Translate this page:
Please select your language to translate the article


You can just close the window to don't translate
Library
Your profile

Back to contents

Security Issues
Reference:

New challenges and threats in the digital space: security as a criterion for the development of information technologies

Duben' Andrei Kirillovich

Scientific Associate, Institute of State and Law of the Russian Academy of Sciences; Assistant, Department of Civil and Administrative Proceedings, Russian State University of Justice

119019, Russia, Moscow region, Moscow, Znamenka str., 10

k.duben@mail.ru
Other publications by this author
 

 

DOI:

10.25136/2409-7543.2023.3.44062

EDN:

YEGPER

Received:

18-09-2023


Published:

29-09-2023


Abstract: The object of this study is public relations related to information security in The Russian Federation in the face of new challenges and threats, as well as digital transformation and geopolitical changes. The subject of the study forms a set of legal norms of normative legal acts of the Russian Federation regulating public relations in the field of information security, as well as the provisions of theoretical interdisciplinary research in this area. Special attention is paid to security issues, which occupy one of the key values in the domestic and foreign policy of the state, determining further national interests and strategic national priorities, goals and objectives of state policy and sustainable development of the state for the long term. The issues of ensuring information security are becoming more and more urgent in view of the global digital transformation of all spheres of life, as well as the aggravation of geopolitical contradictions and the strengthening of interstate information warfare. The author concludes that it is obvious that it is expedient to legislate at the federal level the legal foundations of the national information security system in the Russian Federation in order to use information and legal means in the conditions of digitalization, the growth of geopolitical challenges and risks, the global socio-economic crisis, the formation of a multipolarity of the world, aimed at increasing the security of Russian information resources, information systems and objects of information infrastructure. The author raises the question of the possibility of including certain legal norms in the domestic information legislation in the part in which such norms regulate relations in the field of performance by public administration bodies of functions ensuring security in the information sphere.


Keywords:

security, information security, transformation, digitalization, information space, challenges, threats, risks, strategic acts, national security

This article is automatically translated.

Security issues occupy one of the key values in the domestic and foreign policy of the state, determining national interests and strategic national priorities, the main directions of sustainable development of the state for the long term. The issues of ensuring information security are becoming more and more urgent in view of the global digital transformation of all spheres of life, as well as the aggravation of geopolitical contradictions and the strengthening of interstate information warfare [1]. Draws attention to the fact that each state primarily cares about its own national information sovereignty, including digital and technological aspects [2, p. 120]. An essential factor in the development of the national policy of the state is the information component. To confirm this position, we can cite the words of V.N. Lopatin, who in his dissertation research noted that the role of information security and its place in the national security system is formed by the state information policy, which is interconnected with the state policy of ensuring national security of the state through the information security system [3, p. 85].

Within the framework of this article, the subject of the study is the norms of law regulating public relations in the field of legal provision of information security. The methodological basis of this work is the application of dialectical and systematic approaches, which made it possible to comprehensively investigate the posed scientific and practical problems in their development and interrelation.

The strategic importance of information security is confirmed by a number of federal-level documents approved by Decree of the President of the Russian Federation No. 400 dated July 2, 2021 "On the National Security Strategy of the Russian Federation", which are of basic importance at the present stage of development of society and the state. These documents are the main ones in the system of strategic planning documents, they require scientific understanding from the perspective of information law, because today, in the era of active digital transformation processes, the global crisis, also associated with the problems caused by the COVID-19 pandemic and geopolitical risks, their impact on the legal system, both international and national, is acutely felt [4, p. 131]. President of the Russian Federation Vladimir Putin at one of the open meetings of advisory bodies on information security issues emphasized: "New technological solutions generate new risks. We see that the global digital space often becomes a platform for fierce information confrontation, for unfair competition and cyber attacks <...> It is important to maintain the continuity of our strategic course on conflict prevention in the information space" [5]. In the conditions of increasing tension between Russia and its foreign political opponents, such a statement by the President of the Russian Federation seems especially important, since, in our opinion, it contains a call to public authorities and society to effectively counter the aggressive activities of foreign states that contradict the strategic course of the Russian Federation.

