On the habr sites more than once (see
here and
here ) there were articles about how to
protect yourself from replacing the sim card . But, despite the fact that all these tips are practical, they have one weak and at the same time very significant place, which from a legal point of view is called the good faith of one of the parties, i.e. provider.

I will describe on my own real experience, since practice is the best confirmation of the theory, with reference
to the current legal acts , as well as a number of precedents that have been formed in recent years.
The purpose of the article is simple - to give people who do not have special legal knowledge a short list of rules that save mobile operators , in particular, MTS,
from arbitrariness , because they can
replace sims not only without your knowledge, but even
without a fake passport and simply by agreement with employee , i.e. technically there's nothing to help here.
')
In preparing the lawsuit, I studied several dozens of forums in which typical questions on the regulatory framework were repeated. I tried to present them in a systematic way.
Attack
The history is banal (from the standpoint of statistics), sad (the process is in progress) and not fair (because it has spent a
lot of time on the protection and distribution of funds). In general, the plot is quite simple, but differs in 3 important signs (see below, if interesting) from 90% of cases and this is what: 1. knew about the possibility of replacing the sim, because I had to advise others on this occasion more than once; 2. all possible security measures (switching to other methods of two-factor authorization, using a “clean” smartphone for payments, complex login passwords, transaction notifications, separation of reserves, limits, etc.) applied, but this did not help, since at the time of the theft, he was in a deep sleep and all the information was banal leaked by people, the secrecy of the data did not save; 3. No one is insured against a confluence of circumstances, I was convinced of this recently, when one of my acquaintances, who criticized me after a loss, was himself a victim of a similar substitution and with far greater losses.
Events before hacking. Briefly.In March of the current year I went to the gym: it usually takes 1.5-2 hours. Then, as usual, I went home, which takes another 20 minutes. Total, along with the road (traffic jams and other things) took about 2.5-3 hours. Arriving home, changed clothes. Dinner and remembered that I need to make a payment through the bank client. He sat down and tried to go. SMS did not come. I went through a one-time password application. But I noticed that the Internet on a smartphone, where only payment applications, antivirus and browser are, does not work.
There was no communication on the phone.
For such cases, there is always at hand 2 telephones of the “small-brick” format, in which the numbers of those are clogged. support of the bank, cellular operators (at that time there were 4 SIM cards and 3 operators), the management company and everyone who might need it when one of the phones disconnected at the wrong time.
I phoned, as it usually happens, not immediately, but relatively quickly: in about 7-10 minutes. The support employee is a young boy, checked my data and reported that the sim card on the phone is faulty, since he does not see any other reasons for its inaccessibility.
Here I must say that sim'ka, however, was not new, although I take care of the equipment with care, but I have 2 children and do not anticipate everything with them, although I constantly try. Yes, and there was already one case where the sim-card simply “demagnetized” (a term from a particular case and technically not true according to the remark of one of the participants, which is true) for no apparent reason (she was only 2 years old).
Once again, I clarified that there are no other reasons for not working the network. And, thanking the support operator, ended the call. I decided to go and change the sim right away. But there was one problem: I usually finish the work at 18.00, and taking into account all movements, even Euroset was closed, which, however, does not work with MTS, and it would not help with the replacement.
Then he played with the children and went to bed, because pretty exhausted that day. Yes, and there was nothing to worry about: I had a bit of money in the accounts and they all hung on different banks and electronic wallets with different accesses, on different sims. But in the morning I was in for a surprise and a very unpleasant one: from my Yandex. The purse was stolen several tens of thousands of rubles (an acquaintance from Moscow returned the debt 2 days earlier; at night, in my time zone), and from one of the kiwis - about 5,000 more. The amount was not critical, but rather large.
I realized that the sim was changed, and going to work (it was necessary to sign the documents), I went to the first opened MTS salon. But there was a repair. I had to go to the head, where there are always a lot of people and wait another half hour. Then the most important thing began.
Protection
I will not retell all the vicissitudes and circles of bureaucratic hell that I had to go through, as it may not be interesting (and if it is, I’m ready to talk separately), but I’ll dwell only on effective standards in case of theft of electronic money, non-cash funds in online the bank and from the balance of the phone
when replacing the SIM card due to the fault of the operator .
1. MTS (like many other operators) works through an intermediary: CJSC “Russian Telephone Company” on behalf of and at the expense of PJSC “MTS” performs the conclusion of contracts. Article 1005 of the Civil Code. In practice, this means that it is MTS that is liable under contracts with subscribers. In addition, RTK does not have a license to provide communication services, that is, otherwise (if the responsibility was not assigned to MTS) an agreement on the basis of, for example,
Art. 168 of the Civil Code , it was possible to recognize as invalid.
