Kaspersky to move data from Russia to Switzerland to improve transparency
Kaspersky Lab has announced that it plans to move data out of Russia and into a new data center in Switzerland. The move is part of the company's Global Transparency Initiative which came in response to concerns about ties to the Russian government.
Software produced by Kaspersky has already been banned from US government systems, and the company has been on a mission to prove that Russia is not spying on other countries via its antivirus tools.
See also:
- Twitter bans Kaspersky Lab from buying ads
- Kaspersky Lab plans Swiss data center to quell fears about Russian connections
- Kaspersky sues Trump administration over government software ban
The announcement is in line with what Kaspersky said it planned to do two months ago. The company says: "We are relocating a good part of our infrastructure to Zurich, Switzerland, including the 'software assembly line' and servers that store and process Kaspersky Security Network data, and creating our very first Transparency Center."
The aim is to move the software assembly line to Switzerland by the end of this year, with user data moving to Swiss servers by the end of 2019.
Kaspersky says that the move is being made to help increase trust in the company:
The most important goal of our Global Transparency Initiative is to establish all reviewing processes in such a way that there will be no need to rely on our word alone about the integrity of our products, updates, detection rules, data storage, and things like that. Responsible stakeholders from government and private organizations with relevant expertise will be able to review our software to make sure everything works as expected.
At the Data Transparency Center, "trusted partners and government stakeholders" will be able to access source code and data such as:
- Secure software development documentation,
- The source code of any publicly released product (including old versions),
- Threat detection rule databases,
- The source code of cloud services responsible for receiving and storing the data of customers based in Europe, North America, Australia, Japan, South Korea and Singapore,
- Software tools used for the creation of a product (the build scripts), databases, and cloud services.
The company says that everything will be overseen by a third-party, but does not reveal anything about it. It adds: "The data of our customers from the US, Europe, Japan, Korea, Singapore and Australia will henceforth be stored and processed in Switzerland. More countries will follow."