Translate this page:
Please select your language to translate the article


You can just close the window to don't translate
Library
Your profile

Back to contents

Legal Studies
Reference:

On the Need to Improve the Conceptual Apparatus in the Field of Information Infrastructure Regulation

Ostroushko Alexander Vladimirovich

PhD in Law

Associate Professor, Department of International and Public Law, Financial University under the Government of the Russian Federation

109542, Russia, Moskva, g. Moscow, per. 4-I veshnyakovskii, 4, of. 511

ostroushko@mail.ru
Other publications by this author
 

 

DOI:

10.25136/2409-7136.2022.9.38806

EDN:

RCMMSJ

Received:

20-09-2022


Published:

05-10-2022


Abstract: The subject of the study is the existing conceptual apparatus related to the issues of legal regulation of the processes of creation and functioning of a stable and secure information infrastructure in the Russian Federation. It is revealed that there is an insatiable need to analyze the existing legislative innovations in order to improve and develop a comprehensive mechanism for regulating the studied relations. The current normative acts were analyzed for identification of: the presence of a legal interpretation of the terms available in them; consistency of definitions available in different branches of law; correlation of legal definitions with established concepts in the technical sciences; accessibility of understanding of terms for the law enforcer in order to exclude heterogeneous law enforcement. The main conclusions of the study are: improving the mechanism of legislative regulation of activities is an important direction for the creation of a stable and secure information and telecommunications infrastructure; there is no strictly coordinated conceptual apparatus of information and telecommunications infrastructure in Russia; legislative allocation of a single information space of the Russian Federation is overdue, for which criteria have been developed that can be used by the legislator; a proposal has been put forward on the need to adopt a special federal law regulating information and telecommunications infrastructure.


Keywords:

information infrastructure, telecommunication information structure, problems, legal regulation, terminology, legal definitions, absence, inconsistency, improvement, The Internet

This article is automatically translated.

 

 

Turning to the issues of legal regulation of the processes of creating the functioning of a stable and secure information infrastructure in the Russian Federation, I would like to note that the solution to this problem should be comprehensive.  This can be traced from the provisions of the passport of the federal project "Information Security" of the national program "Digital Economy of the Russian Federation", approved by the protocol of the Presidium of the Government Commission on Digital Development, the Use of Information Technologies to improve the quality of life and business conditions dated 10/23/2020 N 23, which in turn is issued by a Letter of the Ministry of Finance [1].

The development of the regulatory framework for the development of a stable and secure information and telecommunications infrastructure is carried out continuously. Considering the chronology of the adoption of documents, it can be noted that the legislator had not previously addressed this problem in a comprehensive manner, he, depending on the existing needs, adopted acts to create regulatory mechanisms for both the general and private components of the problem. Which allowed some scientists to talk about patches/patches[2] that were superimposed on the problems that arose.

In our opinion, the system of already existing regulations should be subjected to critical reflection. There is an insatiable need in the current complex geopolitical situation to analyze the existing legislative innovations and develop a comprehensive mechanism for regulating the studied relations, which allows to exclude duality of concepts, competition of branches of law and disunity in the logical and legal content of norms.

First of all, the necessary terminological constructions should be developed, since the creation of a stable and secure information and telecommunications infrastructure is impossible in the absence of a strictly coordinated conceptual apparatus. The absence of normative concepts in the sphere of regulation under study, where technical and social/legal sciences should closely interact, has repeatedly generated certain collisions.  The picture of the emerging multi-level regulatory legal acts affecting various areas of information and telecommunications infrastructure in separate strokes allows us to conclude that there is a need to improve legislation[3].

V.B. Naumov noted on this occasion that incorrect treatment of terms generates inconsistency of definitions and uncertainty in law enforcement, and forces to engage in (often contradictory and invariant) interpretation[4]. With regard to the subject of our research and the construction of a stable and secure information and telecommunications infrastructure, the problem of the lack of necessary definitions is clearly traced, including in the documents of the national program "Digital Economy of the Russian Federation", a lot of terms with the prefix "cyber..." (cyber threats, cybersecurity, cyberpolygon, cyber resilience, etc.) in the complete absence of at least some intelligible definitions of what it is about. A Cybersecurity Department has been created in the Ministry of Finance of Russia, similar cyber units are being created everywhere, but we could not find documents that clearly indicated their main activity.

