
Russia Requires Apple and Google to Remove LinkedIn from Local App Stores - reimertz
http://mobile.nytimes.com/2017/01/06/technology/linkedin-blocked-in-russia.html?smid=tw-nytimestech&amp;smtyp=cur&referer=http://forums.macrumors.com/threads/russia-forces-apple-to-remove-linkedin-from-russian-app-store.2026212/
======
andreyz4k
I'm from Russia, so I guess I could add some context here. A while ago our
parliament created a pack of laws to "protect personal data of russian
citizens". One of them ordered internet services to store all of the user data
of russian citizens on servers, that are physically located in Russia. This
law is in power since the beginning of 2016, but many big sites like LinkedIn
and Facebook just ignored it. State authorities did nothing about it, but
finally, in November they blocked LinkedIn in Russia, so now we ought to use
some VPN or proxy to access it. And now they want to remove their apps from
stores, despite they don't work without proxy as well.

~~~
akjainaj
This is reasonable and, as far as I remember, the EU required the same as
well.

~~~
kodablah
I disagree that it is reasonable, but that's why these things are good for at
least vote if not left up to consumer choice. I couldn't imagine if my country
disabled access to worldwide internet services to protect my data. At some
point, citizen choice is valuable, and I as a citizen would like to choose to
have my data stored in another country if I wanted (and use services that do
so).

~~~
cmdrfred
I agree in principal but consider this. In real terms this law really only
creates and UI/UX problem for LinkedIn at a fundamental level. Sort of like
hiding some settings in a config file or behind an "advanced users only!"
warning, LinkedIn now requires you connect via a VPN/Tor to use it's services.
I feel that the users informed enough to setup a VPN are more likely to also
understand the implications of giving personal information to LinkedIn.

This has a side effect. If LinkedIn wants to do business with Russia it has to
allow access from VPN services. Thus allowing for greater piracy for internet
users everywhere.

~~~
kodablah
I really really don't like this sentiment. "In real terms" meaning that you
have to intentionally break the law. And only advanced users can get the
benefit of worldwide internet services otherwise banned. Granted this is an
easy opportunity for a whataboutist, hypocrisy point here concerning other
countries, and I'd agree with those countries being incorrect too.

We should not be encouraging laws like this, and definitely not excusing them
by saying that advanced users can circumvent them. If the Russian government
really wanted to protect citizens, why not put laws in place on data
protection requirements as opposed to data location requirements? (hint: it's
because they don't want to protect the citizens)

------
fauigerzigerk
This is a pretty confused and not very informative article. There isn't the
slightest attempt to find out what the purpose of those "local laws" is.

Censorship, consumer protection, privacy, anti-trust, protectionism, tax
avoidance, law enforcement, it's all basically summed up as "Foreign
governments causing trouble to US companies"

That's pointless because it doesn't help putting pressure on the right party
in the right conflict for the right reason.

~~~
yaakov34
These laws join other laws, the so-called anti-terrorist package from August
2014, which require service providers (defined very broadly to include such
things as social networks and ISPs) to provide user data to the authorities
upon request. If the server is physically in Russia and controlled by some
Russian subsidiary, it is much harder for a company to evade such an order.

Few people even bother to pretend that this is about anything other than
closer control of Russian internet users by the Russian authorities. There is
a weak spin about protecting the data of Russian users from foreign
governments by placing it within Russia, which makes zero sense, since nothing
prevents an American company from giving user data from its Russian server to
the American government.

And before someone says that the US does the same thing, note that something
like 1000 people have already been imprisoned in the Russian Federation over
various online comments and posts, and even Facebook likes. The fact that the
US violates privacy also doesn't mean that it's all the same thing.

------
whack
" _The demand by Russian authorities to remove LinkedIn in Apple and Google
app stores comes weeks after a court blocked the professional networking
service for flouting local laws that require internet firms to store data on
Russian citizens within the nation’s borders._ "

Given NSA's monitoring activities, this is a surprisingly reasonable law.
Maybe not a great one, but certainly reasonable. I wonder if the NSA
activities will prove to be a watershed that kick off a tide of tech-nativism.

