On 1 June 2021, a law* came into force that obliges legal entities and individual entrepreneurs to enter information into the Unified Identification and Authentication System (the “System”) on employees and other persons who are provided with corporate phone numbers.
The following information must now be entered into the System*:
- name, surname and patronymic;
- date of birth;
- identity document details;
- corporate cell phone number; and
- name and information about the legal entity or individual entrepreneur who is the subscriber.
Previously, corporate subscribers were obliged to send similar information only to mobile operators.
After information is entered in the System, the mobile operator will be obliged to check that it is accurate and sufficient by sending a corresponding request to the System. If, as a result of this verification, the operator concludes that the information is incomplete or unreliable, it must notify the corporate client. If the client fails to respond, the operator will unilaterally exclude the corresponding subscriber number from the service contract.
Roskomnadzor will monitor the operators’ compliance with the new requirements, but the corresponding procedure has not been developed yet. In March 2021, the Ministry of Communications submitted for public discussion a bill* prescribing the procedure of interaction between operators and Roskomnadzor for these purposes, but the proposed version received a negative opinion and will be amended.
For contracts concluded with telecom operators before 1 June 2021, companies will have until 30 November 2021 to submit information, and the obligations to check and disconnect subscribers will arise for operators from 1 December 2021. In addition, these requirements do not apply to organisations that concluded contracts for the provision of communication services as part of public procurement.
Corporate subscribers should bear in mind that, under article 88 of the Russian Labour Code and the Federal Law “On Personal Data”, they must obtain the consent of their employees when transferring their personal data to third parties. Therefore, we recommend collecting the consent of employees before transferring their personal data to the System. If employees refuse, the company will be forced to deprive them of their corporate cell phones.
If you have any questions on this eAlert, do not hesitate to contact CMS Russia experts Georgy Daneliya, Alexey Shadrin, Alisa Mikheeva or your regular contact at CMS Russia.
* In Russian