The Law and Information Security

2016 ◽  
pp. 337-351 ◽  
Author(s):  
Todd Fitzgerald
Keyword(s):  
Information Security ◽  
The Law

scholarly journals Improving the Training of Law Enforcement Officers in Countering Crimes Committed Using Information Technology

Legal Concept ◽  
2020 ◽  
pp. 154-163
Author(s):  
Ivan Arkhiptsev ◽  
Alexander Sarychev ◽  
Roman Krasnikov
Keyword(s):  
Information Technology ◽  
Law Enforcement ◽  
Information Security ◽  
Information Technologies ◽  
Law Enforcement Officers ◽  
Educational Process ◽  
Educational Organizations ◽  
Law Enforcement Agencies ◽  
The Law ◽  
Internal Affairs

Introduction: according to the official statistics, the number of acts involving information technology is increasing every year in Russia. In particular, currently, the types of crimes in the field of information technology are changing qualitatively and continue to evolve continuously, becoming highly organized and more sophisticated. Through the use of information technologies in Russia, such crimes as hacking, illegal data acquisition (information espionage), theft of other people’s property from payment (settlement) cards and accounts of citizens, trafficking of drugs, arms, human beings are committed; the extremist literature is distributed, new members of terrorist groups are recruited; pornography, including children, is spread, illegal gambling and online games are conducted; fraud through the use of cellular and IP-telephony services, theft of personal data in large amount and selling them, and other crimes are committed using information technologies. The current type of computer fraud – phishing – is gaining momentum. Its essence is that cybercriminals seek to get hold of the data of ordinary people through computer technology, and using this data, get hold of their funds, including financial ones. It seems that such actions can neither contribute to the development of Russian society, nor to the development of civilized relations in society, nor to the development of information networks themselves. After all, any technology can be used for both constructive and non-constructive technologies. And when these goals are destructive, the law enforcement agencies, in our opinion, should have an effective level of training to deal with such violations. We believe that it is not enough to calculate, detect, and establish. We still need to be able to bring the culprit to criminal responsibility. In this regard, the most important thing is to ensure that anonymity not only creates the illusion of impunity, but also that the law enforcement agencies have a sufficient legal, organizational and, first of all, personnel basis to expose the criminal. In order to successfully thwart crimes in the field of information technology, the availability of implementation of the adopted standards and the key to the implementation of the state policy in the field of information security is the training and education of appropriate personnel who would provide “breakthrough” results in this area. The purpose of the research is to study the issues of improving the training of the law enforcement officers in countering crimes committed through the use of information technologies. Methods: the research uses a comparative analysis and generalization of the examples of the educational methods used in the educational organizations of the Ministry of Internal Affairs in the field of information security. The authors study, in particular, the general theoretical and practical orientation of the educational process in this area, synthesizing the results obtained, whose purpose is to improve the training of highly qualified specialists for the Internal Affairs bodies capable of countering crimes in the field of information technologies. Results: the authors formulate the main directions for improving the training of the law enforcement officers to counter crimes committed using information technologies, in particular, on the example of the educational organizations used in the educational process of the Ministry of Internal Affairs of Russia. Thus, one of the measures proposed by the authors in this direction is the opening of a new specialty – cyber-investigator or cyber-criminalist. The entry of developed countries into the sixth technological order and the further active digitalization of the world economy predict a huge scale and replication of crimes using information technologies. This circumstance actualizes the need to popularize the profession of a cyber-investigator – a specialist with an interdisciplinary education, i.e. experience in the investigative agencies will have to be combined with the skills of a criminalist and a specialist in the field of information protection.

“THE LAW ON ACCESS TO INFORMATION” AS THE SOURCE OF INFORMATION LAW

2020 ◽  
Vol 52 (03) ◽  
pp. 86-88
Author(s):  
Aytan Sadaqat Mirzayeva ◽  
Keyword(s):  
Information Security ◽  
Key Words ◽  
Access To Information ◽  
Information Law ◽  
The Law ◽  
Source Of Information

Key words: information law, source of information law, access to information, information security, restrictions on access to information

scholarly journals Cybersecurity law of the People’s Republic of China as a key instrument for ensuring information security of the banking and finance system

2020 ◽  
pp. 47-55 ◽  
Author(s):  
Ella Gorian
Keyword(s):  
Information Security ◽  
Personal Data ◽  
Information Infrastructure ◽  
Finance System ◽  
Republic Of China ◽  
Critical Information ◽  
Banking And Finance ◽  
The People ◽  
The Law ◽  
Institutional Mechanism

