Add to favorite
Subscribe to our Newsletters Subscribe to our Newsletters Get Daily Updates RSS
russian visa

Yandex-gate: Private User Data Surfaces in Search Results
July 27, 2011 12:35

Yandex. Find Everything.

The last two weeks have been a nightmare for Russian Internet users. First, online SMS's went public; then it was the data for online shoppers, including sex shop clients; finally, yesterday it was the order data for Russian Railways customers.

Wikileaks, Russian Style

On July 18, SMS's sent from Megafon website went public in Yandex search. Then over 50,000 pages of online shoppers and rail tickets bookings flooded Yandex, Google, and Bing SERPs. The problem of online privacy that has been debated in the West since at least 2008 has finally reached Russia.

While in the mentioned incidents we dealt with the Russia-wide customer information, there was a local case of a similar nature. On July 23, in St. Petersburg, the data of car accidents of the RESO-Garantia clients went online via a website It could be regarded as a mere coincidence or even a joke, had the data not belonged to very affluent citizens and large companies, including the Lenfilm Movie Studio. By searching Yandex or Rambler (the latter is now using Yandex's search algorithm) for a car plate number, one could find information about the owner and any accidents they got into. Considering that RESO-Garantia is an insurance company, the situation is rather bizarre. The information leaking only stopped on Monday, after the data could have been downloaded by anyone with the interest of its further sharing.

Also, on Wednesday, 27 July, it turned out that documents from the Russian Government, in particular the papers of Antimonopoly and Migration Committees, were indexed by Google. It has been noted, however, that no sensitive government information has been leaked.

The hackers used specially written codes to retrieve the information from websites. Yandex has explained that in the case with some websites the reason these "sensitive" pages became available was because they were not included in a robots.txt file as non-indexed pages. Whether this was really the case, the main point remains: the question of privacy protection online is going to become a point of great concern. Finally, one may add.

Identity and Privacy Online: Russian Perspective

It should be noted that for a Western observer or someone who was exposed to the development of Western Social Media for a period of time the Russian way of dealing with sensitive information is startling, to say the least. Whereas European and American employers have long been checking a prospective employee's social networks profile, to identify any illegal or inappropriate behaviour patterns, in Russia such practice is still rarely in use. The photos and texts people share online are occasionally jaw-dropping. As for private data, like date of bith, names, relatives, addresses, phone numbers and emails, this is often openly available online. The Social Networks also abound with fake celebrity profiles, prompting one to wonder, if any activity carried out in their name may lead to a scandal.

Obviously, no country is immune to identity thieves and hackers who operate online. There were incidents in Britain, for instance, when papers with private data were leaked on the Internet or forgotten on the train. Wikileaks proves that there are no closed doors for those who want to get hold of information. However, in Russia, with its long history of extreme data protection and persecutions for the breach thereof, the users still seem to revel in the newly found "freedom of information". The process of catching up with the realities of web sharing is taking longer, in spite of availability of best practices from abroad.

Analysts say that only last few incidents with online shopping and car accidents data should be considered truly problematic, as they do provide names, emails, and addresses of users. The leaking of SMS messages sent from Megafon website, although alarming, is not as harmful: there is no direct indication as to people's identities. The experts stress, nonetheless, that the lack of legal regulations in the fields of online data protection is the main reason why such cases are possible in the first place. The logic is that, had there been a clear possibility of punishment, the security would be better enforced.

Who Wanted the Data

Some are of the opinion that all three cases were masterminded by those who wanted to tarnish Yandex's reputation. The Russian Internet giant has been successfully withstanding Google's advances in the Russian market by producing more or less similar versions of Google products especially for Russian users. It would be easy to assume that someone from Google's camp wanted to prove just how unrealiable Yandex is - except that online shopping data also went into Google and Bing, not just Yandex.

The likely situation is that it was important to justify the corrections to the federal 'Act of Personal Data' that have recently been signed off by the President Medvedev. However, the law is still imperfect, while it will also likely have to be enforced. It is possible that these incidents were to play an important part in convincing those concerned that strict data protection measures must be adopted.

It is assumed that there will be a series of legal actions taken, most likely in accordance with the article 138 of the Criminal Code of Russian Federation (The Unlawful Interception of Private Communication, Telephone Calls, Telegrams, Postal and Other Correspondence). For now, the police interrogates representatives of Yandex and the companies which information was leaked, in order to establish the exact person who exposed the user data online.

And next?

There will surely be a plenty of criticism towards search engines, websites, and users themselves. It is necessary, however, to find a positive grain in the whole situation. Evidently, it is that now finally Internet users and online business owners in Russia will have to reconsider the ways they collect and share data on the web. A website that you think is only used by you still exists online and can be revealed, provided someone has enough skill and desire. Most importantly, these incidents that have acquired almost a snowball effect in the last two weeks, should bring the questions of online identity and privacy back into focus. Without this, it will be difficult for Russia to become a respected part of global online community.

SourcesRBC, Delovoi Peterburg, Argumenty i Fakty,

Julie Delvaux

Author: Julia Shuvalova

Tags: Russian Internet Russian business    


You might also find interesting:

Infected Comupters Extract Crypto Currency Crypto-currency Has Become the Phenomenon Of the Year Yota Disclosed The Number Of Its Subscribers Messenger For the Officials And Employees Of State-owned Companies Will Be Developed Yandex-gate: Private User Data Surfaces in Search Results

Comment on our site

RSS   twitter      submit

Yaroslavl Architecture  Pangolins  human rights  David Seidler  Tyumen  Darwin Museum  Russian children  Switzerland  Russian economy  Russian journalists  Moscow  Krasnodar Territory  Sovremennik Theatre   Izhevsk  curious  Korablino  Moscow Museums  Russian Cinema  Bolkhov  Ryazan Region  Russian science  Museums of Russia  Mikhail Bulgakov Museum  Exhibitions in Moscow  Maria Smolnikova  Russian startups  Natalka Project  collaboration  Tchaikovsky Conservatory in Moscow  Russian army  Mercedes-Benz Fashion Week Russia  Russian scientists  Yalta  Victory Day  Film Restoration  Sergei Paradschanow  Russian business  Rostov-on-Don  Russian tourism  politics  Saint Petersburg  Russian writers  ractopamine  Tatyana Parfionova  children  St. Petersburg  Mercedes-Benz Fashion Week   Peterhof  Indie Music  Crocodile Magazine 

Travel Blogs
Top Traveling Sites