Russia Expands List of User Data Required from Telecom Operators Russia is quietly rewriting the rules of privacy — not by banning tools or jailing users, but by turning every telecom line into a fully mapped dossier.

On paper, the new order from the Ministry of Digital Development is a technical update to SORM, Russia’s long‑standing surveillance backbone. In practice, it gives security agencies a legal claim over a far richer slice of citizens’ lives. The ministry wants companies to hand over not only network metadata but also “taxpayer identification numbers, passport numbers, and bank accounts,” effectively granting a “new legal status of citizens’ private information.”

The state’s logic: plug the gaps

Officials frame the move as closing loopholes and modernizing oversight. The updated SORM requirements force operators to ensure they can search and transfer a “wide range of user data” on demand, including passport data, addresses, bank details, IP addresses, and geolocation. For the state, integrating financial and identity records with connection logs promises more “intelligent” monitoring, especially against VPN use and anonymous activity.

The opposition’s reading: legalizing total surveillance

Independent outlets cast this not as modernization but as consolidation of a surveillance state. Novaya Gazeta Europe stresses that the ministry “wants to oblige companies” to send over deeply personal identifiers, turning what were once scattered records into a single security‑service feed. Another piece bluntly summarizes the shift: “Mintsifry expanded the list of user data that telecom operators must transfer to law enforcement agencies,” warning that SORM is evolving from traffic sniffer to comprehensive population registry.

Convergence and clash

Both sides agree on the direction of travel: more data, more integration, less technical room to hide. Where they diverge is on framing. For the state, it’s a long‑overdue upgrade. For critics, it’s the moment when privacy stops being a default right and becomes a conditional exception — granted, monitored, and revocable at the flip of a SORM switch.