SORM was first implemented in 1995, requiring telecommunications operators to install FSB-provided hardware allowing the agency to monitor users’ communications metadata and content, including phone calls, email traffic and web browsing activity, despite the low internet penetration rate at the time.
Under SORM‑2, Russian Internet service providers (ISPs) must install a special device on their servers to allow the FSB to track all credit card transactions,[2] email messages and web use.
[citation needed] In July 2000, Russia's Minister of Information Technology and Communications Leonid Reiman issued the order No 130 "Concerning the introduction of technical means ensuring investigative activity (SORM) in phone, mobile and wireless communication and radio paging networks" stating that the FSB was no longer required to provide telecommunications and Internet companies documentation on targets of interest prior to accessing information.
[4] Roskomnadzor, a federal executive body responsible for media control, reported that several local ISPs were fined by the government after they failed to install FSB-recommended SORM devices.
[11] On January 5, 2000, during his first week in office, President Vladimir Putin amended the law to allow seven other federal security agencies (next to the FSB) access to data gathered via SORM.
The security service calls on the special controller at the FSB headquarters that is connected by a protected cable directly to the SORM device installed on the ISP network.
[17][18] In a unanimous Grand Chamber decision, the Court ruled that Russian legal provisions "do not provide for adequate and effective guarantees against arbitrariness and the risk of abuse which is inherent in any system of secret surveillance."