Currently, in connection with the events in the world and the possibility of remote information impact on the legal consciousness and worldview of people, the issue of security in the information sphere has been significantly updated. In particular, ensuring the reliability of information as the basis for the implementation of activities in the information sphere and the formation of a system of lawful actions of various persons. However, as O.V. Petrovskaya rightly noted, the main way to prevent unreliable information is to establish criteria for the reliability of information that will allow to counteract this process in the information environment. At the same time, fake news gets its further development with new world processes affecting the sphere of human activity and society as a whole [6, p. 18].  So, today there is the use of various mechanisms of unlawful restriction of citizens' access to socially significant information, including in the system of official views in the Russian Federation on the specifics of national interests and the procedure for ensuring them. The so-called fake information promoted by unfriendly foreign states using their digital and technological advantage in their own interests to the detriment of the national interests of the Russian Federation has become widespread. This reinforces the importance of the formation of legal mechanisms for information and analytical activities to debunk false information disseminated in order to unlawfully achieve the advantages of some countries over others, as well as to counter these processes.

We believe that in order to implement the state policy in the information sphere, it is necessary to define the subject area of Russian legislation and build an integrated system in the field of security. We believe that the main directions of the implementation of the state information policy are: the guarantee and implementation of the constitutional rights of man and citizen; the security of information networks; prevention of vulnerability of information systems; development and improvement of information infrastructure; further interstate cooperation on information security and information protection.

Currently, the problem of concentration of control centers of digital technologies and various digital platforms by organizations operating under the jurisdiction of Western states is becoming more and more urgent. In this regard, one of the pressing issues today is the formation of legal mechanisms for international and interstate control over the development of the Internet information and communication network and digital platforms of international importance in the context of ensuring peace and law and order, as well as ensuring national information security. Thus, the state information policy should be based on the general principles of law in order to develop and improve information technologies, protect information and ensure information security, which will contribute to the further development of the information society within the state.

Modern digital technologies, having cross-border use, are now often based on software and hardware-software complex produced by foreign countries, although sometimes they are based on theoretical research and experimental design developments of Russian scientists. At the same time, insufficient practice of introducing the results of scientific research into information products has a negative impact on the productivity of the introduction of research and development achievements of Russian researchers and practitioners. This requires the need to form a set of organizational and legal measures in the field of development, implementation and commercialization of information products of domestic origin by promoting them on the Russian, regional and global markets, financing promising projects.

The training of competent personnel, including specialists in the field of information technology itself (programmers, testers, system administrators, etc.), as well as information security specialists of various profiles and specializations, is of great importance for the field of information security. It should be noted that personnel training at the bachelor's, specialist's and master's level, having a complex character, at the same time requires improvement, including educational and methodological materials aimed at the formation of not only engineering, computer, but also legal knowledge and legal culture. However, as a rule, the training of qualified personnel in the field of information security is carried out by technical universities that do not have the necessary teaching staff in the field of law. This sets the task of fixing the requirements for the legal knowledge of graduates at the level of by-laws and federal educational standards.

It is also important to create conditions for the development of innovative technologies on the basis of public-private partnership, which in the field of ensuring information security of Russia is determined by the interest of the parties in the active development of national information infrastructure on the basis of agreements within the framework of current Russian legislation. At the moment, one of the directions of development of public-private partnership in Russia is the interaction of the state and private entities in the field of information security through the transfer of information, database management, information support systems, protection of critical information infrastructure, etc. We believe that the instruments of this type of agreements make it possible to effectively involve the private sector in the implementation of state policy in the field of information security.

Within the framework of the provisions of the Information Security Doctrine of the Russian Federation, the interaction of public and private entities is permissible in cases of assessing the state of information security, forecasting and detecting threats in the information sphere, coordinating actions to improve information security, i.e. when implementing a risk-oriented approach [7, p. 39]. In this regard, political scientists rightly point out that the development of information and telecommunication technologies has led to the emergence of new terms, such as "information weapons" and "information warfare", which require scientific understanding taking into account the current geopolitical situation, characterized by increased information risks and threats, including in the field of ensuring digital and technological sovereignty of the state, its constitutional system and defense, while researchers have repeatedly drawn attention to the emergence of new types of information weapons that are created for illegal actions within individual information systems [8, p. 141].

