Roskomnadzor will require information from telecom operators about the geolocation of all IP addresses they use, promising to improve the fight against DDoS attacks, but experts see this as new opportunities for spying on Russians and blocking Internet services.
Russians under cover
Roskomnadzor is going to expand the list of information received from telecom operators and Internet providers. According to Forbes, he intends to request from them the geographic coordinates of all IP addresses that are used on their network. The IP address is unique for each subscriber. It is issued when connecting to the network and is released at the end of the session if the subscriber does not have an agreement with the provider to allocate a static IP address to him.
The regulator intends to begin collecting this information in September 2024. But it will not do this without the appropriate legislative framework, so it has already prepared amendments to its own order No. 221 of July 31, 2021 - they are posted on the Federal Portal of Draft Regulatory Legal Acts (regulation.gov.ru) and until February 2, 2024 are at the stage of public discussion.
The order that Roskomnadzor wants to modify is, in fact, a list of information that telecom operators and Internet providers are obliged to provide to it. This is primarily technical information, including a list of IP addresses they use.
What will change
When the amendments come into force, providers will be required to supplement each IP address with geo-coordinates. Additionally, Roskomnadzor will require information about the purposes of using IP addresses. That is, he will know who exactly uses a specific Internet address - the provider itself or its subscriber.
Like most of these types of changes to current legislation, this is explained, in general, by concern for safety. In this case, the collection of additional information about IP addresses of Roskomnadzor with the ability to use them to “quickly configure protection against DDoS attacks from individual countries.” This is stated in the explanatory note to the draft order, dated January 12, 2024. The draft itself was published on regulation.gov.ru on January 15, 2024. The planned date of its entry into force is September 2024.
“To effectively protect against DDoS attacks, it is necessary to use more accurate methods for determining geolocation,” the explanatory note says.
Everyone will be counted
The explanatory note to the draft order of Roskomnadzor reveals another, no less ambitious goal pursued by it. “Based on the data provided, a trusted database of geolocation of IP addresses in Russia will be formed,” the note states.
According to the document’s authors, this database “will be regularly updated,” and telecom operators and owners of Internet resources will be able to use it “to automatically create correct access lists.” They are confident that the creation of such a base “will make it possible to bring the digital border of the state into line with the physical borders of Russia.” “Russian citizens will have access to government, banking and other important resources anywhere in the country,” they added.
“Sovereignization” of the Runet is getting closer
Forbes' interlocutors believe that everything that is happening will not have the best consequences for the Russian segment of the Internet. In particular, the President of the Association of Cable Television Operators "Makatel" Alexey Amelkin admits the possibility that the Center for Monitoring and Management of the Public Communications Network (CMU SSOP) wants to control the routing of IP addresses in Russia. Now this right belongs to the Dutch Internet registrar RIPE NCC.
TsMU SSOP is part of the Main Radio Frequency Center (GRFC), subordinate to Roskomnadzor. Amelkin believes that transferring the functions of the RIPE NCC to the Russian Central Management Unit of the SSOP “will further isolate the country from the World Wide Web.”
Amelkin also believes that the new regulatory requirement will increase the administrative burden on mobile operators and wired Internet providers. He mentioned the existence of static and dynamic IP addresses, as well as so-called “gray” addresses that are issued within the local network. According to him, against the backdrop of all this, operators cannot track absolutely all changes in the geolocation of IP addresses and report them to Roskomnadzor.
Calculate by IP
Experts interviewed by the publication see new options for monitoring users in the upcoming expansion of Roskomnadzor’s rights to control Runet. Some of them suggest that in reality the proposed changes have nothing to do with DDoS attacks, and that the regulator intends to “force operators to report not only IP addresses, but also where these IP addresses are located geographically in the form or address, or coordinates."
The creator of the Escher II blocking project, Philip Kulin, told Forbes that the geolocation of IP addresses is most likely needed for possible investigative actions and seizure of equipment. Optionally, Roskomnazdor can use this information for narrowly targeted, that is, targeted blocking of Internet resources in specific regions or localities of Russia, a representative of an unnamed telecom operator told the publication, citing as an example the blocking of Telegram in the south of Russia during the riots in Makhachkala.
It's not all bad
The current dependence of the Runet on the IPv4 protocol, which has become obsolete compared to the more modern IPv6 used in other countries, and which has long experienced a shortage of IP addresses, may help protect Russians from additional surveillance by the state. Because of this shortage, providers and telecom operators are forced to issue the same IP addresses to users in different regions, Alexey Boyko, an analyst at the specialized Telegram channel abloud62, told the publication. “Therefore, of course, it is possible to provide the RKN with information about the current geolocation of IP addresses, but this will have little practical meaning,” he added.