Analyzing the scientific literature on various areas of research, we have found that there is a rather diverse understanding of everything that is designated as cyber... We believe that the legislator should solve this terminological vacuum in the near future either by abandoning the newfangled prefix cyber... and returning to the definitions established in the domestic doctrine, such as information security instead of cybersecurity, or clearly define what this prefix denotes. 

Another important unresolved terminological problem is that regulatory legal acts widely use the terms "information and telecommunication infrastructure" or "information infrastructure". We tried to get an answer to what this definition represents from the point of view of the legislator, and found a reference to this term in the Model Law on Critical Information and Communication Infrastructure Facilities" (Adopted in St. Petersburg on 11/28/2014 by Resolution 41-14 at the 41st plenary session of the Interparliamentary Assembly of CIS Member States), this definition is also It is contained in some local acts, for example, in the standard of the Bank of Russia STO BR IBBS-1.0-2014.

The basic normative and technical document for information technologies is GOST R 59502-2021 "National Standard of the Russian Federation. Unified system of symbols in the field of information and telecommunication systems", contains the concepts of information system, information and telecommunication network. Other GOST standards and FSTEC orders consider only the information and telecommunications infrastructure of the data processing center[5].

When analyzing the information available at the time of the study in the SPS "Consultant Plus" and on the Official portal of legal information www.pravo.gov.ru the existence of a legal definition of the term "components of information and telecommunications infrastructure", enshrined in the Decree of the Government of the Russian Federation dated 10.10.2020 N 1646 "On measures to ensure the effectiveness of measures for the use of information and communication technologies in the activities of federal executive authorities and management bodies of state extra-budgetary funds" (together with the "Regulations on Departmental Digital Transformation Programs"). There are various definitions of this term in the internal documents of federal executive authorities, for example, the Federal Agency for Railway Transport[6].

An attempt to eliminate this lacuna of law was made in 2011 by the Ministry of Digital Development, Communications and Mass Communications of the Russian Federation (then the Ministry of Communications), having developed a document entitled "Terms and definitions for the draft Concept for the Development of information and communication infrastructure and technologies in the Russian Federation", which over the past more than ten years has remained a project.

In this document, information and communication infrastructure is understood as a set of information and communication infrastructures, in turn, communication infrastructure is a network infrastructure that provides information transmission between geographically distributed sources and recipients, consisting of communication lines using various electromagnetic signal propagation media, and equipment that provides reception, transmission of these signals, and their processing in the process of this transfer, and the information infrastructure is an interconnected set of information systems and subsystems.

In our opinion, it is quite difficult to talk about creating conditions for the development of a stable and secure information and telecommunications infrastructure, in the absence of a legal definition of the subject of action. We consider the definitions developed by the Ministry of Finance more than 10 years ago to be quite successful and in need of appropriate regulatory design.

At the same time, we have certain achievements in the development of terminology related to information and telecommunications infrastructure. It is distributed according to the following regulations: 

 The Strategy for the Development of the Information Society in the Russian Federation for 2017-2030 contains definitions that allow establishing a uniform understanding of the essence of the problem of creating and developing a stable and secure information and telecommunications infrastructure of the Russian Federation.

The National Security Strategy, which was approved by the Decree of the President of the Russian Federation dated 02.07.2021 N 400 "On the National Security Strategy of the Russian Federation", and the Federal Law of 26.07.2017 N 187-FZ "On the Security of the Critical Information Infrastructure of the Russian Federation" determine the federal public authorities responsible for making proposals on improving regulatory regulation in the field of critical information security information infrastructure[7], and information and telecommunication infrastructure refers to these objects.

The Basic Law regulating information relations and the information sphere of the Russian Federation, which is Federal Law No. 149-FZ of 27.07.2006 "On Information, Information Technologies and Information Protection" (hereinafter referred to as the Information Law) in Article 2 contains definitions: information technologies, information and telecommunication network, provision and dissemination of information, operator information systems, a website on the Internet, and a number of others.. One of the shortcomings of this law, many researchers point out, is the lack of attention to the regulation of information and communication relations and the development of an appropriate conceptual apparatus [8,9].

The dispersion of terms according to various regulatory legal acts and standards has a negative impact on legal activity and the question of the need to adopt a specialized regulatory act has been raised for a long time. Proposals have been repeatedly put forward on the need to develop the Information Code of the Russian Federation[10] or the Law on Telecommunications [11], however, even the drafts of these documents have not reached the procedure of submission to the State Duma. The adoption of such an act will create a conceptual apparatus that is important for regulating the development of a stable and secure information and telecommunications infrastructure, including legally defining the Internet network.

