The interaction of providers with law enforcement agencies in Russia is not hidden and is subject to laws.
I work as a provider sysadmin. To obtain a license to carry out activities, it is necessary to organize a channel to the FSB, as well as install their hardware (the same SORM). Interestingly, the rules of interaction with the FSB provide that the provider does not know what kind of information the FSB monitors. In practice, this means that all Internet traffic, all calls go to their hardware, then they decide what to do with this stuff.
However, this applies only to the FSB. The Ministry of Internal Affairs (including department K), the prosecutor's office, the investigative department and other structures do not have access to traffic without a court order. Moreover, having a court sanction, these structures usually interact with the provider, and not with the FSB.
1. As part of the ORM (operational-search measures), they may well be put under control. Most likely, mail.ru will cooperate even upon a written request from the Ministry of Internal Affairs, if there are signs of a crime.
2. The Ministry of Internal Affairs most likely does not have access to traffic. It is one thing to request any information about subscribers, IP addresses, traffic, etc., which the provider can give even without a court order, based on a request, and another thing is to monitor all traffic. Such a provider is unlikely to allow without good reason.

Somehow asked a similar question. There is nothing wrong with that, people have such a job).
>>1. Communication operators are obliged to provide authorized state bodies engaged in operational-search activities or ensuring the security of the Russian Federation with information about users of communication services and about the communication services provided to them, as well as other information necessary to perform the tasks assigned to these bodies, in cases established by federal laws. laws.
en.wikipedia.org/wiki/SORM
habrahabr.ru/blogs/telecom/65924/

Everything is quite simple, neither the FSB nor the Ministry of Internal Affairs monitor all traffic, they would die sniffing all of it. In our country, for example, in the form of SORM, they brought not the latest freshness of the server, while the systems differ in legal entities and individuals. When a letter arrives that it would be necessary to help in the ORM, they make a mirror of the client's port on the port and they sit and sniff it. They get everything as you understand - tcpdump drives.
Also, FSB officers have access to billing and IT systems of large providers, here they already have their own logins and passwords. But accesses are just ordinary employees, find a login by IP, or vice versa, see the history of visits, from which equipment, passport data, etc.
So there is a technical possibility to sniff traffic, but you yourself can imagine its volume with a large operator, we have several hundred gigabits on each backbone node, so here you can imagine a piece of hardware for sniffing :))) But no one does this in practice , even on foreign channels there are no bugs, technically expensive and difficult :)

for some reason, the thought creeps into my mind that after all, it is better to discuss the most important things not in writing, but face to face ...

About SORM already here wrote. They can see everything, but what exactly SORM analyzes is classified information. There are opportunities to log any unencrypted information. And despite the sawing of the dough that was spent on this SORM, over the years that it exists, it seems to have been finished up to a working state.
They tried to hide the very fact of monitoring, but this is technically problematic.

Thanks a lot for the replies.
Content and accessible. It was especially interesting to learn about the box that the FSB puts up.
“Everything is quite simple, neither the FSB nor the Ministry of Internal Affairs monitor all traffic, they would die sniffing all of it ...”
This is not a question, if they can sniff, then they can. And here it is no longer possible to rely on the fact that “it is unlikely that they are sniffing at the moment - after all, this is such a hemorrhoids.” The same goes for sanctions. I don't think that in some cases comrades will bother to obtain sanctions, if even without sanctions it is possible to do what needs to be done.
And no one saw in what form the information is displayed for, so to speak, already the end user of SORM? :) What exactly do the comrades see on the monitors of their computers?
As I understand it, if the traffic goes via https or ssl, then the url is visible, but the content of the form that transmits the traffic is encoded is not visible, and if http, then both the url and the content are visible?
In fact, after studying this whole topic, no matter what they say, TOR seemed to me the most acceptable means. I tried to pick it up - no problem at all, even from under Windows, even from under Linux. The speed of course fell 10 times, but if it requires it, then to hell with it.
It's nice that tor and DNS requests are sent through their servers, and also that encryption and peers change regularly. In general, so far I have not noticed any obvious cons.
They wrote that the attacker’s machine can act as a peer, but the machine (if it is the first in the chain) does not see which site the client is requesting, and if the attacker’s machine is the last, then it does not see who is requesting the site. Also, the chain of three peers changes regularly and the encryption keys too.