08 июня 2021 года

ФЕДЕРАЛЬНАЯ СЛУЖБА ПО НАДЗОРУ В СФЕРЕ СВЯЗИ, ИНФОРМАЦИОННЫХ
ТЕХНОЛОГИЙ И МАССОВЫХ КОММУНИКАЦИЙ

12+

English Version

ПОРТАЛ ПЕРСОНАЛЬНЫХ ДАННЫХ УПОЛНОМОЧЕННОГО ОРГАНА ПО ЗАЩИТЕ ПРАВ СУБЪЕКТОВ ПЕРСОНАЛЬНЫХ ДАННЫХ
Главная
Об уполномоченном органе
История создания
Структура
Правовые основания и
направления деятельности

Главная страница > Об уполномоченном органе > Международная деятельность

Federal Law No. 242-FZ of July 21, 2014 on Amending Some Legislative
Acts of the Russian Federation in as Much as It Concerns Updating
the Procedure for Personal Data Processing in InformationTelecommunication Networks (with Amendments and Additions
Версия для печати

Годовые отчеты
RUSSIAN FEDERATION

Информация об
уполномоченных органах
других государств

FEDERAL LAW
ON AMENDMENTS
TO CERTAIN LEGISLATIVE ACTS OF THE RUSSIAN FEDERATION
TO CLARIFY THE PROCEDURE OF PERSONAL DATA PROCESSING
IN INFORMATION AND TELECOMMUNICATION NETWORKS

Международная деятельность
Участие в деятельности
CEEDPA

Adopted
by the State Duma
on July 4, 2014

Federal Law of 27 July 2006 N
152-FZ ON PERSONAL DATA
Federal Law No. 242-FZ of
July 21, 2014 on Amending
Some Legislative Acts of
the Russian Federation in
as Much as It Concerns
Updating the Procedure for
Personal Data Processing in
InformationTelecommunication
Networks (with
Amendments and
Additions
Контакты
Консультативный совет
Обращения граждан
Реестр нарушителей
Кодекс добросовестных
практик
Выбор темы для разъяснения
Пресс-служба
Законодательство
Реестр операторов
Молодежная палата
Консультативного совета
Мультимедиа
Электронная библиотека по
защите прав субъектов
персональных данных

Вопросы и ответы
Поиск / Карта сайта

Министерство связи и
массовых коммуникаций
Российской Федерации
Федеральная служба по
надзору в сфере связи,
информационных технологий и
массовых коммуникаций

