Abstract: The object of this research is the legal relations emerging in regulation of critical information infrastructure with regards to ensuring information security of the financial-banking sector of the People’s Republic of China. Characteristic is given to the Law on Cybersecurity, acting and developing draft bills of the People’s Republic of China in the area of security of critical information infrastructure. The author examines the peculiarities of regulation of relations in the sphere of critical information infrastructure and their role in ensuring cybersecurity of financial-banking sector. Factors affecting formation of the national mechanism of ensuring security of critical information infrastructure are determined. For the purpose of acquiring most accurate scientific results, the author applies legal-dogmatic approach, hermeneutic and synergetic methods of scientific cognition. Despite the numerous existing and developing sources of legal regulation of critical information infrastructure, the normative mechanism of ensuring its security is characterized by interrelatedness, and reflects overall character of the regime of China’s digital policy. The Law on Cybersecurity of the People’s Republic of China establishes the general norms, as well as draft bills – special norms; and the standards contain high-tech methodical recommendations that allow clarifying possible ambiguity of general and special norms. However, even within the limits of this mechanism is observed a partial overlap of responsibilities, including in the financial-banking sector, which complicates the process of identification of objects and determination of subjects of critical information infrastructure. Establishment of the mechanism is also perplexed by the need of simultaneous achievement of goals in the spheres of national security and economy, particularly in opposition during talks with the United States, which promotes policy of economic expansion onto China’s market, using tariff and nontariff measures as the levers of pressure.

Keywords: legal mechanism, operator, IT-products, Cyberspace Administration of China, China, CII, critical information infrastructure, cybersecurity, financial-banking sector, CII sector

Abstract: The object of this research is the legal relations that emerge in ensuring informations security of the banking and finance system of the People’s Republic of China. The work characterizes China’s cybersecurity law, which was enacted in 2017. The author determines the key positions of this statutory act that establishes the foundation for national institutional and normative-legislative mechanism of ensuring information security of the banking and finance sectors as objects of critical information infrastructure. China’s cybersecurity law represents a fundamental piece of legislation that defines the principles, mechanisms and order of ensuring information security. It defines critical information infrastructure through nomenclature of the sectors and indication of criteria for designation of one or another sector as critical information infrastructure. The banking and finance sector meets such criteria, thus ensuring its information security is based on the general positions of this legislation. The law determines the regime of protection of personal data, as well as obligations of network carriers that are included into the institutional mechanism of provision of cybersecurity. All aforementioned facts make China’s cybersecurity law a key legislative instrument of the mechanism of ensuring information security of the banking and finance system.

Keywords: banking system, financial system, network operator, personal data, China, legal mechanism, critical information infrastructure, cybersecurity, cybersecurity incident, Cybersecurity Administration of China

Abstract: The object of the research is the relations arising in the process of improving the national legal mechanism of cybersecurity insurance with new cyber threats coming out these days. Goryan analyzes peculiarities of Russian laws and institutional mechanisms of information security and describes the role and influence of the Russian Federation on the development of the international system of information computer technology security. Goryan analyzes and evaluates the law on 'autonomous' Internet as well as the law on localization of data according to international trends and information security standards. In the course of the research Goryan has applied general research methods (systems structural approach, formal law method and hermeneutical method) and special legal research methods (comparative law and formal law methods). The Russian Federation is the key actor in the development of international system of information computer technology security. Development of Russian legal mechanism of cybersecurity follows the pattern typical for many countries of the world. According to the author, the 'autonomous Internet' model is worthy of declared target and potential threats are expected and may be eliminated by the tools available. The Russian model of data localization within national jurisdiction is a normal response to cyber threats and is aimed at reduction of potential risks none of the country is safe from, even the countries that are believed to have the best mechanism of cyber security (Singapore for instance). In the lon-term perspective itis recommended for Russian legislator to consider potential use of measures similar to those that have been recently applied by the USA, Australia and Great Britain to strengthen requirements for imported equipment, especially amid intense development of 5G generation networks.

