Yandex blocked by Finland and Norway from transferring data to Russia

Regulators from Finland and Norway have enforced a prohibition on the Russian tech company Yandex and its collaborator Ridetech International and disallowed them from transferring customer data collected through Yandex’s ride-hailing application, Yango, to Russia. This decision follows the enactment of a fresh Russian statute that grants the Federal Security Service access to data garnered from taxi services.

The regulators contend that this action presents a potential privacy hazard, as it might empower Russian authorities to oversee the movements of individuals in Finland and Norway via the app. Yango, which operates in 14 nations, asserts that it handles data in accordance with GDPR and EU statutes, affirming that Russian regulations do not extend to its global undertakings.

Yandex had previously encountered penalties and the seizure of assets due to conflicts regarding user data. These regulatory prohibitions are of a temporary nature, holding validity for three months, aligned with EU data protection regulations.

Why does this matter?

The decision reflects concerns about potential surveillance and privacy risks stemming from a new Russian law granting access to data from taxi operations. This move highlights the ongoing global debate about the extent to which tech companies can operate across borders while adhering to various data protection laws. Yandex, often referred to as ‘Russia’s Google,’ facing bans and fines, underscores the challenges companies encounter when navigating international legal frameworks. This incident prompts discussions on the balance between national security interests and individuals’ right to privacy in the digital age. It also emphasises the need for harmonised international data protection standards to address such cross-border data transfer issues.