Cybercrime and legal support of information security of China in the XX century

Varakina Margarita Igorevna PhD in Philosophy Professor, Department of Foreign Languages and International Communication, Samara University 443081, Russia, Samarskaya oblast', g. Samara, ul. Stara Zagora, 76 trofimova.elizavetta@yandex.ru Other publications by this author     Trofimova Elizaveta Sergeevna Educator, the department of Linguistics, Peoples' Friendship University of Russia Moscow, Miklukho-Maklaya Street, 10 trofimova.elizavetta@yandex.ru

Levchenko Yaroslava Aleksandrovna Master's Degree, the department of Business and Politics in Modern Asia, National Research University "Higher School of Economics", St. Petersburg Moscow, Miklukho-Maklaya Street, 10 trofimova.elizavetta@yandex.ru

As a result of the rapid development of computer technologies and their application in various spheres of our life, humanity has entered a new era of informatization, when a computer is a necessary tool in various spheres of human activity. The dependence of a person, and society as a whole, on computer and information systems is deepening. However, computer-related crimes, infringement of users' interests and dissemination of deliberately false and other dangerous information pose a serious threat to the security of the information system, as well as to the interests of the state, the rights and freedoms of citizens. Thus, the problem of legal protection of computer and information systems, prevention and counteraction to computer crimes becomes relevant for society and the state.

Computer crime (intellectual crime) refers to unauthorized access to computer systems and databases and causing damage, as well as the commission of a criminal offense by means of a computer. The characteristic features of such crimes are their closeness, intellectuality, diversity, duration and the serious danger they pose to society. English scientist N. Batley identified two types of computer crimes: in the first case, the computer is considered as an object of crime, and in the second — as an instrument of crime. In the first case, it is the theft of a computer and its components, hacker attack and various kinds of sabotage, the spread of computer viruses, etc.; in the second case, it is the sale of pornographic products and pirated computer programs, fraud on the Internet for the purpose of appropriating someone else's property, as well as money laundering.

The US Department of Justice qualifies the following types of computer crime: fraud and theft using a computer; unauthorized access to computer systems for the purpose of making changes to them or damaging them; unauthorized access to computer systems and databases.

From a practical point of view, it is quite difficult to generalize the computer crimes that exist today due to their extreme versatility and complexity. The Criminal Code of the People's Republic of China, which entered into force in October 1997, provides for five articles stipulating criminal liability for computer crimes. The Resolution of the Standing Committee of the National People's Congress of the People's Republic of China on the protection of computer networks, adopted in 2000, established criminal liability for 15 types of computer crimes. In practice, as a rule, the following types can be distinguished:

1. Network attack and computer system damage. To date, this type of offense includes such crimes as:

a) a hacker attack aimed at intercepting, destroying, changing and falsifying information stored in a computer, disrupting the normal functioning of a computer system and networks. Due to the spread of various kinds of programs on the Internet, a hacker attack can be carried out by people with superficial knowledge in the field of computer technology;

b) development and distribution of computer viruses. Since the development of the first computer virus, there has been a rapid growth of types of viruses and their modifications. The global Internet is an ideal platform for the spread of computer viruses. There are people who deliberately develop and distribute such viruses;

c) theft of information stored in a computer. At the moment, due to the lack of legal norms regulating software in the field of network administration, some programs such as "Trojan horse" can lead to the leakage of important information, thereby threatening the state interests;

2. Network fraud. As a rule, criminals spread deliberately false information about profitable business offers via the Internet in order to attract funds from potential victims. Cases of fraud by foreign criminals using various schemes have also been discovered in China;

3. Theft of funds from financial institutions by unauthorized access to computer systems. At the moment, it is the most popular type of crime with a variety of schemes. The main object of the crime is money, bank accounts and other financial documents. There have been cases of theft of someone else's bank account and credit card number with subsequent theft of money, as well as theft of traffic using someone else's name and password during registration. According to statistics, the amount appropriated by theft using generated credit card numbers in the world annually exceeds hundreds of millions of US dollars; in many cases, this kind of crime can be attributed to organized;