The object of this research is the legal relations that emerge in ensuring informations security of the banking and finance system of the People’s Republic of China. The work characterizes China’s cybersecurity law, which was enacted in 2017. The author determines the key positions of this statutory act that establishes the foundation for national institutional and normative-legislative mechanism of ensuring information security of the banking and finance sectors as objects of critical information infrastructure. China’s cybersecurity law represents a fundamental piece of legislation that defines the principles, mechanisms and order of ensuring information security. It defines critical information infrastructure through nomenclature of the sectors and indication of criteria for designation of one or another sector as critical information infrastructure. The banking and finance sector meets such criteria, thus ensuring its information security is based on the general positions of this legislation. The law determines the regime of protection of personal data, as well as obligations of network carriers that are included into the institutional mechanism of provision of cybersecurity. All aforementioned facts make China’s cybersecurity law a key legislative instrument of the mechanism of ensuring information security of the banking and finance system.

scholarly journals CURRENT ISSUES OF INFORMATION SECURITY IN THE ACTIVITIES OF THE NATIONAL POLICE OF UKRAINE

2020 ◽  
pp. 183-190
Author(s):  
І. Є. Іванов
Keyword(s):  
Information Systems ◽  
Law Enforcement ◽  
Information Security ◽  
Information Technologies ◽  
Public Information ◽  
Information Protection ◽  
The Law ◽  
Definition Of ◽  
Definition Of Information ◽  
National Police

The article considers topical issues of information security in the activities of the National Police of Ukraine. It is determined that the main problem of information security in the law enforcement sphere arose due to the global contradiction between the possibilities of information technologies and the threats of their use. The settlement of the existing public information relations alone is insufficient, as the legislation does not keep pace with technical progress. The definition of "information security" is considered and the author's definition of this concept is offered. The main normative legal acts regulating the activity of the National Police in this direction are analyzed. It is stated that information security of the National Police of Ukraine is provided in two forms: organizational (related to the circulation, collection, processing, storage, use and protection of information); legal (preparation and approval of regulations (orders, instructions), development of regulations, instructions, algorithms, plans, etc.). The key to information protection is the administration of information systems. The European experience of information protection in the law enforcement sphere is considered. Attention is drawn to the need to implement a system of modern international information security standards ISO / IES series 27000, which is constantly updated. It is theoretically substantiated that: increasing the efficiency of the National Police of Ukraine can be solved through the introduction of a reliable information security system; to achieve the highest level of information security of law enforcement agencies it is necessary not only to improve the current legislation, but also to have a mechanism for its implementation; Security and protection in the information systems of the National Police should be based on a comprehensive approach to building a protection system, which provides for the integration into a single set of necessary measures and means of information protection at all levels of the information system.

scholarly journals Ensuring information security in criminal proceedings

2020 ◽  
pp. 401-404
Author(s):  
Olha Dehtiarova
Keyword(s):  
Information Technology ◽  
Law Enforcement ◽  
Information Security ◽  
Information Environment ◽  
Information Storage ◽  
Scientific Article ◽  
Information Protection ◽  
Criminal Proceedings ◽  
Exchange Of Information ◽  
The Law

The scientific article considers the issue of information protection during the investigation of criminal proceedings, informationsecurity. The position of researchers and practitioners on information security at the stage of pre-trial investigation of criminal procee -dings is studied.The provisions of the Law of Ukraine «On Information», the Strategy for the Development of the System of the Ministry of InternalAffairs of Ukraine until 2020, the Regulations on the Procedure for Maintaining the Unified Register of Pre-trial Investigations toEnsure Information Security in Proceedings are analyzed.The introduction of information technology in criminal procedure has become an urgent issue, and their application has necessitatedthe need to address the issue of information security in criminal proceedings. When investigating proceedings, the investigatorsuse databases and enter into these databases information that must be securely protected. Information in criminal proceedings needsspecial protection, as it is subject to encroachment by interested parties on its disclosure and transmission.Ensuring information security is to create appropriate conditions for the storage, processing and exchange of information that inany way relates to the investigation of criminal proceedings. Interference in the activities of pre-trial investigation bodies through informationsystems is an undermining of the principle of independence of the law enforcement system. It is important not only to combatunauthorized interference, but also to increase the degree of responsibility for such actions. Because all data collected in criminal proceedingsare protected by law and are a secret of the investigation.Information security in criminal proceedings is the protection of the information environment of electronic criminal proceedingswith the help of means and methods of information storage, which ensures the proper functioning of criminal proceedings and facilitatesthe implementation of its tasks.