Thus, public-private partnership in Russia is formed at the stage of its development, the main purpose of which is to satisfy socially significant interests in the field of information security. At the same time, various forms of partnership provide effective solutions to priority goals and tasks of ensuring national security in the information space.

Today, in the field of organizational and legal provision of information security, the issue of developing a system of technical regulation is acute. Legal regulation and law enforcement practice in the field of certification, standardization of information security tools, as well as licensing, certification in information security activities requires scientific understanding from the perspective of information law and determining the place in the system of this industry. The regulatory and legal regulation of these issues does not always meet the requirements of the time. Thus, the Decree of the Government of the Russian Federation No. 608 of June 26, 1995 "On Certification of information security tools" was issued during the period of validity of the Law of the Russian Federation "On Certification of Products and Services" of 1993, which has become invalid. In addition, the provisions of the above-mentioned decree of the Government of the Russian Federation are aimed at regulating relations related to the confirmation of compliance with the requirements mainly to the means of protecting state secrets. The institutional and legal provision of information security is formed and developed "at the junction" of the branches of the information sphere and the sphere of security. We should agree with O.S. Makarov, who notes that "the legal provision of information security is conceptually built on existing systems of information legal relations (basic systems) and ensures the security of their progressive development" [9, p. 73].

Currently, the requirements for mandatory certification of information security tools are established in relation to personal data information systems, automated processing of official information of limited distribution and other types of restricted access information. In this regard, the requirements for certification of confidential information protection tools are applied in many respects formally and without taking into account the specifics of various types of restricted access information. From the above, it can be concluded that there is a need for legislative changes in legal norms in the field of information security through the formation of unified approaches to organizational and legal measures to ensure the security of information systems and resources in the context of geopolitical changes and new challenges, threats in the information environment. These measures should contribute to countering socially dangerous acts, eliminating cyber attacks and preventing informational and psychological effects on human health and behavior.

In the science of information law, the importance of the Information Security Doctrine of the Russian Federation as a strategic planning document in the field under consideration, having a structured content and a clear form, is noted [10, p. 43]. This normative legal act creates an organizational and legal basis for the effective provision of information security in the state, the protection of the national interests of Russia and the personal interests of citizens in the information sphere [11, p. 243]. At the same time, it should be recognized that the changing socio-economic, geopolitical and other conditions for the implementation of information protection processes require the adoption of a new strategic planning act for the sphere of information security.

For the development of Russian legislation in the field of information security, it is necessary to develop and adopt a special federal law on information security [12, p. 115]. Although at present there is a certain system of regulatory legal acts, certain norms of which regulate legal relations in the field of information security. In particular, such regulatory legal acts include federal laws: "On the security of the critical information infrastructure of the Russian Federation", "On Information, Information Technologies and Information Protection", "On Personal Data", "On experimental legal regimes in the field of digital innovations in the Russian Federation" and a number of others. In this regard, we believe there is a need to adopt a special federal law on information security, taking into account state policy in the information space, national interests, including the specifics of the system of public authorities with authority in this area.

Consequently, the development of the current Russian legislation in the field of information security is necessary to improve the efficiency of public administration and interaction between various public authorities of the Russian Federation. In this regard, the importance of a systematic solution of issues related to the priority of security increases, taking into account the priority of digital technology security issues [13, p. 34]. At the same time, there are reasonable prerequisites for these legislative changes. In this regard, there is a question about the possibility of including certain legal norms in the domestic information legislation to the extent that such norms regulate relations in the field of performance by public administration bodies of functions ensuring security in the information sphere.

Thus, within the framework of this article, it can be concluded that there is a need for legislative consolidation at the federal level of the legal foundations of the national information security system in the Russian Federation in order to use information and legal means in the conditions of digitalization, the growth of geopolitical challenges and risks, the global socio-economic crisis, the formation of a multipolarity of the world, aimed at improving the security of Russian information resources, information systems and information infrastructure facilities.