Keywords: telecommunication equipment, legal mechanism, data localization, national security, autonomous internet, information communication technologies, critical information infrastructure, cybersecurity, 5G networks, private sector

Abstract: The object of the research is the relations that arise in the process of implementation of National Program 'Digital Economics', in particular, provision of information security in Russia's financial system. The researchers define the role of state financial regulatory authority in implementation of the aforesaid program taking into account special features of such financial regulatory authority's legal status. They also analyze key documents that constitute regulatory mechanisms of information security in Russia's financial and banking systems. The authors describe particular activities of Information Security competence center and prove the need to appoint the Bank of Russia as such competence center. In the course of their research the authors have used general research methods (structural-functional and hermeneutical) and special research methods (formal law and history of law methods). According to the authors, despite a serious constitutional legal status and practical experience in provision of security at financial institutions, National program 'Digital Economics of the Russian Federation' does not use potential of the financial regulatory authority to the full extent, even though objectives to be achieved by the competence center are of state nature and thus should be performed by a competent authority. As a proof and logical outcome of declaring an impmortant role of financial regulatory authority, the government must appoint the Bank of Russia as the competence center for the federal project 'Digital Economics' because this financial regulatory authority has all necessary organizational and legal competences and material resources (FinCERT). 

Keywords: cybersecurity, informational security, digital economics, financial system, banking system, Bank of Russia, financial regulatory authority, critical information infrastructure, FinCERT, competence center

Abstract: The object of the research is the relations that may arise in the process of the identification of the critical information infrastructure facilities for safety reasons. Goryan analyzes the main constituent elements of the legal mechanisms of the critical information infrastructure identification in the Russian Federation and Singapore. He describes the legal status of competent actors and the procedure of the critical information infrastructure identification. The researcher defines both similarities and differences in the legal regulation of the identification process as well as drawbacks and benefits of the mechanisms of critical information infrastructure identification. He also makes suggestions on how to improve the current Russia's regulation mechanism. To achieve better and more valid results, the author has applied a number of general research methods (structured systems approach, formal law and hermeneutical analysis) and special research methods (comparative law and formal law methods). As a result of his research, Goryan emphasizes the need to eliminate the drawbacks of the Russian mechanism of the critical information infrastructure identification using the experience of Singapore and clarifying the prcedure of categorization of critical information infrastructure facilities, extension of powers and appeal of actions (decisions) of a competent actor (Federal Service for Technical and Export Control). 

Keywords: FSTEC, institutional mechanism, Singapore, categorization, legal mechanism, identification, critical information infrastructure, cybersecurity, Cyber Security Agency of Singapore, CII subject

Abstract: The object of the research is the relations arising in the process of using the national legal mechanism of cybersafety. The subject of the research is the particular legal acts that are issued in the sphere of regulation of critical information infrastructure safety in the Russian Federation and Singapore as well as international standards therein. The author of the article examines institutional mechanisms of ensuring the safety of the critical information infrastructure and analyzes law-making and law-enforcement processes in the sphere of information security. Goryan outlines drawbacks and benefits of the aforesaid national mechanisms and offers suggestions on how to improve the Russian mechanism. In order to obtain valid research results, the author has applied a number of general research methods (structured system analysis, formal law and hermeneutical methods) and special research methods (comparative law and formal law analysis). From the point of view of international standards, the Russian Federation and Singapore demonstrate a relatively high level of critical information infrastructure safety. The drawback of the Russian law is the fact that there is no legal regulation of the process of information network identification as objects and organisations of critical information infrastructure. The peculiar feathre of the Russian mechanism is the multiple number of actors that ensure the critical information infrastructure safety unlike the Singapore mechanism that has only one department. However, the Russian mechanism has such advantanges as the involvement of the service that has special forces and competences as well as procedural means to make a fast reponse to cyber attacks. As a result, the author concludes that there is a need to study and perhaps legally enforce such instruments of critical information infrastructure safety as training and audit of critical information infrastructure actors as it is done in Singapore. 

Keywords: Federal Security Service, institutional mechanism, legal mechanism, critical information infrastructure, cybersecurity, FSS, CII identification, FSTEC, Cyber Security Agency of Singapore, Singapore

Abstract: The subject of the research is the effective provisions of the Federal Law No. 149 On Information, Information Technologies and Information Protection of July 27, 2006. The aforesaid provisions define the kind of information that could be harmful for children, and establish the procedure of applying enforcement measures for distribution of such information. Legal acts of the Ministry of Education and Science of the Russian Federation recommend measures for parents to avoid distribution of harmful information among minors.  These are the issues that constitute the subject of the present article. The methodological basis of the research involves recent achievements and findings of science. The authors of the article have applied theoretical methods and methods of philosophical research (dialectics, analysis, synthesis, analogy, deduction) and traditional law methods (formal logic to analyze the contents of the aforesaid provisions). The main conclusion made by the authors as a result of their research is that measures of parental and pedagogical control considerably outstrip criminal penalties for inducement to suicide on the Internet. The main contribution made by the authors of the article is their soundly based and legal research of the mechanisms of state and social control for the purpose of developing a single algorithm of interaction between competent powers and social institutions aimed at prevention of Internet suicidal threats. The novelty of the research is caused by the fact that the authors offer an integral approach to the problem of teenager suicide by analysing legal measures and developing institutions of social control (parents and teachers) as well as scales and indicators that can be used to establish a single approach paper that would integrate all forms of control for ensuring child security on the Internet.  

