Mobile operators are enabling the “Internet Protection” service en masse without subscribers’ explicit consent. The operators present it as a measure against phishing and scammers. In fact, it functions as in-network filtering that blocks not only suspicious resources but also legitimate websites, cloud storage services, gaming servers, and VPN connections. The Ministry of Digital Development has confirmed this policy, justifying the restrictions as “data security.” While the service can be disabled, doing so requires deliberate action, and the process for doing so is not always straightforward. Overall, the practice of operators imposing services has long been widespread, but whereas previously it was done for profit, now it is being used for censorship.
Censorship-as-a-Service
Operators have enabled filtering without asking. In late April 2026 (reported on April 25th, 2026), large numbers of subscribers began reporting a sudden loss of access to specific websites and services, despite having a positive balance and a stable network signal. It turns out, major Internet Service Providers (ISPs) have installed an activated a so called “Internet Protection” as an opt-out. Some users learned about it from SMS notifications from the operator, while others only realized it when they could no longer access familiar resources.
Not only phishing pages are affected. Users have reported the blocking of cloud storage services, corporate VPNs, gaming servers, and resources not listed in the Roskomnadzor registry. The system produces false positives, leaving subscribers without any clear explanation: their smartphones simply display a “connection timeout” error.
The Ministry of Digital Development confirmed the shift toward restrictions, explaining the blocking of access to Russian services via VPN as being due to “data security requirements.” The ministry announced plans to add a button to the Gosuslugi (Russian e-gov services) web portal for reporting the unavailability of services.
How ‘Censorship-as-a-Service’ works. “Internet Protection” is a Deep Packet Inspection (DPI)-type functionality on the ISP side. It automatically checks the addresses a device attempts to reach against ‘threat’ databases. If there is a match, traffic is blocked or drops with a timeout, without notifying the user.
Connection to existing censorship infrastructure
This is not a new mechanism built from scratch. Operators already use similar systems to comply with Roskomnadzor requirements. “Internet Protection” is built on top of the existing TSPU (Technical Means of Countering Threats) infrastructure. The difference is that filtering is now marketed as a “security service” rather than a regulatory requirement. In practice, this gives operators greater latitude. At the same time, it also saves international traffic.
Legal ambiguity. According to current telecommunications service rules, any change to the set of enabled options, even free ones, requires the subscriber’s explicit consent. Operators interpret “Internet Protection” not as a new service, but as a “modernization of the basic network security protocol,” which allegedly removes this requirement. Historically, the Federal Antimonopoly Service (FAS) has fined companies for imposed subscriptions, but in this case the issue remains open, and it is unlikely the FAS will risk siding with consumers this time.
Comments
Operators insist that they act in the interests of subscribers and reduce financial losses from fraud. Unofficially, they acknowledge that the preventive activation of the filter also reduces their own exposure to customer lawsuits.
The Ministry of Digital Development frames the situation within the rhetoric of “data protection” and a “safe internet,” without explicitly naming the restriction of VPNs as the goal.
Lawyers and human rights advocates point to a violation of the principles of informed choice and net neutrality. If the filter blocks phishing today, tomorrow the same infrastructure can be used to quietly restrict access to independent media, messengers, or VPN services.
Ecosystem Effects
Filtering lacks transparency. Users cannot see which list was triggered, who maintains it, or how to challenge the blocking of a specific resource.
Operators gain more data. The traffic analysis system enhances the ability to profile subscribers and provides a ready-made infrastructure for expanding restrictions.
This is an additional layer, not a replacement for the existing ones. “Internet Protection” is layered on top of Roskomnadzor blocking, “whitelists” for services, and the newly introduced billing for international traffic. Combined, this makes access to the open internet an exception that requires conscious technical effort.
The Ministry of Internal Affairs is intensifying the rhetoric. In parallel, Russia’s Ministry of Internal Affairs has urged citizens not to follow links outside the .ru and .рф domain zones, creating additional informational pressure in favor of the “sovereign” internet.
Mitigation
Inform users to disable the service. As long as “Internet Protection” is listed as an option, it can be disabled in the ISP’s web portal or mobile app. Look for sections such as “Security,” “Fraud Protection,” or “Additional Services.” If the toggle doesn’t work, contact support in writing and keep a record of the correspondence. As strange as it may sound, users may want to submit official complaints about the actions of telecom operators to the Federal Antimonopoly Service, Rospotrebnadzor, and… Roskomnadzor.
Documenting. You might want to inform the users to take screenshots with timestamps and record exactly which specific resources are inaccessible. This is important both for complaints to the Federal Antimonopoly Service and Rospotrebnadzor and for human rights organizations that document access restrictions. Write to us about your observations.