Russia Calls for Unified International Norms in Digital Security

Russia has launched an initiative to develop a Global Code of Digital Security aimed at unifying international rules, standards, and principles to safeguard digital technologies from cybercrime, enhance trust among states in the field of information technology, and ensure the protection of users' personal data.

International Support

Participants of the 'Digital Industry of Industrial Russia' (CIPR-2024) conference proposed elevating the critical issue of developing a Global Code of Digital Security to international platforms, positioning Russia as a hub of technological responsibility and sovereignty.

Russia began promoting its regulatory approach in the international arena in the summer of 2024. Key platforms included the meeting of the EAEU ministers of digital development, which focused on unified rules for regulating the digital environment and data protection, and the BRICS legal forum.

Originally established as an analytical group of emerging market countries committed to economic growth, BRICS aims to dominate the global economy by 2050.

At the IX BRICS Legal Forum, experts discussed the interrelationship between international law, digital technologies, and security. Professor Wu Wenfang addressed the evolution and future development of Chinese legislation in the field of information security, while Badela Gandhi, Vice President of the Savannah Law Network and member of the Johannesburg Society of Advocates, proposed including a provision in the final memorandum to establish a subcommittee on legal regulation of IT within BRICS.

Alexander Volevodz, Head of the Department of Criminal Law, Criminal Procedure, and Forensics and Deputy Dean for Research at the International Law Faculty of MGIMO University, called for urgent efforts to bridge the technological and legal gap among countries in the field of AI implementation and regulation. This, he argued, would help reconcile society’s demand for AI advancements with the need for protection from their adverse effects.

Additionally, Russia proposed that BRICS countries sign a memorandum on information security, which would involve data exchange on cyber incidents and advance cooperation in cybersecurity.

The Russian Initiative – Security and Sovereignty

Russia raised the issue of international information security and digital sovereignty on the global stage as soon as IT technologies began to develop actively. The Russian Federation first proposed creating a Code of Digital Security at international forums and negotiations in the late 2010s. The proposed document aimed to establish common rules and norms of conduct in cyberspace, prevent digital technology misuse, and protect personal data and national infrastructure.

Since then, the Code has evolved through active discussion among UN members and other international bodies. In 2018–2019, Russian diplomats held a series of consultations with representatives of various countries, emphasizing the need for a unified approach to cybersecurity.

Progress has been made thanks to nations seeking to consolidate international efforts to enhance protection in an era of rapid digital advancement and growing threats.

Shen Yi, Head of the BRICS Research Center at Fudan University, noted that the primary cyber threat to BRICS countries emanates from the United States, which, in his view, seeks to advance its geopolitical interests by undermining the sovereignty of other actors through ICTs. He proposed that BRICS serve as a political counterbalance to defend collective interests in the digital domain.

Key Provisions of the Russian Code

The main provisions of the proposed Russian Global Code of Digital Security include the following legal principles:

1. Principle of Sovereignty

States recognize the right of each sovereign country to control its national information infrastructure and protect it from external interference.

2. Prohibition of Cyber Aggression

The use of information technologies for aggressive purposes—attacks on other states’ facilities or the integrity of governmental bodies and critical infrastructure—is prohibited.

3. Ensuring Internet Freedom

Freedom of expression and access to information are fundamental rights that must be protected. However, freedom must be accompanied by accountability for spreading false information and by prohibitions against incitement.

4. Ban on Dual-Use Technologies

Information and telecommunications technologies must not be used for dual purposes that could trigger conflict or destabilization.

5. Prevention of Malware Dissemination

Control measures and response mechanisms must be established to counter viruses, spyware, and other harmful content that threatens information infrastructure and personal data.

6. International Cooperation

States should exchange information and experience, jointly investigate cyber incidents, develop tools to combat cybercrime, and build mutual trust.

These provisions aim to establish a common legal framework and recommendations for effectively addressing contemporary digital threats.

States Will Retain IT Sovereignty

A core principle of the Russian Code is sovereign regulation of information technology. This approach contrasts sharply with that of the Western IT community. While the sovereign model focuses on national independence and digital security, Western standards emphasize unrestricted information flow and open global frameworks—often leaving smaller states vulnerable to transnational corporations and dominant countries.

Thus, the Code primarily benefits smaller nations by enhancing cybersecurity, fostering local IT infrastructure development, and reinforcing economic independence. It also compels IT giants to comply with national legislation, allowing for content control and legal compliance to protect citizens and block prohibited content.

Russia Offers Support and Expertise

Russia implements sovereign IT regulation through mechanisms such as the 'sovereign internet' law, which ensures autonomous operation of the Russian internet segment under external threats.

The country also develops domestic software and critical infrastructure, such as the 'GosTech' platform for public services.

Sector-specific IT standards are continuously introduced to overcome a key barrier to deploying intelligent systems—public mistrust. These standards define unified methods for evaluating technologies’ compliance with functional reliability and safety requirements.

Russia has also adopted specialized AI standards that harmonize terminology, standardize data representation formats, and establish unified lifecycle management processes for AI systems.

Russia shares these solutions with BRICS countries and the Global South.

In June, the first Global Digital Forum will be held in Nizhny Novgorod, bringing together 2,500 IT experts from 115 countries. One of the central topics will be the Global Code of Digital Security.

This Russian initiative is comparable in significance to the USSR’s proposal to ban nuclear weapons, made shortly after the U.S. dropped atomic bombs on Hiroshima and Nagasaki. It has the potential to shield the world from a catastrophe akin to nuclear war.