Total decryption of Internet traffic and other data of Russians could harm the security, said the Minister of communications and mass communications Nikolay Nikiforov. He suggested to wait for the publication of the draft normative act.
“If to speak about the issue of total decrypt the traffic, you need to understand the appropriateness and compliance with the provisions of the Constitution. The feasibility in the sense that it would overall have a negative impact on security, because the technology of a particular encrypting information are different, including the technology used by government agencies”, – quotes its “Interfax”.
Nikiforov added that today the decipherment of different types of data already used in the framework of the operational-search activities by the court.
Earlier the Minister made the appearance of possible amendments to the “law of Spring” by November 2016. According to the Minister, currently the issue of amendments to the package of anti-terrorist documents is studied.
On the morning of 30 September, the newspaper “Kommersant” reportedthat the working group “Communication and IT” of the expert Council under the Russian government gave a negative conclusion on amendments to the law on the regulation of audiovisual communication and online services such as WhatsApp, Viber, Telegram and others which is used monthly by millions of Russians. In their opinion, the initiative Mediacommunications Union (ISS brings together major Telecom operators and media houses) will lead to “the degradation of the Runet.”
According to experts, now under the bill will be a large part of the Russian Internet industry. The wording in the bill is unclear, the fulfillment of most requirements is impossible. To the definition of “organizer of information dissemination” can be attributed as messengers, and in General any website on the Internet, mail service, etc. and apply the provisions of the bill to any content until the user comments or forum posts.
Thus, the bill contradicts article 23 and article 55 of the Constitution of the Russian Federation, violating the rights of citizens and limiting the privacy of communication between users.
Earlier, sources of Kommersant in the presidential administration announcedthat the FSB, Ministry of communications and Ministry of industry and trade to discuss a set of technical solutions that will enable decryption and to provide access to the whole Internet traffic of the Russians in the framework of the “Spring law”. His analysis will be conducted using the system DPI (Deep Packet Inspection), already used by Telecom operators to filter the prohibited sites. This scheme will allow how to prevent potential threats and to build profiles of user behavior in the network.
As told a source in the presidential administration, store encrypted Internet traffic does not make sense – it will not find anything. FSB stands for to decrypt all traffic in real-time mode and analyze its key parameters. The Ministry insist on decrypting traffic only to subscribers that will attract the attention of law enforcement.
According to the “law of Spring”, the owners of Internet sites are required to hand over encryption keys at the request of the FSB. However, as noted by one of the interlocutors of the newspaper, the Internet, a large number of websites that are not the organizers of the dissemination of information and use a secure https connection. “Without decrypting the traffic is not always possible to understand which website the user has visited, not to mention what he was doing there,” explained the source.
One of the discussed variants of deciphering the installation of networks of operators able to perform a MITM-attack (Man in the Middle). With this approach, the user will establish an SSL connection with this equipment, and it has – with the server accessed by the user.
The newspaper wrote that this was confirmed by the CEO of InfoWatch and member of the working group “it + Sovereignty” of the presidential administration Natalya Kaspersky. However, the latter stated that she was misunderstood. According to Kaspersky, in the working group “it + Sovereignty”, where she holds the position of Deputy head, “discusses encryption, but in a different context.” Encryption from the point of view of the domestic use of encryption for critical transactions. This is what is discussed in SWGs, this has nothing to do with the “law of Spring”. So here are all matted,” said she.
Kasperskaya said that is not involved in the work of deciphering the Internet traffic of the Russians. “Probably, the FSB wants, but it does not matter to me. Address this question please, the Federal security service”, – told the representative of the working group under the presidential administration.
The package of anti-terrorist laws, which the press called “Spring package”, was signed by the RF President on July 7. The document obliges operators from 1 July 2018 up to six months to store all client traffic, including call recording. Thus data on the transmission of information must be kept for three years.
In the process, and after the adoption of the law, operators have repeatedly warnedthat the introduction of a rule requiring store information on communication subscribers, could lead to higher prices for communication services, degradation of the quality of services and stopping the development of communication networks in Russia.