Roskomnadzor warned communications providers that their networks could be equipped with uncertified Google servers. The government institution learnt about the use of these devices from the FSB.
Roskomnadzor has sent information that Google is installing uncertified Google Global Cache servers, used to increase the speed of access to Google resources, on the networks of Russian Internet providers to operators across the country. This is stated in the letters of Roskomnadzor offices in the Kurgan, Lipetsk and Vladimir regions (copies of all documents are at the disposal of RBC, their authenticity was confirmed by employees of two regional Internet providers). Two letters say that information about the use of uncertified Google Global Cache servers was obtained by Roskomnadzor from the FSB.
Roskomnadzor warned providers that installment of this equipment without certificates of conformity would entail responsibility under Art. 13.6 of the Administrative Offences Code, the maximum penalty for legal entities under which is up to 300 thousand rubles ($5.1 thousand).
“To ensure the integrity, stability of operation and security of the unified telecommunications network of Russia, it is obligatory to confirm compliance with the imposed requirements for communication equipment used in the public access network”, notes the letter of Roman Biryukov, acting Head of Roskomnadzor directorate for the Lipetsk region.
Roskomnadzor spokesman Vadim Ampelonsky said that the central office had indeed informed its territorial bodies about the use of uncertified tools. Google did not respond to the request of RBC.
Source of irritation
The senior officer of one of the Big Three operators, as well as the Head of the company dealing with communications, argue that Google Global Cache servers are not a means of communication, and therefore should not be certified at all. “According to the list of communication facilities subject to mandatory certification, Google Global Cache servers are not featured among the facilities that are subject to mandatory certification,” – confirms the director of non-profit organization Internet Protection Society Mikhail Klimarev. He remarks that the logic of mandatory certification is to ensure the operability of telecommunications networks, and that the different equipment of one operator works together with networks and equipment of other operators. Therefore, the obligatory certification is applicable to communication facilities, radio communication equipment etc. “Such Roskomnadzor warnings are a direct violation of the current legislation – they are not eligible to demand what is not prohibited and not stipulated in the regulatory framework,” Klimarev said.
The officer of one of the operators of the Big Three adds that the installation of these servers is not performed by subsidiary Google LLC, as Roskomnadzor writes, but a unit of the global Google. This is also confirmed by the director for strategic projects of the Internet Research Institute Irina Levova: “As far as I know, it is the global unit of Google that is responsible for Google Global Cache, not Google LLC.
“As a matter of fact, Google Global Cache is the gateway for any content to get to Russian users. Data transfer between Google Global Cache and Google servers is encrypted. Therefore, when installing Google Global Cache inside the lock system, it is technically impossible to block Google content,” says Sergei Nikulin, managing director of Internet provider Ecotelecom. He notes that Google Global Cache servers are installed by Google at their own expense, do not belong to a provider and are not managed by it, but at the same time they work within its network. “These facts, apparently, cause irritation of the regulator and are an obstacle to certification,” says Nikulin.
Google Global Cache servers are designed to reduce the load on the communication network and are installed by Google in the networks of large Internet providers. Servers for some time retain the content that the user requested, for example, a video from YouTube. In the future, if another user wants to view this video, it will be transferred to him from the internal network of the provider from the Google Global Cache server instead of from the Google data center. For the user, this increases the speed of access, and helps the operators to reduce the amount of cross-border traffic and, as a result, the network infrastructure expenditures. According to the estimation of the top manager of one of the Big Three operators, now about 30% of all traffic in networks of the operators is accounted for by Google resources.
“A large federal communications operator has a huge number of caching servers from Google,” says a representative of one of the operators. – If we imagine that it will be necessary to refuse from all of them, then a serious load will fall on the servers of Google itself, which stand, in particular, on MSK-IX (the largest traffic exchange point in Russia located in Moscow), as well as on foreign junctions between our and foreign providers,” he says.
Leading expert of the Internet Technical Center Dmitry Belyavsky notes that Google Global Cache is unlikely to pose any threat to users or network security. “According to Google – and this is the only thing we can rely on – Google Global Cache forms a geographically distributed network infrastructure (CDN – Content Delivery Network). This is not a threat to users: Google Global Cache is just a caching server designed to reduce the load when popular resources are accessed. In this case, it is beneficial for everyone – distribution always greatly increases the reliability and stability of the system. Security problems can arise if attackers are able to interfere with the interaction of these servers with the central servers of Google, but I tend to expect an increase in overall reliability or at least not a decrease. An additional collection of sensitive, primarily personal, data is also not included,” says Belyavsky.