Russia this week ordered users of public Wi-Fi networks to identify themselves in order to access the internet, causing confusion among officials and providers and alarming users already worried by growing state control over the web.
The move, approved this week by government order, was the latest in a series of measures imposed this year to tighten internet regulation. While some European countries have similar requirements, civil-rights advocates say its application in Russia is more worrisome.
“If you look at it in in the context of everything else that has been going on in the area of Internet regulation in Russia lately—the blogger law, the ban on keeping data of Russian Internet users on foreign servers— this is perceived as a threat by the Russian Internet community,” said Tanya Lokshina, Russian program director at Human Rights Watch, referring to new regulations imposed on bloggers and restrictions on offshore storage of data.
Russian officials denied the move is aimed at controlling users. But government agencies struggled this week to explain how it would work and who would be affected.
Friday, the Communications Ministry issued a statement trying to reassure users that they won’t need to show their passports to get online. But it didn’t specify what constitutes a public place – something the regulations didn’t clarify— and a ministry spokesman said the matter need to be looked into carefully by lawyers.
Another government agency, Rossvyaz, said in a statement Friday to the official news agency that the new regulation will affect only small towns.
According to the state-owned news agency ITAR-TASS, the government of Russia has banned anonymous access to wifi.
Instead, the operators of the communications services will have to identify users with a full name confirmed by an ID. The report says that hardware must also be identified, although it’s not clear what this means.
The ITAR-TASS story refers to an announcement on the Russian government website; we have not been able to locate the announcement.
A story by the US-owned Radio Free Europe/Radio Liberty adds that bloggers also may no longer remain anonymous and that “[a] recent law requires bloggers with more than 3,000 daily readers to register with the country’s mass media regulator, Roskomnadzor, and conform to the regulations that govern Russia’s regular media outlets.”
[UPDATE:] There have been two short follow-up articles from ITAR-TASS on the new rule. First “Russian ban on anonymous wi-fi access to have no impact on private access points,” the body of which is identical to the headline, plus a note attributing the report to an unspecified minstry. The distinction for private Wi-Fi access points may be a distinction without a difference, as those access points all connect through ISP accounts which are not anonymous.
The second article is “Russian government may review law banning anonymous Wi-Fi,” says that the new law might be changed and attributes the statement to the prime minister’s press secretary Natalya Timakova. It adds that "[t]he law has caused mixed reactions in the Russian society."
A Moscow city official, meanwhile, told the same news agency that Wi-Fi access in parks, the metro, in schools and hospitals would not be affected but made no mention of hot spots managed by private businesses.
But Leonid Levin, deputy head of the parliament’s information policy committee, interpreted the document differently.
“It will affect all public places. What’s is the point of creating laws that provide only half measures?” he told the Wall Street Journal, “The point is to make sure that people who use public Wi-Fi are responsible for the actions they choose to take online without creating additional difficulties for the users,” Mr. Levin said.
“No one will have to show their passports to anybody,” he said. “The identification process will consist of getting a password for Wi-Fi access by providing your mobile phone number. Since providing a passport is required to buy a SIM-card in Russia, there will be no need to show your passport, he explained.
“User identification … is a worldwide practice,” Nikiforov said on his Twitter feed.
Russian netizens have about a month of Wi-Fi anonymity left: ID procedures will be set up by early September, Federal Mass Media Inspection Service deputy head Maxim Ksenzov said Saturday.
The governmental decree on the matter, meanwhile, will enter into effect next Tuesday.
Passport or No Passport?
The vaguely worded document was initially understood by media and experts to require a passport to access Wi-Fi in a cafe or shopping mall.
But Nikiforov’s ministry said Friday that passports will only be necessary at state-funded access points, mostly found at post offices in small towns nationwide. Still, some form of identification will be mandatory for public Wi-Fi elsewhere, the ministry said in a statement.
But apparently to the contrary, Ksenzov told ITAR-Tass on Friday that identification will only be required at post offices and Internet cafes, but not restaurants, shopping malls, airports and other public places.
The discrepancy could not immediately be reconciled.
Storing Personal Data
Providers of public Wi-Fi will also be required to store massive amounts of personal user data for six months at a time, Ksenzov said.
Wi-Fi providers, according to the decree, will have to hand over the stored used data to security services on request, which may be the real point of the law, said Artyom Kozlyuk of independent Internet freedom watchdog Rublacklist.net.
One thing that is clear is that personal Wi-Fi spots will not be affected by the new regulations: Any private individual can provide online access without asking users for a passport.
The new rules are meant to help fight terrorism, officials said.
Breathing Life Into the Blogger Law
Furthermore, the decree gives effect to a law signed in May best known for severely limiting freedoms for bloggers with a daily audience upward of 3,000 readers.
The May law also obliges Internet providers to store massive amounts of personal user data for six months or to provide security services with real-time access to such data.
Storing user data is expensive, and providers are reluctant to do it, Kozlyuk said.
The new law seems to be an attempt to dump the responsibility for storing data onto Wi-Fi providers instead of Internet service providers, he said.
“But either they’ll weasel out of it, or we’ll see mass Wi-Fi closures,” Kozlyuk said.
The Kremlin launched binge regulations targeting the Internet after the mass opposition protests of 2011-12, which were largely coordinated online.
In addition to making user data available for security services, Russia has set up an extrajudicial online blacklist that increasingly targets opposition blogs and media.
“All recent [Russian] Internet regulations are a clumsy copy of Kazakhstan, Belarussian and Chinese templates,” Internet expert Anton Nossik said on Slon.ru on Friday.
No Passports Required to Use Public Wi-Fi, Moscow City Hall Says