Art. 12 of the Federal Law No. 152-FZ prohibits the cross-border transfer of data to countries that do not provide an adequate protection of data subjects. However, cross-border transfers of personal data are permitted in the following circumstances: (i) approved by the Federal Service for Supervision of Communications, Information Technology, and Mass Media (Roskomnadzor) as providing adequate protection, which will include countries party to Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (Convention 108); or (ii) in cases where such transfer is necessary to protect the life, health, or other vital interests of the data subject or other persons. Starting from 1 March 2023, operators have to notify any cross-border transfers of personal data before such transfers and, for transfers to countries which are not 'adequate', obtain permission from the Roskomnadzor for the transfer, with limited exceptions.

Art. 30.6.4 of Federal Law No. 161-FZ requires that foreign-based credit card companies transmit data for all transactions within Russia through state-owned operator: the National System of Payment Cards. It is reported that affect the possibility for financial supplied to use their processing facilities located outside of Russia.

Art. 64 of Federal Law No. 126-FZ requires telecom operators, to store in the territory of the Russian Federation the following information:
- Information on the facts of reception, transmission, delivery and (or) processing of voice information, text messages, images, sounds, video or other messages of users of communication services - within three years from the moment of the end of such actions;
- Text messages of users of communication services, voice information, images, sounds, video or other messages of users of communication services - up to six months from the moment of termination of their reception, transmission, delivery and (or) processing.
In addition, Art. 10.1 of Law No. 149-FZ requires distributors of information, such as internet and telecom companies, messengers, email services, forums and other platforms that allow the exchange information on the internet, to store in the territory of the Russian Federation the following information:
- Information on the facts of reception, transmission, delivery and/or processing of voice information, written text, images, sounds, video or other electronic messages of internet users and information about these users for one year after the end of such actions;
- Text messages of internet users, voice information, images, sounds, video and other electronic messages of internet users up to six months from the end of their reception, transmission, delivery and/or processing.

Art. 18(5) of Federal Law No. 152-FZ provides that during personal data collection, including through the Internet, the data operator shall ensure that databases located within the Russian Federation are used to record, systematise, accumulate, store, update, modify and retrieve personal data of Russian citizens. However, the requirements do not apply to companies that do not receive the data directly from either data subjects or such third parties, or inadvertently in the course of normal business activity. Moreover, provided that personal data when initially collected is placed in a primary database located and maintained in Russia, personal data contained in the database may then be transferred abroad and placed in other secondary databases, provided the requirements for data transfers are complied with. As a result, once personal data is collected, it shall be placed in the database located in Russia (i.e., the primary database) and all mentioned operations on the data should be carried out locally. Afterwards, the data can be transferred abroad for further processing (i.e., to the secondary database).
It is reported that since 2015, the Federal Service for Supervision of Communications, Information Technology, and Mass Media (Roskomnadzor) has been active in enforcing the above-mentioned measure. For instance, in November 2016 subject to the claim from Roskomnadzor the court in Moscow restricted access to the LinkedIn social network due to the breach of the measure. Further cases mostly included administrative fines which were issued also to major multinational companies, including Meta Platforms, Inc. (formerly Facebook, Inc.), Twitter, Inc. and later WhatsApp LLC, Google LLC, Airbnb, Inc., Apple, Inc., Twitch Interactive, Inc., United Parcel Service, Inc., Pinterest, Inc., Likeme Pte. Ltd., Ookla, LLC., Snap Inc., Match Group, LLC, Hotels.com, L.P., Spotify AB, and Zoom Video Communications, Inc. Some companies also faced repeated higher fines.
The Code of Administrative Offences establishes fines of up to RUB 6 million (approx. USD 64,620) for the first offence and up to RUB 18 million (approx. USD 193,860) for the subsequent offence.

Russia has appended the World Trade Organization (WTO) Telecom Reference Paper to its schedule of commitments.

Russia has a telecommunications authority: The Federal Communications Agency. However, it is reported that the decision-making process of this entity is not fully independent from the government.

