The Russian Government's System for the Operation of Investigative Activities

The System for the Operation of Investigative Activities (Система оперативно-разыскных мероприятий, or SORM) is a comprehensive and opaque surveillance infrastructure embedded deep within the telecommunications networks of the Russian Federation. Since its inception in the 1990s, SORM has evolved into a sophisticated tool for state control, intelligence gathering and political repression. Although nominally established to support law enforcement and counterterrorism efforts, SORM today functions as one of the most intrusive and unchecked surveillance regimes in the modern world, with profound consequences for civil liberties, freedom of expression, and democratic accountability.

Origins and Evolution of SORM

SORM was initially developed by the Federal Security Service (FSB), the successor to the Soviet-era KGB, during the early years of post-Soviet Russia. The first version, SORM-1, was introduced in 1995 and required all telephone operators to install equipment that would allow the FSB to intercept voice communications directly, without the service provider’s knowledge of the specific targets.

In 1999, SORM-2 expanded these powers to include internet traffic—emails, web browsing history, and online communications such as chat logs. This coincided with the rise of the internet in Russia and the Kremlin’s growing awareness of the political power of digital technologies.

The most recent iteration, SORM-3, introduced in the 2010s, added the capability to aggregate metadata and content from a vast array of sources—including mobile apps, cloud services, and social media platforms—into a centralised monitoring hub. SORM-3 enables real-time analysis and retrospective search of digital footprints. Telecommunications operators are legally obliged to install government-approved black boxes at their own expense, allowing the FSB direct access to data streams without judicial oversight.

Legal Framework and Lack of Oversight

Although SORM is formally justified as a counterterrorism and anti-crime measure, its legal framework is alarmingly permissive. Russian law technically requires a warrant for surveillance, but in practice the FSB does not need to show this warrant to service providers. The operators simply comply with automated data extraction protocols. There is no independent mechanism for reviewing whether surveillance is justified or proportionate.

Russia’s 2016 “Yarovaya Law” reinforced SORM’s authority by mandating that all communications providers store the content of messages and metadata for up to six months, and grant the FSB access upon request. The law also requires mandatory backdoors in encrypted communication services, further eroding any semblance of privacy or digital autonomy. Messaging platforms that refused to comply, such as Telegram, were temporarily banned, although enforcement was inconsistent and frequently circumvented.

SORM in Practice: Suppression of Dissent

While the official narrative insists that SORM is a tool for national security, its practical application has increasingly targeted journalists, opposition figures, minority groups and ordinary citizens. During protests and election periods, SORM has been used to monitor organisers’ phones, intercept communications, and pre-emptively detain individuals suspected of anti-government activity. The FSB and Ministry of Internal Affairs routinely rely on SORM to compile dossiers on political activists and dissidents, often using trivial infractions or manipulated evidence to justify criminal charges.

Cases have emerged of anonymous internet users being identified and arrested for “extremist” social media posts, largely as a result of surveillance through SORM-enabled metadata analysis. The broad and ambiguous definition of extremism in Russian law allows authorities to interpret criticism of the government, LGBTQ+ advocacy, or anti-war sentiment as grounds for investigation.

Moreover SORM is increasingly being integrated with facial recognition and other biometric surveillance technologies in public spaces, especially in Moscow, creating a seamless mesh of digital and physical control.

International Comparisons and Export Potential

Though many states operate lawful interception systems, Russia’s SORM stands out due to its lack of independent oversight, the direct and unaccountable access of security agencies, and the broad scope of its surveillance. It resembles a hybrid of China’s Great Firewall and America’s NSA surveillance, but with fewer institutional constraints and more direct political motivations.

Of increasing concern to international observers is Russia’s promotion of “digital sovereignty” and the potential export of SORM-style technologies to authoritarian allies and clients in Central Asia, the Middle East and Africa. As part of its geopolitical strategy the Kremlin has encouraged the adoption of its surveillance model abroad, offering technical assistance and training.

The Human Rights Dimension

Numerous human rights organisations, including Human Rights Watch, Reporters Without Borders, and the UN Special Rapporteurs on freedom of expression and privacy have condemned SORM as a violation of international law. The European Court of Human Rights has ruled against Russia in multiple cases involving unlawful surveillance and lack of legal redress for victims. Nevertheless the system remains entrenched, backed by a political regime that sees dissent as existentially dangerous.

The implications of SORM are profound: it normalises a climate of fear, encourages self-censorship, and undermines the possibility of free and fair democratic discourse. It also raises critical questions for foreign companies operating in Russia, particularly those in telecommunications and IT, who are forced to collaborate—willingly or otherwise—with SORM infrastructure.

A Tool of Control, Not Justice

SORM is not merely a surveillance system—it is a political weapon wielded by an increasingly autocratic state. While it is ostensibly intended to protect the public from threats, in practice it serves to insulate the Kremlin from political challenge, chill public discourse and intimidate civil society. As Russia’s digital authoritarianism deepens, SORM represents the architecture of a state at war with its own people: silent, invisible and totalising. Understanding its function and scope is critical for those seeking to defend democratic freedoms not just in Russia, but wherever authoritarian regimes seek to emulate her model.