- Статьи
- Society
- The correct permission: a register of consents to the processing of personal data will be created at Gosuslugi
The correct permission: a register of consents to the processing of personal data will be created at Gosuslugi
A register of consents to the processing of personal data will appear on Gosuslugi. It will allow Russians to manage information about themselves: to see who they have given permission to use it, and, if necessary, to easily revoke it, the office of Deputy Prime Minister Dmitry Grigorenko told Izvestia. The innovation will be one of two dozen measures of a large—scale project to combat cybercriminals - the government is finalizing work on it. How these initiatives will help Russians protect themselves from scams in the digital environment is described in the Izvestia article.
What will change on the public services portal
The Cabinet of Ministers is finalizing work on a new package of measures aimed at combating cyberbullying, the office of Deputy Prime Minister Dmitry Grigorenko told Izvestia. It will include about 20 items. In the near future, the document will be posted on the portal of draft regulatory legal acts for public discussion, where every Internet user will be able to leave their comments. The bill will be submitted to the State Duma in the fall of 2025, a source familiar with the discussion of the initiative told Izvestia.
One of the key measures of the new package will be the creation of a centralized register of personal data processing consents on the Gosuslugi portal. With its help, users will be able to track the permissions they have granted to process such information to commercial organizations. In particular, users of "Public Services" will be able to issue them and, if necessary, revoke them. The register of consents will appear on the state portal no earlier than March 1, 2028, follows from the draft federal law, which is available to Izvestia.
The details of the registry are still being worked out. Sergey Plugotarenko, CEO of ANO Digital Economy, presented one of the possible mechanisms: when a user of the gosportal requests the services of banks, telecom operators and large digital platforms, businesses can request their consent to provide profile data on Public Services. Subsequently, he will be able to get acquainted with them in one place and, if necessary, withdraw his consent, the expert told Izvestia.
— We assume that the new consent management system will gradually expand this mechanism to new participants, allowing citizens to better understand what is happening with their personal data, — said the expert.
Another key measure to combat Internet fraud will be new ways to restore access to your account on Gosuslugi. So, it will be possible to do this using biometrics, through mobile applications of banks or using a national messenger, as well as face-to-face through contacting the MFC. The measure will enter into force on March 1, 2026, according to the text of the bill.
Today, access to "Public Services" can only be restored via SMS codes. However, after the attackers started stealing Russians' SIM cards, thereby gaining access to personal information, this method became the main target of the scammers. The SMS-code option does not allow reliable confirmation of the user's identity, which carries great risks for Russians, Dmitry Sobolev, director of the Department for Interaction with government Authorities at the Center for Biometric Technologies, said in a conversation with Izvestia.
— Unlike SMS, biometrics cannot be transferred to an outsider or lured out by psychological manipulation. Its use ensures that only the real owner has access to the account. It is important that in addition to biometrics, users are offered a number of tools to restore access to their personal account," he explained.
Today, more than 100 million people use the Gosuslugi portal, Deputy Prime Minister Dmitry Grigorenko said at a meeting with Vladimir Putin on August 25. The service is used daily by 14 million people who can receive more than 1.6 thousand public services. Earlier, the president called the fight against cybercriminals one of the most urgent tasks.
Another measure that makes it possible to stop the mass creation of bank cards that are used to cash out stolen funds is to limit their number to 10 per person.
Punishment for cybercriminals
With the development of digitalization, artificial intelligence is becoming a key tool for cybercriminals. In 2026, 85% of attacks will be carried out using AI, said Stanislav Kuznetsov, Deputy Chairman of the Board of Sberbank. Artificial intelligence helps to create new viruses, phishing sites and deepfakes, find vulnerabilities, and carry out DDoS attacks.
In this regard, the introduction of administrative and criminal liability for such crimes is becoming more relevant. The new package of measures proposes to make the use of AI an aggravating circumstance in articles about fraud, theft and extortion. As a minimum penalty, the violator faces a fine of 100 to 500 thousand rubles, and as a maximum — imprisonment for up to six years. The measure will enter into force 10 days after the publication of the federal law, follows from the text of the draft.
In the future, the number of crimes involving AI will only grow, Sergei Plugotarenko told Izvestia. For example, today scammers have increasingly begun to fake voices and images during calls. In April 2025, the head of Kemerovo, Dmitry Anisimov, warned Russians about the creation of his digital double. He said that the attackers created a fake video with his image and made video calls on his behalf through messengers.
"The introduction of liability should help, on the one hand, reduce the proportion of such crimes, on the other hand, simplify the evidence for law enforcement agencies," says Plugotarenko.
Another measure introduces a ban on phishing, which implies the mandatory blocking of fake sites. Current legislation requires that only resources that mimic the pages of banks and financial organizations must be blocked.
Phishing is a type of fraud in which intruders want to steal personal data: passwords, bank card numbers, logins. Fake websites or messages that look like real ones are used for this purpose. The task is to force a person to click on the link, enter the data and thereby transfer it to the scammers.
Finally, the new package involves the introduction of administrative responsibility for illegal mining of cryptocurrencies. In addition, miners will be held accountable for late provision of information about the receipt of digital currency. The specific amount of fines will be determined during further elaboration of the document, a source told Izvestia.
How to strengthen the fight against phone fraud
The problem of "ordinary" telephone fraud remains no less acute. Starting from September 1, all companies will be required to label their calls and SMS. This means that when you receive an incoming call, you will immediately see who is calling — a store, salon, bank or other organization. This measure was approved in the first package of measures to combat cybercriminals, which was adopted in April this year.
The new bill also proposes to make labeling of international calls mandatory. Thus, the person will immediately understand that he is receiving a call from abroad. Moreover, Russians will be able to independently establish a ban on such calls.
"I would like to appeal to our citizens so that they understand that any call from an unknown number is better to call back, reset this number to make sure that these are not scammers," Grigorenko said at a meeting with Putin on August 25.
All information about the numbers from which and to which fraudulent calls are made, operators will be required to transfer to the registry of the Anti-fraud system. This measure will enter into force on March 1, 2026, according to the text of the bill. In order to identify suspicious calls, operators, in turn, will be able to use artificial intelligence. Companies providing digital services to Russians reacted positively to the government's new developments.
"The proposed measures, from labeling international calls and banning their reception to using AI to identify suspicious calls and block phishing sites, directly respond to the real threats we face today," Alexey Chugunov, Vice president for Information Security Development and Assurance at Rostelecom, told Izvestia.
Such threats include, for example, an increase in the number of sophisticated schemes where fraudsters send fake SMS codes to subscribers to lower their guard, and then lure out the real code needed to access accounts and confidential data. At the same time, Chugunov is confident that all these measures not only complicate the lives of scammers, but also give people back control over their digital security.
Переведено сервисом «Яндекс Переводчик»