Approved
by the Federation Council
on July 9, 2014
Article 1
The following amendments shall be made to Federal Law dated July 27, 2006 No. 149-FZ On Information, Information
Technology and Information Security (Code of Laws of the Russian Federation 2006, No. 31, Article 3448; 2010, No. 31,
Article 4196; 2011, No. 15, Article 2038; No. 30, Article 4600; 2012, No. 31, Article 4328; 2013, No. 14, Article 1658; No. 23,
Article 2870; No. 27, Article 3479; No. 52, Article 6961, 6963; 2014, No. 19, Article 2302):
1) Article 15.5 shall be supplemented to read as follows:
"Article 15.5. Restriction of access to information processed in breach of personal data laws of the Russian Federation
1. To restrict access to information on the Internet, which is processed in breach of personal data laws of the Russian
Federation, The Register of Infringers of the Rights of Personal Data Subjects (hereinafter referred to as "the Register of
Infringers"), an automated IT system, is being introduced.
2. The Register of Infringers shall include:
1) domain names and/or links to web-pages of Internet sites containing information processed in breach of personal
data laws of the Russian Federation;
2) network addresses identifying Internet sites containing information processed in breach of personal data laws of the
Russian Federation;
3) a reference to an eﬀective judicial act;
4) information about rectiﬁcation of the breaches of personal data laws of the Russian Federation;
5) the date when the communication operator submitted information about the relevant information resource to restrict
access to the given resource.
3. The Register of Infringers shall be established, created and maintained by the federal executive authority that
exercises control and supervision in the ﬁeld of mass media, mass communications, information technology and
telecommunications in accordance with the procedure stipulated by the Government of the Russian Federation.
4. Subject to the criteria set by the Government of the Russian Federation, the federal executive authority that exercises
control and supervision in the ﬁeld of mass media, mass communications, information technology and
telecommunications may engage a register operator, i.e. an organization registered in the Russian Federation, to create
and maintain the Register of Infringers.
5. The information set forth in part 2 of this Article may be included in the Register of Infringers, provided that there is a
relevant eﬀective judicial decision.
6. A personal data subject may apply to the federal executive authority that exercises control and supervision in the ﬁeld
of mass media, mass communications, information technology and telecommunications with a request to take
measures to restrict access to information processed in breach of personal data laws of the Russian Federation,
provided that there is a relevant eﬀective judicial act. The form of such application shall be approved by the federal
executive authority that exercises control and supervision in the ﬁeld of mass media, mass communications, information
technology and telecommunications.
7. Within three days after receipt of such eﬀective judicial act, the federal executive authority that exercises control and
supervision in the ﬁeld of mass media, mass communications, information technology and telecommunications, guided
by such decision, shall:
1) identify the hosting provider or another person that processes information in any information and telecommunication
network, including the Internet, in breach of personal data laws of the Russian Federation;
2) send to the hosting provider or other person referred to in clause 1 of this part an electronic notice, in Russian and in
English, about breach of personal data laws of the Russian Federation and with details about the relevant eﬀective
judicial decision, domain name and network address identifying the Internet site where information is processed in
breach of personal data laws of the Russian Federation, as well as with links to the web-pages of the Internet site which
make it possible to identify such information, and such notice shall request to take measures to rectify the breaches of
personal data laws of the Russian Federation, which breaches are speciﬁed in the judicial decision;
3) record, in the Register of Infringers, the date and time of such notice to the hosting provider or other person referred
to in clause 1 of this part.
8. Within one working day following a notice referred to in clause 2 of part 7 of this Article, the hosting provider or other
person referred to in clause 1 of part 7 of this Article shall notify the owner of the information resource, to which they
provide services, and inform the owner that it must take prompt measures to rectify the breach of personal data laws of
the Russian Federation, which is speciﬁed in the notice, or restrict access to the information processed in breach of
personal data laws of the Russian Federation.
9. Within one working day after receipt of a notice from the hosting provider or other person referred to in clause 1 of
part 7 of this Article that the breach of personal data laws of the Russian Federation must be rectiﬁed, the information
resource owner shall take measures to rectify the breach set out in the notice. In case of refusal or failure by the
information resource owner to take such measures, the hosting provider or other person referred to in clause 1 of part 7
of this Article shall restrict access to the relevant information within three working days after receipt of the notice
referred to in clause 2 of part 7 of this Article.
10. In case the hosting provider or other person referred to in clause 1 of part 7 of this Article and/or information
resource owner fails to take measures set out in parts 8 and 9 of this Article, the domain name of the relevant Internet
site, its network address and links to the web-pages of the Internet site, which make it possible to identify information
processed in breach of personal data laws of the Russian Federation, as well as other data about such site and
information shall be sent through the automated IT system to the communication operators to restrict access to the
given information resource, including the network address, domain name, and links to web-pages of the relevant
Internet site.
11. The federal executive authority that exercises control and supervision in the ﬁeld of mass media, mass
communications, information technology and telecommunications or the operator of the Register of Infringers engaged
by such federal executive authority in accordance with part 4 of this Article shall delete the domain name, link to the
web-page of the Internet site or network address, which make it possible to locate the site on the Internet, from the
register upon application of the Internet site owner, hosting provider or communication operator within three days after
such application, provided that measures have been taken to rectify the breach of personal data laws of the Russian
Federation or if there is an eﬀective judicial act cancelling the previous judicial decision.
12. The procedure for interaction between the operator of the Register of Infringers and the hosting provider and for
obtaining access to information in such register by the communication operator shall be determined by the federal
executive authority empowered by the Government of the Russian Federation."
2) clause 7 shall be added to part 4 of Article 16 to read as follows:
"7) location, within the Russian Federation, of databases used to collect, record, systematize, accumulate, store, clarify
(update or modify), and retrieve personal data of citizens of the Russian Federation.".
Article 2
The following amendments shall be made to Federal Law dated July 27, 2006 No. 152-FZ On Personal Data (Code of Laws
of the Russian Federation, 2006, No. 31, Article 3451; 2011, No. 31, Article 4701):
1) part 5 shall be added to Article 18 to read as follows:
"5. During personal data collection, inter alia, through the Internet, the operator shall ensure that databases located
within the Russian Federation are used to record, systematize, accumulate, store, clarify (update or modify) and retrieve
personal data of citizens of the Russian Federation, except for cases speciﬁed in clauses 2, 3, 4, 8 of part 1 of Article 6 of
this Federal Law."
2) clause 10.1 shall be added to part 3 of Article 22 to read as follows:
"10.1) information about the location of database containing personal data of citizens of the Russian Federation;";
3) clause 3.1 shall be added to part 3 of Article 23 to read as follows:
"3.1) restrict access to information processed in breach of personal data laws of the Russian Federation, in accordance
with the procedure stipulated by legislation of the Russian Federation;".
Article 3
Clauses 19 and 20 shall be added to part 3.1 of Article 1 of Federal Law dated December 26, 2008 No. 294-FZ On the
Protection of Rights of Legal Entities and Individual Entrepreneurs During Governmental Control (Supervision) and
Municipal Control (Code of Laws of the Russian Federation, 2008, No. 52, Article 6249; 2009, No. 18, Article 2140; No. 29,
Article 3601; No. 52, Article 6441; 2010, No. 17, Article 1988; No. 31, Article 4160, 4193; 2011, No. 17, Article 2310; No. 30,
Article 4590; No. 48, Article 6728; 2012, No. 26, Article 3446; 2013, No. 27, Article 3477; No. 30, Article 4041; No. 52,
Article 6961, 6979, 6981; Rossiyskaya Gazeta, June 25, 2014):
"19) control of compliance with requirements arising out of distribution of information on the Internet;
20) control and supervision over personal data processing.".
Article 4
This Federal Law shall enter into force on September 1, 2016.
President
of the Russian Federation
V. PUTIN
Moscow, The Kremlin
July 21, 2014
No. 242-FZ