References
1. Mechanisms and models of regulation of digital technologies. (2023). Prospect.
2. Digital Transformation: Challenges to Law and vectors of scientific. (2021).
3. Lopatin, V.N. (2000) Information security of Russia: Diss. ...Dr. yurid. sciences. St. Petersburg.
4. Polyakova, T.A., Minbaleev, A.V., & Troyan, N.A. (2023) Formation of the culture of information security of citizens of the Russian Federation in the conditions of new challenges: public-legal problems. State and Law. (pp. 131-144).
5. Security Council meeting. Website of the President of the Russian Federation. News, speeches and transcripts. Retrieved from http://www.kremlin.ru/events/president/news/65231
6. Petrovskaya, O.V. (2020) Criteria for the reliability of information under Russian legislation. Information law (pp. 17-19).
7. Osipenko, A.L. (2016) Public-private partnership in the field of countering cybercrime. Bulletin of the Voronezh Institute of the Ministry of Internal Affairs of Russia (pp. 37-44).
8. Zinovieva, E.S. (2019) International cooperation in ensuring information security: subjects and trends of evolution. Diss. ...Dr. Polit.
9. Makarov, O.S. (2013) Legal provision of information security on the example of the protection of state secrets of the member states of the Commonwealth of Independent States: Diss. ... Dr. yurid.
10. Markov, A.A. (2011) Some aspects of information security in the context of national security. Bulletin of St. Petersburg State University (pp. 43-48).
11. Kozyreva, A. A., & Tarasov, D.A. (2018) The current state of state policy in the field of information security. Bulletin of the Voronezh Institute of the Ministry of Internal Affairs of Russia (pp. 243-247).
12. Chubukova, S.G. (2022) Subjects of information relations in the digital environment and their legal status. The Law of the Digital Environment. Prospect (pp. 113-121).
13. Polyakova, T. A., & Kamalova, G. G. Problems of formation of legal policy in the field of application of artificial intelligence technology. Legal policy and legal life (pp. 28-36).

First Peer Review

Peer reviewers' evaluations remain confidential and are not disclosed to the public. Only external reviews, authorized for publication by the article's author(s), are made public. Typically, these final reviews are conducted after the manuscript's revision. Adhering to our double-blind review policy, the reviewer's identity is kept confidential.
The list of publisher reviewers can be found here.

The scientific article submitted for examination is "New challenges and threats in the digital space: security as a criterion for the development of information technologies" is devoted to the urgent problem of the modern development of the science of information law, taking into account modern geopolitical risks in the international information space, the need to improve legal protection mechanisms against information threats, fake information, etc. The authors rightly emphasize the activation of remote information impact on the legal awareness and understanding of people, the unlawful restriction of citizens' access to socially significant information, in particular, in the system of official views in the Russian Federation on the specifics of national interests and the procedure for ensuring them. The authors analyzed a number of documents of a strategic and doctrinal nature, the current information legislation. A number of proposals have been submitted, including a proposal to develop a federal law on information security. The structure of the state information policy is proposed, the tasks of legal education in the system of personnel training in the field of information security are set. The issues of public-private partnership in the field of information security are considered in detail. The conclusion is made about the need for legislative changes in legal norms in the field of information security through the formation of unified approaches to organizational and legal measures to ensure the security of information systems and resources in the context of geopolitical changes and new challenges and threats in the information environment. Thus, it is possible to draw a conclusion about the scientific novelty and scientific results proposed by the authors. The text of the article itself traces the formulation of the research goal and its tasks, despite the absence of a specially highlighted methodological section in it. In fact, the article contains an interdisciplinary component, since the author operates with the concept of "state information policy". It is obvious that the positions of researchers in the science of information law could be significantly supplemented by the positions of representatives of the scientific community of related sciences, for example, political ones. We believe that this circumstance would significantly enhance the presented scientific work. In this regard, we draw attention to the fact that the list of sources and literature used in the reviewed work looks extremely modest. In turn, this circumstance was reflected in the absence of scientific discussion in the scientific article or its elements. On the one hand, the article is analytical in nature. On the other hand, the authors mostly express general, author's positions, suggestions and conclusions. The article is not structured. You should also pay attention to the need for a more thorough proofreading of the text of the article. Taking into account the above, we believe that the reviewed article has all the structural and substantive components of a scientific article and can be published in a journal reviewed by the Higher Attestation Commission of the Russian Federation, taking into account the implementation of the proposed recommendations.

