From July, you better be Putin these Kremlin-approved apps on gadgets sold in Russia
New law calls for pre-in-Stalin nationally mandated code
The Russian State Duma has approved legislation that forbids the sale of unspecified devices unless they contain certain pre-installed government-authorized applications.
According to Meduza, a Russia-focused publication based in Latvia, Russian legislators voted in favor of the bill, which is expected to take effect in July, 2020.
Unless the rules unexpectedly get derailed when considered by the Federation Council, it will fall to the Russian executive branch to decide specifically which devices are covered by the law and what apps they must include. Likely candidates include mobile devices, computers, and software-equipped TVs.
One app that has been suggested for possible mandatory pre-installation is Gosuslugi, which provides access to assorted Russian government services.
An explanatory note accompanying the bill describes it as a consumer rights initiative, based on the belief that software tailored to Russians makes products more appealing to them. It also says the bill will protect the interests of Russian internet companies by limiting unidentified abuses by foreign technology firms and will provide Russian companies with legal mechanisms to promote their own products and services to Russian users.
Meduza, in a previous report, said that two sources with knowledge of the State Duma have indicated that the bill originated with Russia's executive branch and represents the government's attempt to assert national sovereignty over the parts of the internet it can control.
Earlier this month, The Bell, a Russian business media startup, said related legislative efforts include "Anton Gorelkin’s project banning the ownership of Internet companies for foreigners and Senator Andrei Klishas’s project on identifying email service users."
Senior GitLab exec resigns over plan to stop hiring engineers in China and RussiaREAD MORE
Another Russian publication, Vedomosti, has suggested Apple is one of the prime targets of the bill because it does not allow third-parties to pre-install their apps on iPhones and iPads.
In the Android ecosystem, pre-installed apps have become a source of malware. At the Black Hat security conference over the summer, Google security researcher Maddie Stone said Android devices often have anywhere from 100 to 400 pre-installed apps that Google makes some effort to vet for its hardware partners.
The fine for non-compliance with the new Russian law can be as much as 200,000 rubles, about US$3,100, a pittance for large tech companies but would be more worrying if applied on a per-device basis. Still, it's difficult to imagine that any foreign company would willfully flout the law in a country with such a capricious legal system.
The Bell suggests Apple might leave the not-particularly significant Russian market rather than comply.
The Register asked Apple for comment, fully expecting to be ignored. And so far, we've not been disappointed. ®
- AdBlock Plus
- Black Hat
- Cisco ACE
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Integrated Circuit
- Kenna Security
- Microsoft 365
- Microsoft Office
- Microsoft Teams
- Palo Alto Networks
- Software License
- Trusted Platform Module
- Visual Studio
- Visual Studio Code
- Web Browser
- Zero trust