Russia – SORM-1, SORM-2 and SORM-3

Reference Note on Russian Communications Surveillance – 2018.  James Andrew Lewis is a senior vice president at the Center for Strategic and International Studies (CSIS). Before joining CSIS, he worked at the Departments of State and Commerce as a Foreign Service officer and as a member of the Senior Executive Service.

His government experience includes a broad range of political-military, negotiating, and intelligence assignments. He was an adviser to the U.S. Southern Command for Operation Just Cause, the U.S. Central Command for Operation Desert Shield, and the U.S. Central American Task Force. He led the U.S. delegation to the Wassenaar Arrangement Experts Group on advanced civilian and military technologies. He worked on presidential policies for arms transfers, on commercial space remote sensing, on policies to secure and commercialize the Internet, and on encryption and lawful access to communications. He was the Commerce Department lead for national security and espionage concerns related to high-technology trade with China.

Lewis was the rapporteur for the UN Group of Government Experts on Information Security for the successful 2010, 2013, and 2015 sessions. He has led long-running Track 1.5 discussions on cybersecurity with the China Institutes of Contemporary International Relations. He has served on several Federal Advisory Committees, including as chair of the Committee on Commercial Remote Sensing, as well as member of the Committees on Spectrum Management and International Communications Policy and the State Department’s Advisory Committee on International Communications and Information Policy, and as an adviser on the security implications of foreign investment in the United States. Lewis has authored numerous publications since coming to CSIS on a broad array of topics, including innovation, space, information technology, globalization, deterrence, and surveillance. He was the director for CSIS’s Commission on Cybersecurity for the 44th Presidency and is an internationally recognized expert on cybersecurity who is frequently quoted in the media. He has testified numerous times before Congress. Lewis’s current research examines the effect of technology on warfare and how the Internet has changed politics. He received his Ph.D. from the University of Chicago.

** ** **

April 18, 2014

Edward Snowden, perhaps under duress, recently participated in a call-in program where selected viewers can pose pre-screened questions directly to Vladimir Putin. Snowden asked President Putin,
“Does Russia intercept, store or analyze in any way the communications of millions of individuals?” Putin denied Russian mass surveillance, saying
“Thank God, our special services are strictly controlled by the state and society, and their activity is regulated by law.”

Three programs, SORM-1, SORM-2, and SORM-3, provide the foundation of Russian mass communications surveillance.

Russian law gives Russia’s security service, the FSB, the authority to use SORM (“System for Operative Investigative Activities”) to collect, analyze and store all data that transmitted or received on Russian networks, including calls, email, website visits and credit card transactions.

SORM has been in use since 1990 and collects both metadata and content. SORM-1 collects mobile and landline telephone calls. SORM-2 collects internet traffic.  SORM-3 collects from all media (including Wi-Fi and social networks) and stores data for three years.

Russian law requires all internet service providers to install an FSB monitoring device (called “Punkt Upravlenia”) on their networks that allows the direct collection of traffic without the knowledge or cooperation of the service provider. The providers must pay for the device and the cost of installation.

Collection requires a court order, but these are secret and not shown to the service provider.  According to the data published by Russia’s Supreme Court, almost 540,000 intercepts of phone and internet traffic were authorized in 2012.

While the FSB is the principle agency responsible for communications surveillance, seven other Russian security agencies can have access to SORM data on demand. SORM is routinely used against political opponents and human rights activists to monitor them and to collect information to use against them in “dirty tricks” campaigns. Russian courts have upheld the FSB’s authority to surveil political opponents even if they have committed no crime. Russia used SORM during the Olympics to monitor athletes, coaches, journalists, spectators, and the Olympic Committee, publicly explaining this was necessary to protect against terrorism. The system was an improved version of SORM that can combine video surveillance with communications intercepts.

SORM is buttressed by regulations that limit the use of encryption, and restrictive internet laws that allow the Government to shut down websites it finds objectionable. Russia has a national filtering system that can block foreign sites and it has used the threat of blockage to coerce western companies into removing objectionable postings. Russian agencies such as “Roskomnadzor” (Agency for the Supervision of Information Technology, Communications, and Mass Media) provide the name and address of websites to be blocked to internet service providers, who must take action within 24 hours. Russia monitors foreign communications using techniques used by NSA and China. Wireless and landline communications are monitored in major capitals: American officials believe that Russia chose to build an Embassy complex on a hill in Washington D.C., for example, to improve interception of mobile communications.



The documents were found on an unprotected backup drive owned by an employee of Nokia  Networks (formerly Nokia Siemens Networks), which through a decade-long relationship maintains and upgrades MTS’s network — and ensures its compliance with SORM.
Russia – network on internet companies – SORM surveillance


2012 – 2014 – The Russian Prime Minister Dmitry Medvedev has signed a decree that will extend the use of SORM-2 to social network surveillance.    It’s known that the Russian Government is applying a strict surveillance on the Internet within the country, the Kremlin has developed a system code named “SORM-2” to monitor Russian citizens.

Russia – SORM surveillance . . 123


The Russian law and surveillance system SORM is becoming more and more frequently used. In fact several “-stan-countries”, eastern Europe and Asian countries have more or less copied the Russian law and system, implementing it into their own laws and regulations. According to statistics published by a NGO on the Russian Supreme Court, the number of legal telephone and email intercepts in Russia have doubled, from about 266,000 intercepts in 2006 to almost 540,000 in 2012.

Russia – SORM1-2-3 surveillance . . . (privacy)
** ** **

A number of sources provide information on Russian surveillance activities, including (, Citizen Lab (, Reporters Without Borders (, Privacy International ( and (albeit with dated material) the Federation of American Scientists (

Een gedagte oor “Russia – SORM-1, SORM-2 and SORM-3”

Laat 'n boodskap

Verskaf jou besonderhede hieronder of klik op 'n logo om in te teken: Logo

Jy lewer kommentaar met jou rekening by Log Out /  Verander )

Google photo

Jy lewer kommentaar met jou rekening by Google. Log Out /  Verander )

Twitter picture

Jy lewer kommentaar met jou rekening by Twitter. Log Out /  Verander )

Facebook photo

Jy lewer kommentaar met jou rekening by Facebook. Log Out /  Verander )

Connecting to %s