WOBURN, Mass.--(BUSINESS WIRE)--Kaspersky Lab is opening a Transparency Center in Madrid, which along with a transparency center opened in 2018 in Zurich, will serve as a trusted facility for the company’s partners and government stakeholders to come and check source code of the company’s products. In addition, the company is publishing the results of an independent legal analysis of the company’s obligations to adhere to Russian legislation related to data processing.
The center will open for its first visitors in June. Its development is part of the company’s Global Transparency Initiative – a set of measures being brought to life in order to fulfill growing demand from partners and government stakeholders for more information on how Kaspersky Lab’s products and technologies work.
Along with being a place to undertake “standard” source code review, the Spanish facility will also serve as a briefing center, where visitors can learn more about the company’s portfolio, engineering and data processing practices.
This information will be delivered in an easily accessible way. The company has developed a review system, which offers multiple review options, from a general non-technical overview of the company’s engineering practices and data protection standards, through to a deep and comprehensive review of the critical parts of the company’s source code. More information about the available options can be found on the Transparency Centers website.
In addition to the opening of the new Transparency Center, the company is publishing the results of a voluntary third-party legal assessment aimed at providing an independent evaluation of the obligations the company adheres to in line with Russian legislation. The assessment was conducted by a prominent Russian and international law expert, Dr. Kaj Hober, Professor of International Investment and Trade Law at Uppsala University in Sweden.
The analysis covers three Russian laws related to data processing and storage*, which were widely reported as the ones with which Kaspersky Lab is obliged to comply. The results following the analysis are freely available online and provide an unbiased and fair legal assessment to the company’s customers and partners looking for reliable information about Kaspersky Lab. Based on Dr. Kaj Hober’s review, the company does not fall under obligations of those legal acts primarily due to the nature of its activities.
“We see that businesses are most concerned about sensitive questions relating to data management processes – how data is stored and processed, and what the company does to keep users’ data safe,” said Anton Shingarev, vice president for public affairs at Kaspersky Lab. “To meet those needs, we decided to open an additional Transparency Center where European clients, governments and regulators can receive answers to all their questions. This motivation was also behind our initiative to conduct a legal assessment.
“We understand that in the current geopolitical climate, when different countries create very different laws related to data processing, some of our partners and clients need as much information as possible in order to make the best possible choice of cybersecurity products and services. We are happy to provide them with such information because this is what the Global Transparency Initiative was originally created for. We are also happy to continue to extend the scope of the initiative and increase the number of measures supporting it,” Shingarev added.
Kaspersky Lab’s Global Transparency Initiative was announced in October 2017 and continues to make progress. In particular, the company:
- Started relocating customer data storage and processing infrastructure from Russia to Switzerland. Since November 13, 2018, threat-related data coming from European users is being processed in two data centers in Zurich. The relocation of file processing is expected to be complete by the end of 2019.
- Has been working with one of the Big Four professional services firms on an audit of the company's engineering practices around the development and release of its anti-virus bases. This has the goal of independently confirming Kaspersky Lab’s adherence with the highest industry security practices. A final SOC 2 (The Service and Organization Controls) report for this assessment under the SSAE 18 standard (Statement of Standards for Attestation Engagements) is planned for Q2 2019.
- Has been developing the Bug Bounty program. Since the announcement of the program’s extension, the company resolved more than 50 bugs reported by security researchers and awarded more than $17,000 in bounty rewards. The company recently extended the scope of products available for review, giving security researchers the possibility to research Kaspersky Password Manager and Kaspersky Endpoint Security for Linux, among others.
Kaspersky Lab believes that today’s ultra-connected global landscape requires increased transparency and continues to implement concrete measures that further demonstrate our enduring commitment to assuring the integrity and trustworthiness of the company’s solutions in the service of our customers.
Learn more about Kaspersky Lab transparency principles and the Global Transparency Initiative here: www.kaspersky.com/about/transparency
*Federal Law No 40-FZ of 3 April 1995 On the Federal Security Service, as amended; Federal Law No 149-FZ of 27 July 2006 On Information, Information Technologies and Protection of Information, as amended; Federal Law No 144-FZ of 12 August 1995 On Operational-Investigative Activity, as amended.
About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company, which has been operating in the market for 21 years. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.