4. Online gambling and advertising of sexual services on the Internet. Criminals use the Internet as a tool. There are "virtual casinos" offering various types of gambling. Offering sexual services on the Internet is also a fairly popular type of crime;

5. Infringement of copyright and related rights, crimes against intellectual property. The progress of information and network technologies provides convenient means for piracy activities. As a rule, the offense is related to the sale of pirated copies of software products via the Internet, as well as infringement of rights, patents and trademarks, malicious registration of domain names, the use of trademarks and other trademarks similar to well-known brands;

6. Theft of information constituting a state secret is a threat to state security. Today, computer systems are easily exposed to computer attacks. Organizations and individuals can initiate penetration into the information systems of public services, steal information, then use it for hostile purposes, thereby creating a serious threat to state security;

7. Dissemination of information. This type of crime can include: distribution of pornographic products on the Internet, products that cause manifestations of racism and incitement to ethnic hatred, other information that threatens state security. Malicious information on the Internet is more accessible to a wide audience, therefore, creates a greater social threat. In China, there have been several cases of the dissemination of pornographic information on the Internet, mainly through pornographic sites, personal home pages and the commission of other criminal acts related to the dissemination of pornography. Due to the complexity of controlling the dissemination of this kind of information, certain difficulties are created for the investigation and collection of evidence and the qualification of a crime ^[13];

8. Encroachment on the privacy of a citizen. In the conditions of rapid development of information and network technologies, personal life is becoming more and more transparent. The protection of personal life and the development of information networks come into conflict. Forgery, dissemination of information infringing on the honor and dignity of a citizen, outright slander, lies, sometimes under a false name, disclosure of information about a person's personal life without any permission and other offenses can be attributed to this type of computer crime. ^[12]

To date, the implementation of pirated software products, fraud, corruption, theft and distribution of pornography are becoming quite popular types of crimes. It can be expected that with the popularization and development of computer networks, their negative sides will become more and more obvious: on the one hand, the number of information crimes is increasing, on the other hand, the number of computer–related crimes is increasing. For example, there is a proliferation of various ways of committing an offense on the Internet, such as fraud, manipulation of prices on stock exchanges, the development of computer viruses that destroy the production and technological process, etc. In order to solve a set of problems, effectively combat computer offenses and encroachments on copyright and related rights, dangerous information, it is necessary to fully use legal tools for prevention and counteraction, to improve control over information networks.

Lawmaking in the field of computer and information technology began to develop in parallel with the development of similar systems in China. In the Copyright Law adopted by the National People's Congress in September 1990, computer software products were for the first time equated to the category of copyrighted. The Regulation on the Protection of Computer Programs adopted in 1991 is the first regulatory act in the field of computer system security protection. In 1994, the State Council of the People's Republic of China published Regulations on the Protection of Computer and Information Systems. The legislative process in the field of Internet regulation began in 1995, when a number of measures were taken to prevent illegal online activities on the Internet. In the Regulation on the Protection of the Security of the International Network of Computer and Information Systems published by the Ministry of Public Security, two articles describe the categories of information, the development, increase, search and dissemination of which are prohibited, as well as the types of activities related to encroachment on the security of computer and information systems. The legislative body of the People's Republic of China has developed and adopted more than 10 laws and by-laws, for example, Regulations on the Channels of Computer and Information Systems, Regulations on the Security of the International Network, Computer and Information Networks of Public Use, Temporary Regulations on the Registration of domain Names of the Chinese part of the Internet, etc. In the Criminal Code of the People's Republic of China, adopted in October 1997, several articles established offenses in the field of computer and information systems and criminal liability for them. Over the past ten years, the above-mentioned laws and regulations, developed and adopted by the National People's Congress, the State Council of the People's Republic of China, relevant ministries and departments, have played a significant role in improving the efficiency of government management, contribute to the development of computer and information systems. A strict legal system in the field of protection of computer and information networks is gradually being formed. Next, we should consider its main content.