The difficulties of the conceptual apparatus give rise to situations when, in the course of law-making and/or in the process of law enforcement, where relations related to information and telecommunications infrastructure are affected, the authorities often use terminology that does not correspond to the legal one. As an example, Rosstat Order No. 463 dated 30.07.2021 "On approval of forms of federal statistical observation for the organization of federal statistical observation of activities in the field of education, science, innovation and information technology", where instead of the legally established term website on the Internet, "website" is used. These collisions are not isolated, although we can notice a positive trend that their number has been constantly decreasing lately.

One of the conditions for the development of a stable and secure information and telecommunications infrastructure, in our opinion, is a uniform understanding and use of special terms by all subjects in this field of activity.

In the current difficult geopolitical situation, the creation of conditions for the development of a stable and secure information and telecommunications infrastructure is impossible without solving the fundamental question of which objects and activities of which subjects fall under the influence of domestic legislation. It is known from the course of the Theory of State and Law that legal regulation by national legislation is carried out within the territory of a particular state, however, this rule requires some clarification when we consider information and telecommunications infrastructure.

If we consider the concept of information and telecommunications infrastructure, based on the interpretation of the definition given in the Decree of the Government of the Russian Federation of 10.10.2020 N 1646, then it can include software and hardware complexes and tools used jointly by information systems that perform common technological functions and provide the basis for the functioning of these information systems, which are not always located on the territory of the Russian Federation.  An example is the active use by the Ministry of Foreign Affairs of the Russian Federation of the resources of the American corporation Google (https://www.youtube.com/midrftube ).

Also considering the issues of the impact of the law on the information and telecommunications infrastructure, it should be taken into account that it includes information and telecommunications networks, access to which is not limited to a certain circle of persons, the so-called global networks, the most important of which is the Internet. Their existence has led to the emergence of a global information space in which there is de facto no common jurisdiction.

This proves the relevance of the thesis about the need to establish the exact limits of the impact of national law in the global information space.

The Strategy for the Development of the Information Society states that such an impact should occur in the national information space, i.e., the segment of responsibility of the Russian Federation specially allocated in the global space, which means a set of information resources created by subjects of the information sphere, means of interaction of such subjects, their information systems and the necessary information infrastructure.

However, there are no clear criteria for determining a single (digital)[1] the information space of the Russian Federation has not been developed, which greatly complicates the process of law enforcement. Undoubtedly, the framework of the information space is the information and communication infrastructure[12].

The need to develop clear rules for the allocation of the zone of influence of the state in the virtual environment was indicated in the Concept of formation and development of the unified information space of Russia and the corresponding state information resources, which was approved by the decision of the President of the Russian Federation dated 11/23/1995 N Pr-1694, i.e. almost 30 years ago.  In the current period, the formation of an information space taking into account the needs of citizens and society in obtaining high-quality and reliable information is indicated as one of the tasks of the "Strategy for the Development of the Information Society in the Russian Federation for 2017-2030", approved by Decree of the President of the Russian Federation No. 203 of May 9, 2017. At the same time, the main document indicating the main directions of efforts to create a mechanism for regulating information relations - the National Program "Digital Economy of the Russian Federation" in the part of the federal project "Regulatory regulation of the digital environment" does not contain provisions for defining the boundaries of the unified information space of the Russian Federation, which, in our opinion, is a problem requiring prompt resolution.

It is proposed that it is the normative consolidation of a uniform approach to understanding the information space that will entail the ability of the state to create conditions for activities in the information and telecommunications space.

Currently, the country already has legal acts that allow us to talk about attempts to allocate the zone of responsibility of the Russian Federation and the formation of various information spaces for solving specific tasks. For example, the Electronic Budget system was created to form a unified information space and the use of information and telecommunication technologies in the field of state and municipal (public) finance management[13], the Justice GAS is officially an information system designed to form a unified information space of courts of general jurisdiction and the Judicial Department system under the Supreme Court of the Russian Federation Federation[14].