~~~
andreyz4k
Given what I've heard about NSA, they are far more reasonable than our FSB
(successor of KGB if anyone doesn't know). Our guys can easily use their right
to "take for investigation" some servers just to protect a business of some of
their colonels or friend of a colonel. And that makes storing a data in Russia
a bit of a lottery.

~~~
devoply
That's the thing. In the modern secular state you need a Constitution which is
essentially a covenant between man and his government, that the government is
actually representing will of the people. Without that sort of secular, yet
holy, document and corruption you get this sort of cronyism in which a normal
honest man does not have rights or the same rights as corrupt people with
connections do. This then makes everything more difficult and unpredictable.
The Russians and the Soviets before them have never figured this out. We still
have problems when this sort of behavior seeps into our system, but we have
pretty good ways of controlling this behavior, and a general revulsion of the
public against it, helps keep it under control.

~~~
disordinary
New Zealand is rated as the second least corrupt country in the world and
ranked fourth on the democracy index, yet it has no constitution.

~~~
devoply
[https://gg.govt.nz/role/constofnz/intro](https://gg.govt.nz/role/constofnz/intro)

~~~
disordinary
There is no formal document called the constitution of NZ.

What we have is an "uncodified constitution" which means that while there is
no formal constitution there is an informal one made up of a number of laws,
treaties (most noticeably the Treaty of Waitangi), precedents, and pretty much
habits which give us our sovereignty and rights.

According to Wikipedia the only countries without a constitution are NZ, the
UK, Saudi Arabia, and perhaps Isreal.

So it seems that it's not important whether or not you have a constitution,
what is important is simply how accountable the people hold the government.

An interesting fact, which illustrates the point, is that there are laws which
state that Te Reo (Maori) and NZ Sign Language are both official languages of
NZ (along with regional languages on some of the other Islands) there is no
corresponding law for English, yet most of the country speaks it and all laws
are drafted in it (along with Te Reo).

~~~
devoply
My point was not that you need a written document called a constitution,
merely what the document above states:

"A constitution is about public power, the power of the state. It describes
and establishes the major institutions of government, states their principal
powers, and regulates the exercise of those powers in a broad way. While all
constitutions have these general characteristics, each constitution is
affected by the national character of the state it services."

In the US it's a written document and it's held sacred by most Americans. But
you don't need that, just what is mentioned above which I quoted. In either
case it's a covenant with the government which limits the power of the
government and protects the rights of people. You need that and you also need
a lack of corruption, which in general terms means the government abides by
the constitution. If you have these two things than the common man can expect
to be treated a certain way by the government regardless of any of his or her
affiliations and so on.

~~~
disordinary
Well, I don't understand what your initial point is because every country has
a constitution then - including Russia.

The difference between is that in New Zealand the "constitution" is fluid and
is very easy to change because it's simply laws.

This is way off topic, but I think holding the constitution as some sort of
semi-religious document is actually a bad thing, for instance the right to
bear arms is seen by the rest of the world as quite odd and very scary. If
people weren't so fervent about the document you can look at it objectively
and make the required changes to reflect the times.

------
raz32dust
I guess LinkedIn itself is just being used as an example. It is a smaller fish
compared to Facebook or Google, and the Russian citizens are not as dependent
on it, so it is a good choice to set an example.

Why everyone wants to have local data is more interesting. I can think of some
points:

\- The US wields a lot of soft power by virtue of the fact that a lot of user
data about members in other countries lives here.

\- Other countries want the ability to block access to particular sites and
the user data at will without having to go through US law.

\- Hampering growth of US companies helps local copycat companies grow.

\- Requiring local servers, local office, make in X etc. promotes local
economic activity.

There is a critical mass of people who need to be using these services for
these points to be viable. China clearly has more than the critical mass, so
they easily get away with this sort of behavior and it does them more good
than harm (I think). EU probably has it. Russia alone probably does not.

~~~
_andromeda_
>It is a smaller fish compared to Facebook or Google, and the Russian citizens
are not as dependent on it, so it is a good choice to set an example.

Not necessarily accurate. LinkedIn is a Microsoft company and I wouldn't
exactly call them a small fish. This might just be the first of many
protectionist measures Russia will be adopting.

------
george_ciobanu
This is Russia's way to 1. Strike back at the US for the economic sanctions 2.
Strengthen its economy by allowing local actors to develop without competition
3. Ensure that all major networks are within state control. It's non-trivial
for these companies to switch storage, and it's also dangerous as that makes
them more vulnerable to government snooping.