1. Planning and development of computer and information systems.

Due to the scale of work, huge costs, coverage of vast territories of the country, duration and complexity, it is necessary to regulate the planning and development of these systems with the help of legal instruments, thereby ensuring their effectiveness.

2. Management of computer and information systems.

In order to ensure the safety and smooth operation of these systems, it is necessary to strengthen their management. The heyday of crime on the Internet, the abundance of dangerous information in the networks is caused mainly by weakness or lack of effective management. Consequently, the development and adoption of laws and other regulations that clearly regulate the rights and obligations of persons engaged in management and other economic activities in this area, as well as online user behavior, contribute to the prevention or at least reduction of the number of offenses on the Internet.

3. Ensuring the security of computer and information systems is a necessary component of legislation.

Hacker attack, unauthorized access to computer systems, deliberate sabotage, disclosure of state secrets and personal data of a citizen — all this poses a serious threat to the security of information systems. Therefore, it is necessary, through the development and adoption of laws, to ensure the commonality of safety standards and the implementation of security measures in full.

4. Criminal and other liability for offenses in this area.

As you know, computer crime is becoming one of the most popular types of offenses. It is necessary to intensify legislative activity and clearly regulate the execution of punishments. In the version of the Criminal Code of the People's Republic of China edited in 1997 and the resolution adopted in December 2000 by the Standing Committee of the National People's Congress on the protection of computer and information systems, criminal and other liability for offenses in this area was established. However, it should be noted that there are annoying gaps in the current legislation that sometimes do not allow bringing a person to criminal responsibility. For example, when qualifying the subject of an offense, due to the fact that the law does not provide for criminal liability of persons under the age of 16, there are certain difficulties in bringing to justice computer hooligans under the age of 16. In addition, there are also certain gaps in the qualification of crimes that do not meet the needs of information technology development. Therefore, it is necessary to improve the legislative framework in order to prevent computer crime more effectively.

5. Protection of intellectual property in this field.

This category of problems includes both the protection of intellectual property and the punishment for encroachments on it. Despite the fact that a number of laws of the country, such as the law "On Patents", the law "On Copyright", the law "On Trademarks", the law "On unfair Competition" and others, contain articles aimed at protecting intellectual property, they still remain ineffective and need to be finalized. Meanwhile, the protection of intellectual property is becoming an increasingly urgent problem on a global scale due to the intensification of communications between countries. It is necessary to develop better laws and other regulations to protect intellectual property.

6. Protection of personal data of citizens.

As more and more computers are combined into a single network and large-scale databases are created, a huge amount of personal data of citizens can be accumulated in the hands of a small number of departments and divisions. Unauthorized access and disclosure of data of this nature constitute a direct encroachment on the privacy of citizens. The legislative framework of the People's Republic of China in this area needs to be improved, it is necessary to develop appropriate laws and regulations protecting the rights of citizens to privacy.

7. Proof of crimes related to the use of computer and information systems.

The legal protection of computer and information systems to a certain extent depends on what legal force the “computer proof" will have. From the point of view of the procedural code, the signs of computer crime differ from the traditional signs of crimes, therefore, the proof will differ from the traditional understanding of this word. Therefore, in the legislative process, it is necessary to clearly establish the concept, category, signs and forms of computer crime, as well as the procedure and method of seizure of evidence, thus ensuring its authenticity and accuracy. ^[15]

Currently, every State is serious about establishing an executive apparatus of control over the Internet. The “Internet Police” will become the main force obligated to conduct investigative actions on computer offenses. In the PRC, the public security body, that is, the police, is responsible for ensuring information protection. At the beginning of 1990, information security control was established at various levels of public security bodies. The "Law on the Militia of the People's Republic of China" and the relevant laws, as well as other regulations, provide the public security body with the functions of monitoring information security. Its main functions are the following: a) determination of the category of degrees of security of information systems and real methods of their protection; b) timely provision of this information to Internet users; c) establishment of a security regime; d) acceptance of a case that arose during the use of computer information for consideration; e) development of a system for the prevention of computer viruses and other dangerous information; f) development of real methods of state licensing of the sale of network products, information systems; g) control, verification, determination of the course of work to ensure information security; h) tracking of offenses on the Internet. ^[13]

