Call or don't call: fines for selling SIM cards will rise to one million

Fines will be raised for operators for selling SIM cards in unidentified locations. Such a bill was approved by the Cabinet of Ministers. Now the sanction is 500 thousand rubles, it is proposed to increase it to one million. Criminal liability is also being introduced for providing communication services to foreigners who violate the law. How the new standards will work is described in the Izvestia article.

What penalties do mobile operators face?

Fines for telecom operators for selling SIM cards bypassing the law will rise to 1 million rubles. Such a project, developed by the Ministry of Finance, was approved on January 12 by the government commission on legislative activity. This was reported to Izvestia by sources in the Cabinet.

The changes are aimed at combating cyberbullying, which is carried out, among other things, using information and communication technologies, said Vladimir Gruzdev, Chairman of the Board of the Russian Bar Association.

"Telecom operators become guarantors of the operation of state traffic monitoring systems and are required to ensure the functioning of software and hardware for checking calls and text messages on a 24—hour basis," he said.

Currently, the conclusion of a contract by a telecom operator for the provision of services in a manner not provided for by law is subject to a fine in the amount of 300 thousand to 500 thousand rubles.

— With the adopted legislative changes, the amount of the fine will increase and amount from 500 thousand to 1 million rubles, — said Vladimir Gruzdev.

The authors of the bill note that recently there has been an increase in the number of fraudulent calls through foreign messengers. According to Yandex, out of 1.5 billion calls from unknown numbers, 800 million were unwanted, 55 million of them were automatically blocked.

"Most of these unwanted and fraudulent calls were made by fraudsters posing as bank employees. Their number has increased by a quarter over the year," the explanatory note says.

Administrative responsibility is also established for non-compliance by telecom operators with the requirements for ensuring the functioning of verification nodes (authentication of subscribers and call routes, fraud prevention) not only at the time of connection, but also during further interaction with GIS "Antifraud".

"The need to introduce this rule is due to the fact that in 2025, due to the unavailability of verification nodes operated by telecom operators, 113.4 million calls were missed without verification," the authors note.

Who will be criminalized

In addition to changes to the Administrative Code, amendments will also be made to the Criminal Code, Vladimir Gruzdev noted. Articles on privacy and violation of the secrecy of correspondence and telephone conversations will be supplemented with a number of elements of a crime.

"They are creating stricter and more detailed legal instruments to combat violations of personal data security and privacy requirements,— he stressed. — Actions will be added out of self-interest or by a group of persons by prior agreement, organized by a group. Previously, it was only about people who committed a crime using their official position.

In addition, there will be a new composition — violation of the requirements for the provision of mobile radiotelephone services to a foreign person and a stateless person to those who have already been subjected to administrative punishment. If the damage caused by the actions of a foreigner exceeds 5 million rubles, a criminal case will be initiated. The maximum penalty can be up to one year in prison.

"Abuses in the field of information and communication technologies are caused by the increased activity of the population in the use of Internet resources and remote services, including banking, the development of new forms of paid services and services," the explanatory note says.

It notes that every year there is a large number of remote theft, which causes damage to Russians.

"The Bank of Russia also records an increase in suspicious transactions carried out without the client's consent. In recent years, there has been an uncontrolled proliferation of subscriber numbers, including among foreigners, which contributes to the possibility of illegal actions," the authors note.

The explanatory note states that schemes have become widespread in which attackers create organized criminal groups, often of a transnational nature.

"Such groups use special call centers, whose "employees" call from numbers similar to bank numbers, and, knowing the information about the person, they try to get a code word or a code from an SMS confirmation to steal funds," the document says.

The authors of the bill believe that the amendments will significantly reduce the risks of crime.

Will anti-fraud measures help?

The new provisions reflect the state's desire to systematically strengthen the criminal law response to cybercrimes and reduce the gap between real digital threats and existing mechanisms for their suppression, says Kirill Levkin, MD Audit Project Manager (Softline Group).

— The legislator is moving away from the narrow interpretation of hacking and focuses on the consequences: disruption of infrastructure stability, data leaks, shutdown of services, which is especially important for socially significant and corporate systems," he said.

The expert explained that the mechanisms for initiating and investigating cybercrime cases are being simplified, the possibilities for seizing and analyzing digital evidence are being expanded, and procedures for working with electronic traces, logs, and remote environments are being consolidated. This should reduce the dependence of investigations on formal barriers and speed up the response to incidents.

Both bills have the same goal — to make life as difficult as possible for cybercriminals, said Sofya Lukinova, head of the legal department at VMT Consult.

"The main burden of execution falls on telecom operators, who must, in particular, track the number of SIM cards opened in the name of one subscriber, as well as check foreign citizens with whom a communication agreement is concluded," she said.

Compliance with the new rules will require telecom operators to improve their IT infrastructure, including for integration with government systems. Companies will also be forced to develop various solutions, including AI-based ones for threat recognition, localization and destruction.