~~~
kurthr
Not just snooping, but seizure and blackmail... sure would be a unfortunate if
we had to remove these servers for a little examination, maybe you can do
something for my little friend?

------
delegate
This is not just a rogue request from some crazy official, but part of a
larger plan to subdue and scare off foreign tech companies and replace them
with 'local' tech, controlled by the state.

These people are not playing games - this is ideological warfare in action.

Tech companies should get political - that means get ready to temporarily
loose certain markets in exchange for defending some core principles.

They might refuse to accept it, but tech companies are currently the most
powerful (dormant) political players in the world - this is why Putin et al
want to either control or eliminate them.

They should ignore the request, then be ready to close their offices and offer
to relocate all employees to a foreign country.

No Google, AppStore and Google Play means back to the 90s.

~~~
moolcool
>This is not just a rogue request from some crazy official, but part of a
larger plan to subdue and scare off foreign tech companies and replace them
with 'local' tech, controlled by the state.

Do you think EU's heavy handed regulation on web services is similar? I think
you could make the case that it's also a form of protectionism.

~~~
matt4077
The comparison is obviously warranted. I'd argue that there is a difference
b/c:

\- The EU has a history of relatively strict data privacy laws, whereas Russia
has no credibility in regards to any civil rights. whatsoever.

\- The EU is a much larger market than Russia. It's therefore unlikely that
any significant companies would choose to leave the EU market and create an
opening for local companies. Only a few data centers may be needed in the EU,
and they just don't employ people or pay taxes in relevant amount.

\- Storage-in-the-EU is not actually a requirement – companies may store data
anywhere as long as they can provide for the required safeguards.

\- I'm not completely firm on the genesis of the new data protection
regulation, but I believe it was actually a reaction to the EU's Court of
Justice's rulings (the "right to be forgotten" and the Facebook case). I have
a hard time believing Supreme Court justices ruling with protectionism in
mind.

------
fwn
Nope, Putin, that won't make the LinkedIn requests stop.

Fun aside I can understand that authorities would try new approaches on
smaller players first. The quality of the administrative insight isn't
necessarily tied to the scale of the targeted platform.

------
mike-cardwell
I always found it bizarre that nations would allow a situation to arise where
a foreign nation builds up a massive database of all/most of their citizens
conversations and relationships and movements.

I mean. Would the US be OK if a company under Russian jurisdiction had a
database of relationships and conversations and movements for most US
citizens? Does not seem sane to me.

I don't know what the solution is really, other than blocking access.

------
hota_mazi
> It puts Apple and Google in a difficult position.

I don't think so. Both Apple and Google have always been crystal clear that
they mean to follow local laws. I don't see how removing these apps in Russia
would be of any trouble to them.

------
logeek
The US blocks websites that violate copyright law, because it's seen as
important for US business to do so. Different countries may have different
priorities on what they censor, but all do censor. How is this different?

~~~
mgbmtl
Economics vs speech. The US sends people to jail if they break laws with
regards to the economy (if you're on the wrong side of the status quo),
whereas Russia sends people to jail if they philosophically disagree with the
status quo.

------
FT_intern
I'm not sure why LinkedIn is being targeted for privacy concerns. The entire
point of the site is having a presentable, public profile. Most users want
others to see them in the way that their LinkedIn profile depicts them to be.
A large percentage of LinkedIn users purposely make almost all of their
LinkedIn information publicly available.

This is as opposed to more private data like personal, private messages on
social network sites (I assume most LinkedIn messages are professional and
tame), browsing history, etc.

~~~
mgbmtl
Russia requires that Russian citizens (even those living abroad more than 6
months per year) declare their foreign bank accounts.

Linkedin private conversations are a good way to investigate if they are
having undeclared revenue from another country.