This is very important because they will force you (the word is chosen with a 100% assessment of the content) in case of sim replacement, write an application to the RTK, then to say that the RTK did not change the sim card, since Actually the action is carried out by MTS And exactly the opposite in the opposite case.
But the
terms of the Law "On Communications" and the Government Decree "On the procedure for the provision of telephone services" of 09.12.14 No. 1342 are
limited to filing a complaint and
are 6 months . This is the main method of the cellular giant: to drag out time, so that later, on procedural grounds, cancel any court decision. Therefore, you have to act quickly, although not everything is so easy.
2. What rules to use for protection? I will list not everything, but this list is quite broad (only excerpts are presented, since the full text can be easily found in the public domain):
- Art. 23 of the Constitution of the Russian Federation (which, as you know, has direct effect, you can refer, for example, to the Resolution of the Plenum of the Supreme Court of the Russian Federation of October 8, 1995, No. 8 (edition 03.03.15)): “everyone has the right to privacy of correspondence , telephone negotiations ... other messages . " The reference to the Constitution means that not just rights have been violated, but human and civil rights, i.e. those that, from a formal, legal point of view, have the highest value for the legislator.
- Federal Law "On Communications" : Art. 44 "... before obtaining the consent of the subscriber", i.e. the operator is obliged to provide all the data that was communicated to the third person only to you. In addition, "the person acting on behalf of the telecom operator, when concluding an agreement on the provision of services ... is obliged to enter in it information about the subscriber." And then - the most important thing: “the telecom operator is obliged to verify the accuracy of the subscriber’s information ”. Also Art. 53: “the obligation to provide evidence of obtaining the consent of a subscriber-citizen ”. Moreover, par. 1 p. 1. Art. 53 stipulates the confidentiality of information. Details on this concept can be found in paragraph 7 of Art. 2 of the Federal Law of July 7, 2006 No. 149-FZ “On Information ...” , as well as on the preservation of the regime - in part 2 of Art. 9 of the same 149th law. Particular attention should also be paid to par. 4 p. 2 Art. 53 of the Federal Law "On Communications".
- Federal Law "On Consumer Protection" : Art. 7 “the consumer has the right to the goods (work, service) under normal conditions ... not cause harm to the property of the consumer”. What property is explained in Art. 128 of the Civil Code of the Russian Federation : “... property, including non-cash money”. And why e-money is a non-cash, explains the Federal Law of the Russian Federation “On the National Payment System” : a systematic interpretation of paragraph 12, 18 and 19 of Art. 3. In addition, there is art. 13 which stipulates the amount of damages and a fine imposed on the organization that refused to voluntarily reimburse them. And finally, art. 17, which will help to file an application to the court at the place of its location.
- Federal Law “On Personal Data” : Art. 5 - “when processing personal data, the accuracy of personal data, their sufficiency ... and relevance must be ensured”. You should also specify and Part 1 of Art. nineteen.
- The Federal Law “On Licensing ...” : you should not go far here, you can limit yourself to art. 2: "Licensing of certain types of activities is carried out in order to prevent damage to the rights, legitimate interests, life or health of citizens." You can not be limited.
- And, of course, so beloved by the state bodies of the Federal Law "On Counteraction" No. 115-FZ, since MTS is registered with RosFinMonitoring and, accordingly, is obliged to comply with the requirements of this regulatory act, as well as all other acts and requirements of the RPF. In particular, for this purpose, internal control rules are developed and other measures are taken to prevent fraud. That's only when it comes to blocking subscribers with or without an issue - MTS is in place, and when it’s necessary to keep customers’s funds and customers calm, they don’t. Art. 1, 4, etc.
- Decree of the Government of the Russian Federation of December 9, 2014 No. 1342 “On the procedure for the provision of telephone services” (hereinafter referred to as Resolution No. 1342) - “The telecom operator is obliged to ensure the observance of the secrecy of telephone conversations ....”. It is better to read it in full, since it specifies rules that are specific to the more abstract ones in the Federal Law.
- MTS official website : 3.1.2. Not to disclose, not to transfer information to third parties about the Subscriber ... ”().
- MTS official website: “... under subscription agreements concluded by a Commercial Representative on behalf of MTS, acquires rights, becomes obliged and liable to MTS” ( http://static01.mts.ru/uploadmsk/contents/1762/2_MTS_annual_report_2012_annex_2_rus.pdf )
- The MTS Declaration “On the Protection of Subscribers from Cyber ​​Threats” , which has remained so.
- This is not all: in the claim list I took 2 pages, and its volume in initial form was more than 120 pages. In the final - 68.
3. Judicial practice:
By the way, there are solutions in favor of MTS, but a) there are fewer of them, b) 90% of them are on procedural grounds and c) I see no point in them in this article.