In 2017, the Russian State Commission for Radio Frequencies issued a decision requiring telecommunications operators seeking to rent capacity from a foreign satellite operator to demonstrate that Russian satellite providers do not have such capacity.

According to the Communications Law, telecommunication services can only be provided on the basis of a license. Operators provide telecom services in Russia on the basis of telecoms licences acquired following the requirements of Government Decree No. 2385 (Decree No. 2385 replaced Government Decree No. 87 of 18 February 2005 which regulated the similar subject matter). According to Annex 1 to the Decree, a list of 20 telecom services are subject to licensing. These include, among others:
- Local telephone communication services;
- Services of long distance and international telephone communication;
- Telephone services in a dedicated communication network;
- Telegraphic services;
- Communication services of a personal radio call;
- Services of mobile radio communication in the public or dedicated communication network;
- Services of mobile radiotelephone communication;
- Services of mobile satellite radio communication;
- Services of mobile satellite radio communication;
- Communication services for data transmission (either voice or other data);
- Telematic communication services;
- Communication services for cable/wire broadcasting purposes.
Annex 2 to the Decree sets out particular licensing requirements for each of the activities listed in Annex 1. It is reported that, in practice, only Russian registered entities can apply for and obtain licences to provide communications services. These entities may have foreign ownership or control. Thus, a licence holder has to be incorporated as a Russian company, but this company can be owned by foreigners.

Telecommunication activity is a licensed activity in Russia and certain telecommunication service fees are regulated by the State. Access service fees charged by significant operators are subject to tariff regulation in accordance with the Government Resolution No. 627 "On the prices for interconnection services and traffic transmission services provided by operators with significant market power in the common use communications network" (19 October 2005). Service fees for certain public electronic communication services and public post services are also subject to state tariffs. The list of public electronic communication services and public post services subject to state tariffs is approved by the government.

Russian incumbent operator is Rostelecom, a state-owned enterprise. The Russian Government formally has a stake of less than 50%. Rostelecom has increased its market share in all market segments in the recent years and it plays a dominant, but not monopolistic, role in international and domestic backbone connectivity. As of 2019, Rostelecom was Russia’s largest integrated provider of digital services and an FMC (fixed mobile convergence) operator with a 25% share in the telecoms market. According to World Bank (2015), independent mobile operators and ISPs (Internet Service Providers) in Russian market typically rely on Rostelecom backbone internet infrastructure.

Russia lacks rules for functional separations for operators with significant market power, although there are rules in place for accounting separation. Under Ministry for Digital Development, Connection, and Mass Communications Order 54, dated May 2006, operators that hold substantial positions in publicly available networks and operators of universal services and natural telecoms monopolies must keep separate accounts for different types of activity; provided services; and different sections of the telecoms network used for the provision of such services. In addition, the Russian competition laws also provide for forced separation as a last-resort measure that may be implemented by a court at the request of antitrust authorities in respect of a dominant market player that systematically abuses its dominant position.

It is reported that there is no obligation for passive infrastructure sharing in Russia to deliver telecom services to end users. However, it is practiced in the mobile sector and in the fixed sector based on commercial agreements.

Federal Law No. 374 allows Russian security services to request that internet companies hand over their encryption keys. Firms who do not comply with these orders risk having their services blocked in the country, as happened to the messaging app Telegram which remained blocked in Russia for approximately 2 years. Other messaging apps, such as Zello, BlackBerry Messenger, Imo, Line, and Vchat were blocked for the same reason.

Federal Law of July 29, 2004 on Commercial Secrecy and Russian Civil Code provide a framework for the effective protection of trade secrets. The Civil Code (Part 4) regulates issues associated with trade secrets. Any unlawful use of a trade secret, including unlawful receipt or disclosure of the trade secret, constitutes trade secret infringement. Additionally, the Federal Law of July 29, 2004 on Commercial Secrecy defines trade secrets as any type of information (e.g. production, technological, economic, organizational, etc.) that is not generally known, to which the general public does not have open access, and with respect to which the owner of such information has instituted the regime of trade secrecy.

Russia has ratified the World Intellectual Property Organization (WIPO) Performances and Phonograms Treaty.