(sure, it's easy to avoid, and so is using Facebook Messenger / private chat..
yet people still mostly default to that because it's easier)

------
jjawssd
Russia does not want to become dependent on "the West"

Is this a problem?

~~~
kurthr
It might be a trade violation or bad for the proles, but it's certainly not a
problem for the Russian Elite, if that's what you mean.

~~~
disordinary
I thought there were trading sanctions between Russian and the US now anyway?

------
beshrkayali
> The companies are strong proponents of open internet policies and free
> speech but are now being asked to be agents for governments that censor its
> citizens.

What does requiring foreign companies to store data of a country's own
citizens within its borders == censoring citizens?

~~~
mattnewton
Because you are asking Russian citizens not talk to those companies. That is
the censorship. They were giving the information up freely in exchange to
linkedin's services, it is not like LinkedIn was spying and collecting the
information themselves.

~~~
beshrkayali
No. They're asking foreign companies operating in Russian to store their data
within the borders of the country, where the Russian gov has control +
sovereignty. When a douchebag agency like NSA/CIA have direct back access (and
sometimes provided by the company), it's possible that LinkedIn is involved
and is therefor spying on citizens of other countries for the benefit of the
US gov.

------
strictnein
If you're looking for a good book covering Russia's attempts at
harnessing/controlling/etc the Internet (both domestically and
internationally):

    
    
       The Red Web: The Struggle Between Russia’s Digital Dictators and the New Online Revolutionaries
    

[https://www.amazon.com/Red-Web-Struggle-Dictators-
Revolution...](https://www.amazon.com/Red-Web-Struggle-Dictators-
Revolutionaries/dp/1610395735)

------
disordinary
We're probably going to see more of this as countries try and assert their
sovereignty and laws in a post Brexit world.

------
bostand
Is linkedin being singled out or is this start of something bigger?

~~~
nobodyshere
Nothing unexpected is happening. They have a law that requires storing Russian
nationals' data on servers physically located in Russia. Linkedin refused to
follow the law and got what was coming. While the law isn't that great, it is
still there to be complied with.

~~~
sberder
This is exactly the same in China, coupled with the ICP license that makes for
total control of what is accessible in the territory.

~~~
xyzzy_plugh
My understanding is that China requires that data for Chinese citizens is only
stored in China (you can maybe export aggregate, anonymous data).

Russia on the other hand requires that data for Russian citizens be stored in
Russia. I don't believe they prevent export.

I've heard of large companies complying by simply uploading a tarball to a
Russian server periodically.

~~~
nobodyshere
So does South Korea. At least based on my experience in gaming industry. They
also required encrypting all private data.

------
rebelidealist
Anyone know how this is even technically feasible for a giant app like
Linkedin to separate out a portion of their data in Russia?

~~~
ryfm
it's not feasible. But it's not the point for Russian authorities, otherwise
they would have to ban a lot of different sites: a) any Internet store - like
Amazon, Ebay, AliExpress you name it, as they all hold some 'private data'
including name, address, cc info etc. b) any booking site - same as Internet
stores c) any website which deals with Russian citizens - e.g. foreign
embassies :)

so the point is to try to block a big Internet entity and check if there is
any backslash, any reaction or any anything :)

------
rubiquity
Putin must be tired of receiving friend requests from Polar Bears and other
various Arctic recruiters.

~~~
bhouston
Sergey Brin wanted me to be his 150th linkedin contact just yesterday. I must
be important.

------
Sevii
Sounds like they are trying to get the same deal most of the EU countries
have, Germany, France, ... Where user data has to be stored in the home
country.

------
pabloski
The truth is irrelevant. We are in the middle of a new Maccartist era, and
Russia is ( again ) the big bad bear.

They ( the transnational oligarchy based in the US and UK ) are trying the
last power grab and Putin is trying to block them. This is the reality in a
nutshell.

We can discuss about the nuances, but this is a power fight. Pure and simple.

