Russian data law set to hinder Irish firms

From 2016 dealings with Russian companies will require servers within the country’s borders

Law passed by the Russian parliament requires personal data of their citizens to be stored on Russian soil

Law passed by the Russian parliament requires personal data of their citizens to be stored on Russian soil


Eamon Moore, founder of cloud services brokerage Cloud Compare, said the move presented a “major risk” for Irish technology businesses with dealings in Russia as “obviously they can’t move all data centre operations” there as “no doubt companies from the US and elsewhere would have a major issue with this”.

Irish Internet Association chief executive Joan Mulvihill added the move would “provide a barrier to doing business” in the region for Irish companies.

Set to come into force in 2016, the new law means online businesses - including email providers, e-commerce services and social networks - who do not have servers in Russia will not be able to do business in the country.

Dr James Ryan, a University College Cork historian who specialises modern Russian history, told The Irish Times the law was pushed heavily by parliament members who were “ideologically disposed to a hostile attitude to Western powers”.

Speaking from Moscow, Dr Ryan said the new law had raised “considerable fears” from the Russian Association of Electronic Communications, which has warned that “similar laws in other countries have resulted in significant economic losses and departures of service providers”.

Dr Ryan added that the law was something which is “probably to be understood in the context of the [Edward] Snowden revelations” rather than “broader cultural tensions” between Russia and Western economies.

Ms Mulvihill said the Russian parliament’s decision was “more social than economic”, noting there was a “nervousness” about data protection globally with countries around Europe having “concerns about their data held in the US as well”, adding that “other countries could go down a similar route” to Russia.

Mike Morrissey, consultant and data protection practitioner with Dublin-based company Sytorus, said that with the process of setting up data centres in Russia, “not viable” for most business, “many will now be compelled to use the services of Russia-based third parties, with whom they are unlikely to have any commercial history, but on whom they will depend completely from 2016”.

Mr Morrissey did add though that the spread of personal data throughout the web would mean that “to be honest”, the new law will be quite difficult to enforce.

“The flow of personal data is quite complex and pervasive, even in the smallest of businesses,” he said.