The unified digital information space in the interests of strategic management in the Russian Federation is formed in accordance with the Decree of the President of the Russian Federation dated 08.11.2021 N 633 "On approval of the Fundamentals of State Policy in the field of strategic planning in the Russian Federation". However, we can state that there is no single act defining in a clear unambiguous and understandable way for the majority of citizens and other interested subjects the boundaries of legal influence in the global information space, without which it is impossible to build a secure information and telecommunications infrastructure.

Studying various attempts of the legislator to point out the limits of the impact of national law in the global space, it can be noted that a very interesting approach to solving this problem in a number of articles 149-FZ "On Information, information technologies and information protection", so in Article 10.6. "Features of the dissemination of information in social networks" states that under the jurisdiction of The Russian Federation gets social networks where information is provided or distributed in the state language of the Russian Federation (or languages of the Russian Federation), aimed at attracting the attention of consumers located on the territory of the Russian Federation, and access to which during the day is more than five hundred thousand Internet users located on the territory of the Russian Federation.

As you can see, three important criteria are used here – the accessibility for understanding by citizens of the Russian Federation of information provided through information and telecommunications networks, the orientation of this information to Russian citizens and the number of requests for this information from the territory of the Russian Federation. In our opinion, together with the territorial location of the technical means forming the information and telecommunications infrastructure, and the facts of ownership of the site on the Internet by Russian citizens, these signs can be used to classify specific objects of information and telecommunications infrastructure to those that are subject to the legislation of the Russian Federation.  

Why it is proposed to use these criteria. First, the placement of information and telecommunications infrastructure facilities on the territory of the Russian Federation automatically extends the effect of domestic legislation to them. Secondly, regardless of the territorial location of ICT facilities, the provision of information in a language accessible without translation to citizens of the Russian Federation indicates the purpose of this resource for these subjects, and therefore we cannot leave them outside the limits of legal regulation. Third, with a certain, rather large, number of requests to any resource on the network, we also cannot leave the latter outside of its legal field, because the information located on it can cause a certain and not always positive impact on the relations taking place in the Russian Federation.

Conclusions

1. The need to improve the mechanism of legislative regulation of activities is indicated as the main direction for the creation of a stable and secure information and telecommunications infrastructure in the Russian Federation.

2. The problem is the lack of a strictly coordinated conceptual apparatus of information and telecommunications infrastructure.

3. In the Russian Federation of the Russian Federation, the boundaries of legal influence in the global information space are not defined in a clear, unambiguous and understandable way for all subjects, the legislative allocation of the unified information space of the Russian Federation is overdue.

4. The following criteria can be used to assign specific objects of information and telecommunications infrastructure to the jurisdiction of the Russian Federation: accessibility for understanding by citizens of the Russian Federation of information provided via information and telecommunications networks; the normatively established minimum number of accesses to the information resource by citizens of the Russian Federation and/or any entities from the territory of the Russian Federation; placement of technical objects of information and communication in the territory of the Russian Federation.-telecommunications infrastructure; finding an object of information and telecommunications infrastructure owned or influenced by Russian individuals and legal entities, as well as public legal entities.

5 It is proposed to adopt a special federal law regulating the stability, security and integrity of the information and telecommunications infrastructure of the Russian Federation, defining the basic definitions of information and telecommunications technologies, legal criteria of the Internet network, establishing the status of entities engaged in the activities of persons on the network and using information and telecommunications infrastructure.

 

 

[1] In the documents adopted after 2016, there are two equivalent terms "single digital information space" and "single information space" Author's note.