Russia obviously wants to survive in this fight, so it is trying to block its
dependance on the west as much as possibile, starting with the new economy (
internet ). The western powers ( the ones who rob us workers of our savings )
want to extend their reach over the entire globe and Russia + China are the
last bastion against this dystopia. Yes, there are elites, oligarchs, bad guys
in Russia and China too, but they are too small to be a real danger for us (
the people ).

So, what you say is true, but i suspect the western media will spin it in a
way to make Russia look like a dictatorship, ruled by a mad tyrant who wants
to go to war against the world.

~~~
benevol
Nobody needs Russia to understand one should not use any of the US mass
surveillance machines
(Facebook|Google|Twitter|LinkedIn/Microsoft|Yahoo|Apple|etc). We just needed
Snowden and that we got.

~~~
dogma1138
Or just read a EU report from the 90's which described the same apparatus....

~~~
SpaceRaccoon
Source?

~~~
dogma1138
Report on the existence of a global system for the interception of private and
commercial communications (ECHELON interception system) (2001/2098(INI)).

"The existence of a global system for intercepting private and commercial
communications (the ECHELON interception system)

A. whereas the existence of a global system for intercepting communications,
operating by means of cooperation proportionate to their capabilities among
the USA, the UK, Canada, Australia and New Zealand under the UKUSA Agreement,
is no longer in doubt; whereas it seems likely, in view of the evidence and
the consistent pattern of statements from a very wide range of individuals and
organisations, including American sources, that its name is in fact ECHELON,
although this is a relatively minor detail."

[http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//...](http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//TEXT+REPORT+A5-2001-0264+0+DOC+XML+V0//EN)

------
banku_brougham
Not relevant to policy, but it should be noted: The LinkedIn app is horrible.
I deleted it long ago and use the browser.

------
hubert123
> comes weeks after a court blocked the professional networking service for
> flouting local laws > The action is the equivalent of a nation banning
> “Catcher in The Rye”

yeah no, i dont think so

------
logicallee
I don't get it. I clicked through the article to see the "justification" since
LinkedIn is extremely tame. For example, imagine if LinkedIn were banned from
the United States - why would that happen? Well it could happen if a court
ordered it to stop impersonating its users, it didn't stop and kept
impersonating then, and then the court ordered it to be shut down as
punishment. Kind of far-fetched, but not that far-fetched. Everyone knows
LinkedIn illegally impersonated its users.

So I was wondering what the justification would be here. So I clicked through.
I didn't see the full article, but this is what I found "a court blocked the
professional networking service for flouting local laws that require internet
firms to store data on Russian citizens within the nation’s borders."

So question: why didn't it store data on its citizens within the nation's
borders?

It doesn't seem that far-fetched of a requirement to me. Doesn't Germany have
the same requirement?

I didn't Google in-depth but found this language (about Germany) "20\. What
rules regulate the transfer of data outside your jurisdiction? The Federal
Data Protection Act (BDSG) differentiates between transfer of personal data
within the EU/EEA and outside the EU/EEA."[1]

Isn't this more or less the same thing?

While I'm not defending Russia's actions (according to a Reddit user
journalists are jailed, Putin's opposition opponent is in a Russian graveyard
with 5 bullets in him, etc etc), but this seems like something that Linkedin
could have complied on?

Or is there more to the story?

[1]
[http://uk.practicallaw.com/3-502-4080](http://uk.practicallaw.com/3-502-4080)

~~~
MichaelGG
I'd imagine at a technical level, forcing all Russian citizen data to reside
on Russian servers would mean running a federated/sharded system. It seems
like a non trivial challenge. A lot of their code would need to have the
concept of locality. Running an algorithm to suggest friends or rank users?
Now it needs to be changed to deal with not having Russian users' data
accessible in the same way. There's probably elegant solutions but why bother
if you can avoid it?

Perhaps they thought they could win a legal fight. Or they wouldn't suffer
enforcement actions, or public outcry will save them.

~~~
logicallee
What I really mean is that I expect there's some deeper or other reason. This
isn't really that big of a deal-breaker if it's only the reason cited. The
technical challenges you cite certainly mean this isn't a 2-hour affair but it
doesn't sound like LinkedIn would be allowed back in as soon as Russian user's
data is on servers there instead of elsewhere...

