Russian tech giant facing FSB requests for its encryption keys argues ‘law enforcement is possible without violating privacy’
On June 3, reports surfaced that Russia’s Federal Security Service (FSB) has repeatedly requested the encryption keys that the tech company Yandex uses to protect user data. The scope of Yandex’s services is similar to that of Google’s: it provides web search, email, advertising, and machine translation tools, among others. According to the news outlet RBC, the Russian company has not yet complied with the FSB’s demands.
In a press release sent to Meduza, Yandex representatives argued that Russian law only requires more limited forms of cooperation with law enforcement agencies. “The law speaks to the transfer of information that is ‘necessary for decoding messages.’ It does not imply a demand for transferring keys capable of decoding all traffic,” Yandex’s statement asserted. The statement nonetheless acknowledged that the information sharing law applies to all “email services, messengers, and social networks” on Russian territory.
The remainder of Yandex’s statement appeared to strike a compromising tone while pushing against the scope of the FSB’s demands. “The goal of the law,” it reads, “is to observe security standards, and we completely share [the FSB’s] belief in the importance of that goal. However, law enforcement is possible without violating the privacy of user data. We believe it is important to observe a balance between security and user privacy and to consider the principle of equally applied regulation for all sectors of the market.”
Government requests for encryption keys have a charged recent history in Russia. Attempts to block the social site Telegram on Russian territory, which sparked mass protests in major cities, began when Telegram refused to hand over its own encryption keys. Should Yandex continue to resist the FSB’s demands, the consequences could include a court case and even an effort to block Yandex’s services on Russian territory.