Jeremy Mittman writes:
On July 25, Russian President Dmitry Medvedev signed into law an amendment to the Russian data protection law, “On Personal Data”. The new amendments are effective as of July 1, 2011. Of special significance, the amendments provide further clarification regarding the transfer of personal data to individuals or entities located outside of Russia. Prior to the recent amendments, before transferring personal data from Russia to, for example, the United States, in the absence of obtaining prior written consent, a company needed to determine whether the United States (or another country, as the case may be) possessed data protection laws that provided an “adequate” level of protection. However, the old Russian law provided little clarification as to which countries qualified under that standard, or how a company should go about deciding which countries qualified.
Read more on Proskauer Privacy Law Blog.