Maxim Ali has moderated a roundtable event on the GDPR

Head of the IP/IT Practice at Maxima Legal, Maxim Ali, has taken part in a roundtable event titled ‘Data protection in Russia and the EU’, which was organised by the St Petersburg International Business Association (SPIBA) on 17 October. The event covered the topic of the recently introduced General Data Protection Regulation (GDPR) and its current implications for Russian business, as well as an assessment of Russian regulation in this area.

“We are increasingly seeing that legislation tries to cover activities outside the jurisdiction in which it is passed. In particular for breaching the regulations of the GDPR can even impact on Russian companies which can be issued fines that can add up to tens of millions of euros. At the same time, a sufficient condition for the application of the regulations can be the presence of a representative of the company in the EU but also a website that permits payments to be made in euros or if the website is written in one of the EU’s official languages”, commented Maxim Ali.

At the same time, according to Maxim, the requirements of the GDPR often coincide with the provisions of federal law RF-152 ‘On data protection’. However to comply with the European standards a business must make a number of additional changes for users, including in respect of access, destruction and transfer of personal data as well as to notify regulators about data leaks within 72 hours. The definition of personal data under the GDPR is also wider, covering forms of online-identification such as cookies and IP addresses.