Russia Moves to Regulate Biometric Data Processing

Russian regulators have issued draft rules governing the use of biometric personal information, such as facial and voice recognition data, by banks and other companies to remotely identify individuals.

The Ministry of Communications and Mass Media (Minkomsvyaz) Feb. 26 released a new draft regulation on types of biometric data to be used in the country’s Unified System of Identification and Authentication (USIA). The regulation would set procedures for companies to undertake when collecting and storing biometric personal data of individuals, Minkomsvyaz said in a statement.

The federal government will likely approve the new regulation in time to take effect on Jun. 30, 2018.

Minkomsvyaz said that the regulation will implement a recent federal law that allows for the remote identification of individuals. Banks and other businesses use the biometric data for cross-checking with other types of personal data in the USIA to remotely identify clients, Minkomsvyaz said.

Businesses and employees processing biometric personal data and adding biometric personal data to the USIA must be identified by a unique identifier (UID), and the data subject must consent to its use.

To contact the reporter on this story: Sergei Blagov in Moscow at correspondents@bloomberglaw.com

To contact the editor responsible for this story: Donald Aplin at daplin@bloomberglaw.com