References
1. Letter of the Ministry of Digital Development of Russia of October 13, 2021 N P25-18390-OG "On consideration of the appeal" (together with the "Passport of the federal project "Information Security") URL: parvo.gov.ru, date of appeal 25.09.2022.
2. Minchenkov, E. N. (2020). Development of information legislation in modern Russia: to the formulation of the problem. Leningrad legal journal. No. 1. S. 52-59.
3. Zharova, A.K. (2022). Legal regulation of relations in the field of prevention of possible vulnerabilities in information technologies. Business security. N 1. S. 19-26.
4. Naumov, V.B. (2018). Negative regularities in the formation of the conceptual apparatus in the field of Internet regulation and identification. Information law. N 1. S. 32-39.
5. Komarov, V. (2022) Data center as a CII object URL: https://www.securitylab.ru/blog/personal/valerykomarov/348994.php, accessed 25.09.2022.
6. Components of the information and telecommunications infrastructure https://rlw.gov.ru/telecom_infrastructure_components, accessed 09/25/2022.
7. On the security of the critical information infrastructure of the Russian Federation: Federal Law of July 26, 2017 N 187-FZ URL: http://www.pravo.gov.ru, accessed 19.09.2022
8. Dzhakupov, Zh.A. (2011). Legal basis for building a single information space of the Russian Bar Association on the Internet. legal world. N 5. S. 19-23.;
9. Ledneva, Yu.V. (2021). Lawmaking in the field of digitalization of public finance. Financial right. N 9. S. 12-16.
10. Nesterov, A.V. (2021). Digital law versus information code. Lawyer. N 11.S. 8-12.
11. Lukyanov, A.A. (2007). Basic concepts of Internet law. Information law. No. 3(10). S. 9.
12. Nisnevich, Yu.A. (2013). Information space of Russia: between TV and the Internet. Bulletin of the Peoples' Friendship University of Russia. Series: Political Science. No. 4. p. 5-15.
13. Povetkina, N.A. (2020). Specificity of legal identification of finance: specific contradictions. Financial right. N 12. S. 17-20.
14. Zelentsov, A.B., Natroshvili ,G.I. (2020). Digital provision of administrative justice in the context of building an "electronic state": some theoretical issues. Administrative law and process. N 12. S. 24-28.

Peer Review

Peer reviewers' evaluations remain confidential and are not disclosed to the public. Only external reviews, authorized for publication by the article's author(s), are made public. Typically, these final reviews are conducted after the manuscript's revision. Adhering to our double-blind review policy, the reviewer's identity is kept confidential.
The list of publisher reviewers can be found here.

The subject of the study. The subject of the research of the reviewed article "On the need to improve the conceptual apparatus in the field of information infrastructure regulation" is the issues of legal regulation of the processes of creating a stable and secure information infrastructure in the Russian Federation, the solution of which is complex, including the formation of a conceptual apparatus. Research methodology. The methodological basis of the article is a system-structural approach to the study of the conceptual apparatus of information infrastructure. The methodological apparatus consists of the following dialectical methods of scientific cognition: abstraction, induction, deduction, hypothesis, analogy, synthesis, historical, theoretical-prognostic, formal-legal, systemic-structural legal modeling, as well as the application of typology, classification, systematization and generalization. The use of modern methods made it possible to study the established approaches, views on the subject of the article, to develop the author's position and to argue it. The article used a combination of theoretical and empirical information. The relevance of research. In the context of global digitalization of all spheres of public life, the need to improve legislation in order to adequately regulate modern relations is beyond doubt. Terminological clarity is essential in the formation of new legal norms. This is exactly what the reviewed article is dedicated to. Scientific novelty. It cannot be said that the topic of the conceptual apparatus of various institutions of information law is absolutely new to Russian jurisprudence. Style, structure, content. The article is written in a scientific style, using special terminology. According to the content, the article reveals the topic, its content is correctly structured. In the introduction, the author substantiates the relevance of his chosen topic, in the substantive part with references to authoritative opinions of scientists dealing with the problems of information law, reveals the problems raised and offers in the final part of the article his recommendations for improving the conceptual apparatus in the field of regulation of information infrastructures. The material is presented consistently, competently and clearly. Bibliography. Although the author has studied a sufficient number of sources on the topic of the article, including publications in recent years, it would be nice to get acquainted with the works of such outstanding scientists in the field of information law as T.A. Polyakova, A.V. Minbaleev, A.A. Smirnov, which will significantly raise the level of research on this topic on the need to improve the conceptual apparatus in the field of information infrastructure regulation. In addition, the bibliographic list should be drawn up in accordance with the requirements. Appeal to opponents. The author of the reviewed article very correctly refers to the positions of reputable scientists investigating the need to improve the conceptual apparatus of various institutions of information law in order to substantiate his own opinion. However, in the footnotes to the source of publication, it is necessary to indicate the specific pages where the article was borrowed in the test. Conclusions, the interest of the readership. The article "On the need to improve the conceptual framework in the field of information infrastructure regulation" generally meets the requirements for publications in scientific journals. The reviewed article is recommended for publication, provided that the comments on its design are finalized (bibliography list and footnotes). Based on its relevance, the article will be of interest both to specialists in the field of information law and to all those who deal with issues of legal theory, as well as among a wide range of readers, primarily students and teachers of law schools.