Mobile Operators Fear Data Leaks as Authorities Push Subscriber Verification

The mechanism for the operation of the unified information system for verifying data of SIM card owners, proposed by the Russian government, carries a number of risks, including personal data leaks, the country’s biggest mobile operators say, according to Izvestia

According to the newspaper, MTS, Megafon, and Beeline this week sent a letter with the complaints to the head of the State Duma Committee on Financial Markets, Anatoly Aksakov. However, Russia’s central bank argues that the operator of the information system will not store any data. 

Experts interviewed by the newspaper noted that there are no safe systems and additional security measures should be used.

“The project does not provide information security requirements for data transmitted through the system or a reference to the necessary by-laws, which may lead to data leaks of several million subscribers,” the letter to Aksakov said. According to the newspaper, the operators suggested establishing such requirements and launching a pilot project to verify them.

At the same time, the Bank of Russia and the Ministry of Communications said they did not see such dangers, since the system operator would not store the data. Aksakov told Izvestia that the proposals by the mobile operators regarding the finalization of the bill will be carefully studied, their representatives will be invited to discuss the initiative after amendments to the document are received from the government.

The State Duma adopted a bill on setting up the unified information system in the first reading in March. It is assumed that users of the system will include the Bank of Russia, commercial banks and operators of payment systems, payment infrastructure services, and other organizations.