Data Protection Law in Russia

This article deals with the issues of legal regulation of personal data in the Russian Federation. Personal data processing regulation in Russia is generally consistent with European regulation. Protection measures are focused on the interests of a human being as the “possessor” of personified data. The author considers what can be treated as personal data from the perspective of the Russian legislator, describes the personal data categories singled out by local laws, the methods of and grounds for the processing of the same, and the duties of operators. The article draws a conclusion that, despite the upgrading of penalties for violations in the field of personal data processing, Russia’s approach to violators is far more tolerant than that of the European Union. In addition, the articles briefly touches upon the matters of big data processing and the right to be forgotten. The author also considered and estimated the consequences related to the adoption of the GDPR for Russia.