can also be regarded as milestones on the way to complete censorship of the Internet space in the country.
Thus, according to the non-governmental organization Freedom House, the Russian Federation in the rankings of countries in terms of freedom on the Internet has moved from 11th place and the status of "Partially free" in 2009 to 58th place and the status of "Not free" in 2021. <6>. In the 70th place in 2021, the People's Republic of China is paying the price - as "the most evil dictator of Internet freedom in the world." Moreover, in fact, it refers to the state legal instrument that is used to determine the state affiliation in the Kyrgyz Republic of the so-called "golden" project in the field of electronic government "Zolotoyit", with which the draft law "On the sovereign Runet" was compared in 2019 <7>.
--------------------------------
<6> Freedom on the web 2021. The global desire to control big technologies // Freedom House. 2021.
<7> The Great Russian Firewall: how Russia is moving towards the Chinese model of Internet control // Blogplatform TJ. 09.09.2021.; The sovereign Internet was not invented in Russia. The experience of China and Iran // Russian news service BBC NEWS. 12.02.2019.
The Constitution of the People's Republic of China does not enshrine the "right to information" as such, as is done in the Constitution of the Russian Federation. Instead, the following constitutional and legal norms are prescribed:
"Article 35. Citizens of the People's Republic of China have freedom of speech, press, assembly, unions, street marches and demonstrations.
Article 40. The freedom and secrecy of correspondence of citizens of the People's Republic of China is protected by law." <8>
--------------------------------
<8> The Constitution of the People's Republic of China (adopted on 04.12.1982).
In the Constitution of the People's Republic of China, the right to information is significantly limited: freedom of speech and the press and the secrecy of correspondence.
Researchers point to a certain rigidity of the Chinese Communist Party in the implementation of the right of citizens to freedom of speech and related information policy and management of the Internet. Thus, Milton L. Mueller notes: "Both the telecommunications infrastructure and the services that operate on top of it are subject to strict licensing, restrictions, as well as direct censorship and repression."
--------------------------------
<9> Mueller M.L. China and Global Internet Governance: a tiger by the tail // Access contested. Security, Identity, and Resistance in Asian Cyberspace / R. Deibert, J. Palfrey, R. Rohozinski, J. Zittrain. The MIT Press, 2012. P. 178.
In this context, it will be interesting to study the Golden Shield project (also mistakenly called the "Great Chinese Firewall", which is only part of the project), an Internet content filtering system in China. The fundamental project of building a nationwide network security "Golden Shield" was initiated by the Central Commission for Cyberspace Affairs of the People's Republic of China <10> and includes information systems for security management, management of entry and exit processes, a management system and a traffic management system.
--------------------------------
<10> Sonali Chandel, Zang Jingji, Yu Yunnan, Sun Jingyao, Zhang Zhipeng. The Golden Shield Project of China: A Decade Later // An in-depth study of the Great Firewall: International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC). 2019.
The emergence of the "Golden Shield" is associated with the development of a socialist market economy and the opening of the Chinese market to foreign investors. At the same time, the Chinese Communist Party feared the penetration of "other undesirable ideologies" into the country along with foreigners <11>. In 1998, the Golden Shield project was initiated, containing an integrated, multi-level system, including technical, administrative divisions, public and national security services, advertising and many other divisions. The Golden Shield was launched nationwide in 2003, and the final work on the project was completed in 2008
. --------------------------------
<11> MacKinnon R. Flatter world and thicker walls? Blogs, censorship and civic discourse in China // Public Choice. 2008. N 134. P. 31 - 46.
Within the framework of the project:
access to a number of foreign sites is limited;
Websites based in China cannot link to and publish news taken from foreign news sites or media outlets without special approval;
Web pages are filtered by keywords related to state security, as well as by a blacklist of site addresses.
Instagram Facebook, YouTube, Wikipedia, Netflix, Instagram, Amazon, WhatsApp, and many others are among the banned sites blocked in the territory of the People's Republic of China.
