Russia to block access to LinkedIn

for violating Personal Data Law

11 November 2016 / Issue 81 [152]

On 10 November 2016, the Moscow City Court upheld a lower court order to block access to
www.LinkedIn.com for violations of Russias Personal Data Law.
After the ruling is formally received by Roskomnadzor, Russias communications and data protection
regulator, LinkedIn will be officially blacklisted and blocked in Russia.
Earlier this year, following reports about LinkedIn data leaks, Roskomnadzor requested businessoriented social networking website to confirm its compliance with the Personal Data Law.
When no response was received, the regulator brought the case to court.
The court then ruled that LinkedIn had failed to comply with the requirement for storing the personal
data of Russian citizens on servers located within Russia, and had collected the data of unregistered
users without legitimate grounds.
During the appeal, the court dismissed LinkedIns argument that the website was not subject to the
Personal Data Law because it did not conduct business in Russia and did not specifically target
Russian users.
Other objections raised by LinkedIn were that the company had not been given proper notification of
the court hearing, and that LinkedIn Corporation, a US incorporated entity, was not a proper
defendant because the data in question had been processed by LinkedIn Ireland. The court, however,
remained unswayed by this line of argument.
The full text of the judgement, including the courts reasoning, will be published shortly.
LinkedIn may seek to appeal the court ruling, which took effect immediately on 10 November 2016,
further in the court of cassation, but access to the website would be blocked during any such appeals
process.
This decision is of significance to foreign companies operating websites that are accessible in Russia,
regardless of whether a given company has an actual business presence in the country.
The LinkedIn ruling marks the first such case of a well-known international company being
prosecuted in a Russian court for breaching data localisation requirements.
We urge all businesses that gather the personal data of Russian users through their websites to
carefully review the applicability of and their compliance with Russias Personal Data Law,
particularly with respect to the data localisation requirement.
We can assist you with identifying all systems that are used for processing the personal data of
Russian citizens (both within and outside of Russia) so as to determine the best approach, from both a
legal and technical perspective, to complying with Russias Personal Data Law.

www.pwclegal.ru

Contacts
We will be happy to answer your questions.

Yana Zoloeva
Managing Partner
PwC Legal CEE
+7 (495) 232 5754
yana.zoloeva@ru.pwc.com

Konstantin Bochkarev
Head of IP and Technology
PwC Legal Russia and CIS
+7 (495) 967 6007
konstantin.bochkarev@ru.pwc.com

Tim Clough
Technology Leader
PwC Russia
+7 (495) 967-6018
tim.clough@ru.pwc.com

Yury Pukha
Partner, Technology, Communications,
Entertainment & Media Sector Leader
+7 (495) 223-5177
yury.pukha@ru.pwc.com

PwC refers to PwC Legal, or, as the context requires, other member firms of PricewaterhouseCoopers International Limited, each of which is a
separate legal entity.
2016, PwC Legal. All rights reserved.
The information contained in this flash report does not constitute professional advice. PwC is not responsible for any damages that may be incurred
by any parties if their actions or failure to act were based on their reading of this flash report. For assistance with specific questions, we advise that
you contact a PwC professional in the relevant line of service.