Second Peer Review

Peer reviewers' evaluations remain confidential and are not disclosed to the public. Only external reviews, authorized for publication by the article's author(s), are made public. Typically, these final reviews are conducted after the manuscript's revision. Adhering to our double-blind review policy, the reviewer's identity is kept confidential.
The list of publisher reviewers can be found here.

The subject of the study. As the subject of the research, the article under review is "the norms of law governing public relations in the field of legal provision of information security." Research methodology. According to the author of the reviewed article, "the methodological basis of this work is the application of dialectical and systemic approaches, which made it possible to comprehensively explore the posed scientific and practical problems in their development and interrelationships." In fact, the author used many modern methods of scientific cognition, which made it possible to analyze the current legal norms in the field of information security and draw a number of independent conclusions that deserve the attention of specialists in the field of information law. The relevance of research. The importance and significance of the research topic is beyond doubt, since the issues of information security and its legal support "occupy one of the key values in the domestic and foreign policy of the state, determining national interests and strategic national priorities, the main directions of sustainable development of the state for the long term." As an argument for his position on the relevance of the topic, the author of the reviewed article cites "the words of V.N. Lopatin, who in his dissertation research noted that the role of information security and its place in the national security system is formed by the state information policy, which is interconnected with the state policy of ensuring national security of the state through the information security system," who wrote about this back in 2000 (almost a quarter of a century ago!). Information security issues remain unresolved, which is associated with the constant development of information technology. Global digitalization of all spheres of human activity, as before, puts the problem of ensuring information security as a priority. Scientific novelty. Perhaps it cannot be said that the author of the reviewed article addressed the problems of legal provision of information security for the first time in the science of information law. However, the formulation of the problem and the solution proposed by the author has some elements of scientific novelty (for example, a proposal to adopt a special law or a proposal "on the possibility of including certain legal norms in domestic information legislation to the extent that such norms regulate relations in the field of performance by public administration bodies of functions ensuring security in the information sphere"). Style, structure, content. In general, the article is written in a scientific style using special terminology. However, the article is not without stylistic errors and shortcomings, violations of grammatical forms and syntactic constructions (for example, inconsistency of cases in the sentence is noted: "Within the framework of this article, the subject of research is the norms of law regulating public relations in the field of legal provision of information security"; absence of commas in sentences, etc.). The article should be carefully proofread by the author. Logically, the article is structured, although it is not formally divided into parts. According to the content, the topic stated by the author has been disclosed. As a comment, I would like to note that the conclusion on the article is of a general (non-specific) nature, which detracts from the value of the research conducted by the author. As a wish, the author is invited to draw more specific conclusions from his research. In addition, the article should be proofread and stylistic errors should be eliminated (repetitions of words in a sentence and phrases in neighboring sentences (for example, "there is a need", inconsistency of cases, etc.). Bibliography. It can be noted that the author has used a sufficient number of sources on the topic of the article, including publications of recent years. The author has studied the works of reputable scientists in the field of information law (T.A. Polyakova, A.V. Minbaleeva, T.A. Troyan, O.V. Petrovskaya, etc.). All references to bibliographic sources are designed correctly, in accordance with the requirements. Appeal to opponents. The article presents different points of view on controversial issues of the topic. Appeals to opponents are correct. All borrowings are decorated with links to the source of the publication. Conclusions, the interest of the readership. The article "New challenges and threats in the digital space: security as a criterion for the development of information technologies" is recommended for publication, since it is generally prepared in accordance with the requirements for scientific papers of this kind, is relevant, has practical significance and contains elements of scientific novelty. This scientific work may be of interest to specialists in the field of information law, as well as to teachers and students of law schools and faculties.