International Law and International OrganizationsReference:
International Legal Basis of Information Security: Results and New Challenges
Abstract: The relevance of the research is caused by the transformation of law in conditions of great challenges and threats, and without understanding the global nature of the problems of this phenomenon, it is impossible to carry out active interstate cooperation. The purpose of research is to study the interstate cooperation in field of information security, as well as the development of measures to improve its effectiveness (primarily international legislation, as well as other interstate measures to prevent new challenges and threats). The object of the study is modern social relations developing in the field of interstate cooperation in ensuring information security. The subject is international legal acts regulating relations in the field of cybersecurity, materials and publications in the field of information security, Internet resources on the problems of this topic. In the course of the research, the author concludes that today the dynamics of competitive relations in Russia are determined by a number of factors that should be developed at the sites of the SCO, BRICS, CSTO, CIS and other interstate regional associations for the growth of the interconnection of market participants, the integration of production, leveling sanctions costs. These conditions pose the task of finding legal means aimed at enhancing the development of the economic sphere and ensuring security in the information sphere. This poses the task of forming an effective mechanism of technical regulation. At a time when the Russian Federation has significant prerequisites for the breakthrough development of digital technologies as a driver of its economic growth, adequate legal solutions are needed to eliminate existing obstacles on this path.
Keywords:information security, cooperation, international security, international law, international organizations, information law, threats and risks, legal regulation, transformation of law, information society
This article is automatically translated. You can find original text of the article here.
The problems of legal provision of information security are relevant both for the domestic legal doctrine and for legislation. Each State has its own national interests and is interested in maintaining peace and international information security. In the light of the close interaction of various countries entering into partnership and allied relations with each other, the problems of information security of one state may become a burden for another. In this regard, the issue of foreign experience of legal provision of information security is important.
A fairly common phenomenon has become the policy of a number of foreign countries aimed at developing their information technology potential in order to negatively affect the information infrastructure of other states.
At the same time, N.V. Beketov rightly notes that the concept of "information security" is a complex legal phenomenon from the point of view of information law, since the above definition should be considered in law as an independent supranational type of universal security, since today information law affects all spheres of public life and ensures the development of the state as a whole [1, p. 33].
In our opinion, such a position could have a stronger justification if States sought to ensure universal international information security. However, each state, taking into account the strategic documents of foreign countries discussed in the previous paragraph, mainly cares about its own information sovereignty. The information security of other states often concerns other participants in the geopolitical struggle only to the extent that information threats affecting the interests of one state may affect the national interests of another state. Such a situation is possible with close integration cooperation between countries, which involves mutual protection of classified information. Building partnership and allied relations presupposes mutual responsibility for the information security of each of the participants of the integration association.
At the same time, it should be noted that in information law, the legal regulation of information security issues is reflected in the Information Security Doctrine of the Russian Federation. This normative legal act regulates part of public relations in the information sphere, thanks to which the security of the state in the information sphere is demonstrated and further improvement of legal institutions is determined in order to balance the interests of the individual, society and the state in the information environment.
Special attention in the science of information law is paid to the issues of the state of legal support of the studied sub-branch of law, so in accordance with paragraph 8 of the Doctrine of Information Security of the Russian Federation, the following features of national interests can be distinguished:
1) transparency and transparency of the state's activities in the information sphere;
2) guarantee of protection of constitutional rights and freedoms of citizens concerning information security;
3) mutual and coordinated functioning of the state and civil society, including within the framework of strengthening the moral values of society;
4) ensuring the proper functioning of the information infrastructure both in the case of the direct impact of information threats (including during wartime) and during a stable peaceful situation in the country;
5) stimulating scientific and technological progress and the development of economic sectors that contribute to ensuring information security;
6) integration cooperation with other countries to ensure international information security and strategic stability .
National interests in the field of information security represent common guidelines for public authorities, which are entrusted with the role of neutralizing information threats and conflicts. The list of national interests enshrined in strategic planning documents is the legal foundation (along with goals and objectives), but which the entire national security system stands on.
Approaches to solving problems related to ensuring information security by international legal means are quite relevant. The problem is that any conditions concerning transparency and information transparency can be perceived by countries as a limitation of sovereignty (primarily informational). This explains the fact that at the moment there is no international treaty that would enshrine the basic principles of information security. The only way to solve this problem is to conclude international agreements within the framework of supranational institutions.
As we noted earlier, the Russian Federation is an active participant in various integration associations: BRICS, CSTO, SCO, EAEU, CIS. Within the framework of these organizations, agreements are concluded concerning the protection of information and other issues in the field of information security. This approach was not chosen by chance, since the resolution of issues related to such a sensitive environment to various kinds of threats as the information space requires not only the search for common ground on the part of other states and the formation of unified approaches to solving problems of an informational nature, but also a certain trust. Only when interacting with countries with which Russia has partnership and allied relations, one can hope for strict compliance with common goals and objectives in the information space.