Keywords: Child protection, Administrative penalties, Criminal penalties, international experience, Pedagogical control, Parental control, School, Harmful Information, Suicidal algorithm, Suicide

Abstract: The authors discuss the provision of appropriate counteractions to the proliferation of the data prohibited by the law, including defamation, on the Internet. This phenomenon has become a serious problem and an information safety threat for almost everyone. Information safety often presupposes certain limits which the state imposes on the information exchange. The existing legal measures for preventing Internet defamation are not enough, since the structure and the ideology of social networks make the existing legal procedures ineffective. The authors apply the methods of analysis, synthesis, modeling, forecasting, the statistical and sociological methods, and the principles of integrity of a subject and scientific correctness. The main conclusion of the research is the thesis about the necessity to develop the system of measures of administrative and criminal liability for Internet defamation. Such measures shouldn’t threaten information rights and freedoms of other subjects of activity in the Russian segment of the Internet, and should be only used for the increase of efficiency of prevention of any amoral or illegal actions. 

Keywords: liability, administrative law, criminal law, counteraction, defamation, Internet, Information safety, information, social networks, personal responsibility

Abstract: The article examines the legal status of information providers in Federal information systems. The author attempts to systematize the legal norms regulating the relations connected with the use of Federal information systems. The author outlines the legal norms which can be standardized and included in the General part of the Law on State information systems. It is proposed to unify the following elements of the legal status of information providers: duty to ensure accuracy, completeness and timeliness of information; responsibility for failure to provide information, as well as the submission of incomplete, false or incorrect information; the right to correct errors. The author also considers the problems of legislation, related to specific information systems, and offers the ways to improve it.

Keywords: public administration, error correction, administrative responsibility, completeness of information, correctness of information, state information system, information provider, provision of information, relevance of information, big data

Abstract: The article considers the ways of public control efficiency enhancement. The authors detail the problems of information and legal support of public monitoring and the possibility of use of information and telecommunication systems in this sphere, including the Internet. Special attention is paid to the development of methodical recommendations of use of public control mechanisms. The authors study the possibilities of departmental law-making in the sphere of development of recommendations for public monitoring use and its results assessment. The study is based on the set of general scientific and special methods of cognition of social and legal reality. The methodology is based on the dialectical method with its requirements of objectivity, comprehensiveness, historicism and preciseness of the truth. Among the general scientific methods the authors use the methods of analysis, synthesis, comparison and measurement. As a special scientific method the authors use the comparative-legal method. The main contribution of the authors to the study of this topic is the suggestion about the need for a detailed regulation of the ways of acquisition of reliable, full and timely information about the activities of public authorities, collected and analyzed by means of up-to-date information technologies. The authors offer a standard order of public monitoring of public authorities, local authorities, state and municipal organizations and other bodies with public powers. 

Keywords: activities of local governments, activities of state bodies, acquisition of information, public assessment, Information and legal support, method, monitoring, public control, Internet, enhancement of efficiency

Abstract: The article is devoted to problems of international legal regulation of guarantees for energetic (power) security, based on which the author then analyzes international legal documents and offers to amend and improve them.

Keywords: security, energy, power, gas, agreement, Gazprom, energy charter, commission, the tube

Abstract: The article includes analysis of key problems of national security of the Russian Federation in the light of new Strategy of National Security of the Russian Federation till 2020.

Keywords: security, interests, security of society, national security, state, strategy, guarantees, system, regulation

Abstract: The article is devoted to the problems of realization of means of administrative responsibility for the violation of limited access information regime. The article establishes the elements of offence, under the legislation on responsibility for divulging such information.

Keywords: Information, secret, protection, responsibility, qualification, offence, punishment, informatization, access, harm.

Abstract: The article includes analysis of administrative liability for the violations of legislation on personal data, the author points out, that administrative responsibility is one of the administrative legal means for the protection of personal data. Additionally, the author studies the problems of qualification of administrative offences, related to personal data.

Keywords: information, information protection, personal data, administrative liability, official secret, protection of personal data, access to personal data.

Abstract: The article is devoted to legal and organization base for fighting crime in the sphere of information, problems, which are related to fighting offences in the sphere of information security. The article includes a number of ideas for the amendment of legislation on responsibility for the high technology crimes.

Keywords: information security, information, cyber-crime, information technologies, international cyber-crime, computers, computer crimes, information sphere.