The regulatory regulation of the existence of the "Great Chinese Firewall" has been developed for twenty years and covers dozens of legal acts. So, based on the publications of V.V. Kulazhnikov, O.N. Glazunov, V.V. Avdeenko, as well as having conducted an independent study, we have established more than 30 acts as legal support for the functioning of the project, among which:
1. 1994: Regulation "On the protection of computer and information systems".
2. The Regulation "On the protection of the security of the international network, computer and information networks of public use".
3. 2016: The Law of the People's Republic of China on Internet Security.
4. 2020: Regulation on the protection of personal information of users and the Internet.
5. 2021: General rules for censorship of the content of online audiovisual programs, etc. <12>.
--------------------------------
<12> Kulazhnikov V.V. Regulatory and legal and technological support of information security of the People's Republic of China // Education and Law. 2019. N 7. pp. 24-30.
The final point in the formation of the "Chinese Internet" was set by the acts of 2015-2016, including the Anti-Terrorism Law of the People's Republic of China, which emphasizes the need to strengthen the protection of national IT systems and establish a sovereign cyberspace. Thus, according to Article 18 of this law, Internet service providers were required to provide encryption keys for the investigation and prevention of terrorist activities; implement network security surveillance systems, monitor and delete information that may be considered terrorism-related; identify the identity of customers <13>. This was followed by the Cybersecurity Law of 2016, which obliged Internet service providers to store information about users, correspondence, videos and photos, personal data for six months, monitor all published information to prevent terrorist acts, and called for voluntary participation in the system of protection of critical information infrastructure <14>.
--------------------------------
<13> Anti-Terrorism Law of the People's Republic of China (Adopted at the 18th Session of the Standing Committee of the 12th National People's Congress on December 27, 2015).
<14> Cybersecurity Law of the People's Republic of China (adopted at the 24th Session of the Standing Committee of the 12th National People's Congress of the People's Republic of China on 7 November 2016).
Thus, a full-fledged legal system has been formed in the field of protection of computer and information networks. It should be noted that many normative legal acts adopted by the Russian Federation in the last 2-3 years are extremely consonant with those already adopted in the PRC, for example: the regulation "On registration of domain names of the Chinese part of the Internet" and the Regulation on the national domain name system, the requirements for it, the procedure for its creation, including including the formation of the information contained in it, as well as the rules for its use, including the conditions and procedure for providing access to information, adopted by Roskomnadzor in 2019.; the Regulations of the People's Republic of China "On the Protection of Personal Information of Users on the Internet" and Federal Law No. 242-FZ dated July 21, 2014 "On Amendments to Certain Legislative Acts of the Russian Federation regarding clarification of the procedure for processing personal data in information and telecommunications networks"; The Law on Cybersecurity of the People's Republic of China in the text has much in common with the Law "On the sovereign Runet."
Studying the peculiarities of the regulatory formation of the Golden Shield project in the People's Republic of China and the development of legislation of the Russian Federation in the field of regulating the operation of the information and telecommunications network Internet, one cannot help but pay attention to certain similarities in how the situation has developed in China over the past 30 years and what has been happening in Russia since the 2010s. However, based on this comparison, it cannot be concluded that Russia is following the path of the PRC towards total censorship of the Internet and the media, due to the difference in the political regime, historical context, and difference in information and technical capacities. Nevertheless, it is necessary to pay attention to all the positive and negative experiences accumulated not only by the PRC, but also by the entire Asian community in the field of Internet regulation, in order to avoid mistakes already passed by mankind in the formation of state information legal policy and cybersecurity policy.
Instagram Facebook and social media products of Meta Platforms Inc. are prohibited on the territory of the Russian Federation on the grounds of extremist activity.
A legal entity registered in the Republic of Latvia, SIA "Medusa Project" (registration number 40103797863, registration date 06/10/2014) is an organization recognized in Russia as a foreign agent.