Cooperation of States in the implementation of security tasks in the information sphere requires the formation and subsequent adoption of organizational and legal measures to counter information threats that encroach on the security of the information space and affect the national interests of several States. Currently, this principle seems to be even more relevant due to the increasing level of integration interaction within the framework of regional interstate unions and interdependence between States due to the cross-border nature of the information space. Taking into account the existing problems of interstate interaction on the platforms of international organizations in the context of geopolitical risks and the global civilizational crisis, the importance of interstate interaction on the platforms of such regional integration unions as BRICS, CIS, SCO, EAEU and CSTO is increasing for the Russian Federation. For example, within the framework of interstate cooperation, model laws on information security are being adopted, so at a meeting of the Council of the CSTO Parliamentary Assembly, it was separately noted that at the moment all participating countries need to strengthen counteraction to cybercrime by amending the normative acts of national legislation, which should be based on the CSTO model law "On Information Security", adopted by in 2021. In turn, based on the results of the inter–ministerial consultations of the CIS member states on the topic of international information security, it was decided to develop a comprehensive international convention on countering the use of ICT for criminal purposes within the framework of the UN Special Intergovernmental Committee of Experts . Thus, Russia's interaction within the framework of regional interstate unions and the interdependence between states contributes to strengthening international cooperation.
To date, the process of formation and development of international norms in the information sphere arises from the results of interstate cooperation within international organizations such as the UN, Council of Europe, European Union, SCO, BRICS, EurAsEC, CIS, CSTO and others. The Council of Europe was one of the first to consider information security issues at a high level, as a result, the White Paper "Economic Growth, Competition, Employment – tasks and ways to solve them on the threshold of the XXI century" and the action plan "Europe's Path to the Information Society" were adopted, which contain a number of information protection standards and conditions for creation and formation of free access to information[5, p. 548].
International acts formulate the basic principles of international information security, which are fundamental in information law. One of the main documents for the legal regulation of security in the information sphere is the Universal Declaration of Human Rights . This normative legal act establishes guarantees for the rights and freedoms of man and citizen in terms of freedom of belief, thought, conscience, religion, the right to education, as well as the right to seek, receive and disseminate information. Consequently, the right to freedom of information is a natural universally recognized human right.
In addition, the Universal Declaration of Human Rights and UN conventions additionally guarantee the right to privacy. Of great importance for information security are the general principles enshrined in UNGA Resolution 2450 (XXIII) of December 12, 1968, which provide for the freedom to receive, store and exchange information, as well as information about the activities of public authorities and local self-government.
In the context of dynamically developing legal relations and geopolitical changes in Russia, a negotiation process has been underway since 1998 on the formation of international legal mechanisms to ensure information security. The International Organization of the United Nations actively discusses issues of information security, including the problems of the formation of the conceptual apparatus, and the development of an international legal regime of information security. In this regard, the Russian Federation has prepared a draft "Principles concerning international information security", which contains definitions of basic concepts in the field of information security. Confirmation of the relevance of international information security is the position of the Heads of the SCO member states .
Thus, the system of international information security is based on a system of interrelated international norms based on international and interregional cooperation [8, p. 45]. At the same time, one of the promising directions in this topic is the creation of an international legal framework and the formation of a conceptual apparatus in the field of ensuring international information security [9, p. 25]. The analysis of the considered basic provisions of interstate agreements made it possible to determine that the common goal is to formulate uniform rules of conduct in the information space in order to ensure information security in the face of new challenges and threats through international cooperation between all relevant stakeholders.
At the same time, in view of the absence of an information security system and conceptual apparatus, as well as inconsistent models, we consider it expedient to develop interstate cooperation based on the convergence of the Eurasian and Euro-Atlantic systems of international information security, taking into account generally recognized principles and norms of international law, while a significant place should be given to the security of the individual and society in the information sphere, including countering undesirable informational and psychological impact.
In conclusion, we can note that today the dynamics of competitive relations in Russia is determined by a number of factors that should be developed at the sites of interstate regional associations of the SCO, BRICS, CSTO, CIS and others to increase the interconnection of market participants, the integration of production, leveling sanctions costs. These conditions pose the task of finding legal means aimed at enhancing the development of the economic sphere and ensuring security in the information sphere. This poses the task of forming an effective mechanism of technical regulation. At a time when the Russian Federation has significant prerequisites for the breakthrough development of digital technologies as a driver of its economic growth, adequate legal solutions are needed to eliminate existing obstacles on this path and create a legal basis for effective and safe progress in this direction. In this regard, ensuring information security in its various aspects is a priority goal of technical regulation.