Federal Law No. 242-FZ of July 21, 2014 on Amending Some Legislative Acts of the Russian Federation in as Much as It
Concerns Updating the Procedure for Personal Data Processing in Information-Telecommunication Networks (with
Amendments and Additions) (English version) (Федеральный закон от 21 июля 2014 г. N 242-ФЗ "О внесении
изменений в отдельные законодательные акты Российской Федерации в части уточнения порядка обработки
персональных данных в информационно-телекоммуникационных сетях" Англ. версия)

Время публикации: 23.05.2016 12:17
Последнее изменение: 23.05.2016 12:24

Ссылки
Минкомсвязь России

РСпектр

Единый реестр
запрещенной
информации

Реестр нарушителей
авторских прав

© 2009-2021, Электронное периодическое издание «Портал персональных данных Уполномоченного органа
по защите прав субъектов персональных данных». Учредитель: Федеральная служба по надзору в
сфере связи, информационных технологий и массовых коммуникаций. Свидетельство о регистрации средства
массовой информации Эл № ФС77-41899 от 08 сентября 2010 г., выданное Федеральной службой по надзору
в сфере связи, информационных технологий и массовых коммуникаций

Публичный реестр
инфраструктуры связи и
телерадиовещания РФ

Адрес редакции:
109992, г. Москва, Китайгородский
пр.,
д. 7, стр. 2.