Incidents without court decisions (at least I didn’t find everything and couldn’t relate everything). They can be used as evidence of bad faith MTS:
- Crash when unauthorized replacement of SIM cards (hereinafter - NZS);
- Withdrawal from the bank due to NZS.
- Withdrawal from SC due to NZS, refund.
- Analogy about Megafon and a story from eyewitnesses about MTS. I do not recommend initiating a criminal case against the MTS: it will be necessary to single out a specific individual (as according to Article 19 of the Criminal Code of the Russian Federation - “only a sane individual who has reached the age established by this Code” is criminally liable), and this is not so easy as it seems. Against scammers - please.
- The fact that the MTS is always delaying the provision of evidence (I can confirm this by 100% and I will say more in detail below).
- About why the fight with fraud depends on MTS and by how much (a reduction of 3 times after taking action).
- If I understand correctly , this case was lost in court, because WebMoney is not electronic money, and initially the requirement for them was ill-advised: a lawsuit against MTS was necessary.
What else to pay attention to?
- Roaming: when you need an MTS, they track the movement of the subscriber and charge for it. In this case (replacement of my sim), they did not take into account that I could not drive over 600 km. in 2 hours, even by plane, since there are no direct flights to the city of sim replacement (Taishet), and no direct flights will take much longer. And it was possible to find out the location when calling for support.
- Conferences at which MTS spoke with statements about their “struggle” against fraud. There are a lot of them, referring to the corporation "good."
- MTS forced all SMS senders to conclude an agreement with final recipients of SMS in 2013. Therefore, all statements that they do not know where, to whom and where SMS are sent from are false (that is how they stated to me in the claim response). I myself signed such an agreement for two of my projects.
- MTS also claims that it does not know about the 3D-Secure technology, and there is even data on it on their website .
And here are a few remarks from my case with MTS:
- SMS to confirm operations use only “grandmother” (almost literal quotation from the first court session), i.e. two-factor authorization was invented specifically for this target audience.
- “Technical or other ability to influence the connection, provision or disconnection of the e-wallet services of MTS OJSC ... does not have”, which is certainly not the case from the technical point of view, because of the communication quality, the technical ability to deliver SMS, etc. d. it depends on whether I receive messages from the bank or NPO. Notice, for some reason we are talking about the technical aspect and precisely about the influence, and not the actual interaction.
- MTS does not consider the number and series of passport passport data (also from our first court session with them). At the same time, in my case, as well as other precedents, MTS did not have a statement from “supposedly me”, that is, it was impossible to establish in principle any scammer of my personal data. They also do not compare photos.
- MTS does not provide documents on time: in particular, at the request of the investigator, they still have not provided any data (since April). At the request of the court, they did not provide a record of my conversation with the operator of those. support, and in the final response to the complaint (which also came a month late), they told me that the data was deleted due to the expiration of the retention period and this despite the fact that they were twice notified by the court and repeatedly by me. While I will not even comment on how much this violation of rights. Just accept as a fact. In addition, for some reason, the answer to my request to the head office in Moscow came from Krasnodar (it was also possible to send it from Irkutsk and not to pull it), and I never received any data on e-mail in principle.
- MTS insists that the documents submitted through the offices of the RTK are not documents. sent mts. Reassure these comrades can be very simple: restitution. The word makes ninth-graders in the first lessons of the right smile, but in fact means the consequences of the invalidity of the transaction, consisting in the return by the parties of everything received in the transaction. Simply put, since everything that over the years has passed through the RTK in favor of the MTS is not for the MTS, and it uses it, then it’s time to pay off and close the question by paying me interest on the illegal use of funds. This is a separate topic for a separate article, but briefly - this is my legal IMHO.
It may seem that there are too many articles, and links are superfluous, but if it comes (and, as practice shows in recent years, the likelihood is higher than it seems) before the trial, then it is better to be in all weapons. In the continuation of the article - I will try to tell you about the protection of the interests of my clients in banks and payment systems. In the meantime, everything. Ready to answer questions.
PS Remember that there is no absolutely protected system: nowhere, never, no one. And the data in this article to one degree or another concern all operators, banks and other organizations. Actually, it amazes me how badly the antifraud works for tens of millions of rubles (supposedly) bought by credit organizations, telephone companies, etc. For example, as experience has shown: Yandex.Money does not work in principle (probably, therefore, they opened a vacancy for a specialist in a profile): I, knowing how the protection algorithms should work, have never withdrawn funds anywhere. except for an account in one bank. Never. And I always worked with static IP when I made a conclusion. And what's more, I couldn’t fly from Irkutsk to Krasnodar in a couple of hours. This is only part of the mistakes that I will try to tell you about next time.