Currently, the executive office for Internet supervision uses real methods in order to implement its management:

1) the executive body and its employees must comprehensively improve their qualifications, master modern Internet technologies, have a wide range of knowledge about the Internet and a certain level of information consciousness in order to solve problems arising in the process of Internet development;

2) regularly carry out work on the control of computer information, it is necessary to respond in a timely manner to offenses and the dissemination of dangerous information on the network. In recent years, during the periods of checking, conducting operational work on the Internet, the PRC police monitored illegal activities, noting offenses in the data of the main server, investigated cases of gambling, dissemination of pornographic information and racism, conducting propaganda;

3) develop an information system to ensure computer security. Solve problems arising on the Internet in a timely manner. Exchange information to ensure security;

4) in accordance with current laws and other regulations, develop and implement an effective data encoding system and control regimes over certificates and digital signatures in information packages and thus prevent hacker attacks and various kinds of sabotage, ensure the information security of the state and the citizen;

5) expand the scope of international cooperation and exchange in the field of information security. The global Internet network has no borders. To ensure its security, laws and regulations jointly adopted by many countries are necessary. ^[14]  After joining the WTO, China promised to limit the openness of the domestic information market, to require users to comply with the norms and rules in force in the world. Nevertheless, the People's Republic of China now takes human rights protection seriously, uses and borrows the norms in force in the world and on the protection of human rights on the Internet. Therefore, in the field of information security, it is necessary to establish international relations and ensure high-quality cooperation and information exchange. The devices that monitor the security of the Internet of each country should intensively exchange information and jointly combat offenses and crime in the field of computer science and computer technology.

From July to September 1990, the Ministry of Public Security of China implemented a unified program to track criminals on the Internet and for the first time raised the issue of combating crime in the global computer network. With the help of an exemplary development of an information system called "golden shield", the digital data bank of the Information Crime Center of the People's Republic of China introduced information about Chinese public security into the Internet, carried out the detention of Internet criminals, thus avoiding significant material costs. Tracking with the help of computer information is the main function of employees of the executive body, this determines the level of their qualifications. The main task of the executive body is to conduct investigations on various cases on the Internet. Therefore, the formation of a strong special executive body for Internet offenses is the main force in the fight against computer crimes.

From all of the above , the following conclusions can be drawn:

Information security is one of the most important aspects of integrated security, at whatever level it is considered – national, regional, industry, corporate or personal. Information security should not be reduced mainly to the protection of information, it is a fundamentally broader concept that defines a multidimensional field of activity in which only a systematic, integrated approach can bring success.

Information security in China is developing unevenly. There are areas that have been mastered, for example, some software and technical measures to ensure the confidentiality of information and legislative and legal aspects, but most of the areas, including strategically important ones, remain not researched at the proper level. Even in some developed areas, it has not yet been possible to achieve compliance with modern requirements. All this makes it possible to assess the situation with information security in the PRC as requiring close attention from the state and scientists engaged in this field.

In the study of information security, it is necessary to distinguish two aspects: independence in the field of information technology and information security as such. The use of foreign products in some strategically important systems, in principle, may pose a threat to the information security of the state, since it is impossible to exclude the possibility of built-in sabotage elements, but in general, potential threats to information security are mostly internal in nature. In such conditions, the illegality of using foreign developments in the absence of domestic analogues makes it difficult or even impossible to organize information protection, thereby posing a serious threat to the national security of the country as a whole.

The basic component of information and national security is national economic security as the state of the national economy, ensuring a stable improvement in the quality of life, the exercise of economic sovereignty, an increase in the economic power of the state and the sustainable development of the entire region. Currently, the topic of the “knowledge economy” is widely discussed in China as the basis for ensuring economic security and further sustainable development of the country in new modern conditions on the way to the transition to an information society, and subsequently to the ecological and information society as a new stage in the development of human civilization.