Russians under cover
Roskomnadzor is going to expand the list of information received from telecom operators and Internet providers. According to Forbes, he intends to request from them the geographic coordinates of all IP addresses that are used on their network. The IP address is unique for each subscriber. It is issued when connecting to the network and is released at the end of the session if the subscriber does not have an agreement with the provider to allocate a static IP address to him.
The regulator intends to begin collecting this information in September 2024. But it will not do this without the appropriate legislative framework, so it has already prepared amendments to its own order No. 221 of July 31, 2021 - they are posted on the Federal Portal of Draft Regulatory Legal Acts (regulation.gov.ru) and until February 2, 2024 are at the stage of public discussion.
The order that Roskomnadzor wants to modify is, in fact, a list of information that telecom operators and Internet providers are obliged to provide to it. This is primarily technical information, including a list of IP addresses they use.
What will change
When the amendments come into force, providers will be required to supplement each IP address with geo-coordinates. Additionally, Roskomnadzor will require information about the purposes of using IP addresses. That is, he will know who exactly uses a specific Internet address - the provider itself or its subscriber.
Like most of these types of changes to current legislation, this is explained, in general, by concern for safety. In this case, the collection of additional information about IP addresses of Roskomnadzor with the ability to use them to “quickly configure protection against DDoS attacks from individual countries.” This is stated in the explanatory note to the draft order, dated January 12, 2024. The draft itself was published on regulation.gov.ru on January 15, 2024. The planned date of its entry into force is September 2024.
“To effectively protect against DDoS attacks, it is necessary to use more accurate methods for determining geolocation,” the explanatory note says.
Everyone will be counted
The explanatory note to the draft order of Roskomnadzor reveals another, no less ambitious goal pursued by it. “Based on the data provided, a trusted database of geolocation of IP addresses in Russia will be formed,” the note states.
According to the document’s authors, this database “will be regularly updated,” and telecom operators and owners of Internet resources will be able to use it “to automatically create correct access lists.” They are confident that the creation of such a base “will make it possible to bring the digital border of the state into line with the physical borders of Russia.” “Russian citizens will have access to government, banking and other important resources anywhere in the country,” they added.
“Sovereignization” of the Runet is getting closer
Forbes' interlocutors believe that everything that is happening will not have the best consequences for the Russian segment of the Internet. In particular, the President of the Association of Cable Television Operators "Makatel" Alexey Amelkin admits the possibility that the Center for Monitoring and Management of the Public Communications Network (CMU SSOP) wants to control the routing of IP addresses in Russia. Now this right belongs to the Dutch Internet registrar RIPE NCC.
TsMU SSOP is part of the Main Radio Frequency Center (GRFC), subordinate to Roskomnadzor. Amelkin believes that transferring the functions of the RIPE NCC to the Russian Central Management Unit of the SSOP “will further isolate the country from the World Wide Web.”
Amelkin also believes that the new regulatory requirement will increase the administrative burden on mobile operators and wired Internet providers. He mentioned the existence of static and dynamic IP addresses, as well as so-called “gray” addresses that are issued within the local network. According to him, against the backdrop of all this, operators cannot track absolutely all changes in the geolocation of IP addresses and report them to Roskomnadzor.
Calculate by IP
Experts interviewed by the publication see new options for monitoring users in the upcoming expansion of Roskomnadzor’s rights to control Runet. Some of them suggest that in reality the proposed changes have nothing to do with DDoS attacks, and that the regulator intends to “force operators to report not only IP addresses, but also where these IP addresses are located geographically in the form or address, or coordinates."
The creator of the Escher II blocking project, Philip Kulin, told Forbes that the geolocation of IP addresses is most likely needed for possible investigative actions and seizure of equipment. Optionally, Roskomnazdor can use this information for narrowly targeted, that is, targeted blocking of Internet resources in specific regions or localities of Russia, a representative of an unnamed telecom operator told the publication, citing as an example the blocking of Telegram in the south of Russia during the riots in Makhachkala.
It's not all bad
The current dependence of the Runet on the IPv4 protocol, which has become obsolete compared to the more modern IPv6 used in other countries, and which has long experienced a shortage of IP addresses, may help protect Russians from additional surveillance by the state. Because of this shortage, providers and telecom operators are forced to issue the same IP addresses to users in different regions, Alexey Boyko, an analyst at the specialized Telegram channel abloud62, told the publication. “Therefore, of course, it is possible to provide the RKN with information about the current geolocation of IP addresses, but this will have little practical meaning,” he added.