POLICY AND SYSTEM FOR ENSURING INFORMATION SECURITY IN THE COUNTRIES OF CENTRAL EUROPE

2017 ◽  
Author(s):  
Oleksandr Malashko ◽  
Keyword(s):  
Information Technology ◽  
European Union ◽  
Information Security ◽  
Cyber Security ◽  
Personal Data ◽  
Freedom Of Information ◽  
The European Union ◽  
Security Strategy ◽  
Information Technology Security ◽  
The Law

The article reveals the conceptual foundations of the policy and system for ensuring information security in the countries of Central Europe, in particular in Germany, Poland, Hungary and Croatia. It was found that Germany, Poland, Hungary and Croatia are member countries of the European Union and NATO, therefore they are subject to the rules and standards of these international organizations. It was established that the main documents and programs for ensuring information security and cybersecurity in the EU and NATO member states are: Document C-M (2002) 49 “Security in the North Atlantic Treaty Organization (NATO)”, the Cybersecurity Concept, formulated based on the results of the Lisbon Summit, the Concept cybersecurity, formulated as a result of the Warsaw Summit, “European Criteria for Information Technology Security”, “Common Criteria for Information Technology Security”, “Network and Information Security: a European Political Approach”, “Safe Internet”, “Towards a Common Policy in the Field of Combating cybercrime”,“Protecting Europe from large-scale cyber attacks and disruption: strengthening preparedness, security and resilience”, Directive 95/46 / EU “On the protection of individuals in the context of the processing of personal data and the free circulation of such data ”. It was determined that in Germany the policy and system for ensuring information security and cybersecurity is based on the Law “On Security Inspection”, the “Act for the Protection of Information in Telecommunications”, the “Act on Freedom of Information”, and the Law “On Strengthening the Security of Information Systems”. It was established that in Poland the policy and system for ensuring information security and cybersecurity is based on the Law “On Mail”, the Law “On Television and Radio Broadcasting”, the Law “On State Relations with the Roman Catholic Church in the Republic of Poland”, the Cybersecurity Strategy of Poland, the Doctrine of Cybersecurity Poland, Poland's Information Security Doctrine. It has been established that in Hungary the policy and system for ensuring information security and cybersecurity is based on the Law “On the Protection of Information about a Person and Access to Information of Public Interest”, the Law “On the Right to Information Self-Determination and Freedom of Information”, the Law “On Processing and Protection medical information and related personal data”, “Act on Electronic Information Security of State and Municipal Bodies”, Hungarian National Security Strategy, Hungarian National Cybersecurity Strategy. It was determined that in Croatia the policy and system for ensuring information security and cyber security is based on the “Information Security Act” and the National Cyber Security Strategy. It has been proved that Ukraine, which has chosen the course of European integration, should be guided by a number of information security strategies identified in the member states of the European Union, in particular in Germany, Poland, Hungary and Croatia.

scholarly journals Critical information infrastructure of the People’s Republic of China: peculiarities of legal regulation in the area of ensuring information security of the financial-banking sector

2020 ◽  
pp. 45-57
Author(s):  
Ella Gorian
Keyword(s):  
Information Security ◽  
Banking Sector ◽  
Information Infrastructure ◽  
The United States ◽  
Legal Regulation ◽  
High Tech ◽  
Republic Of China ◽  
Critical Information ◽  
The People ◽  
The Law

The object of this research is the legal relations emerging in regulation of critical information infrastructure with regards to ensuring information security of the financial-banking sector of the People’s Republic of China. Characteristic is given to the Law on Cybersecurity, acting and developing draft bills of the People’s Republic of China in the area of security of critical information infrastructure. The author examines the peculiarities of regulation of relations in the sphere of critical information infrastructure and their role in ensuring cybersecurity of financial-banking sector. Factors affecting formation of the national mechanism of ensuring security of critical information infrastructure are determined. For the purpose of acquiring most accurate scientific results, the author applies legal-dogmatic approach, hermeneutic and synergetic methods of scientific cognition. Despite the numerous existing and developing sources of legal regulation of critical information infrastructure, the normative mechanism of ensuring its security is characterized by interrelatedness, and reflects overall character of the regime of China’s digital policy. The Law on Cybersecurity of the People’s Republic of China establishes the general norms, as well as draft bills – special norms; and the standards contain high-tech methodical recommendations that allow clarifying possible ambiguity of general and special norms. However, even within the limits of this mechanism is observed a partial overlap of responsibilities, including in the financial-banking sector, which complicates the process of identification of objects and determination of subjects of critical information infrastructure. Establishment of the mechanism is also perplexed by the need of simultaneous achievement of goals in the spheres of national security and economy, particularly in opposition during talks with the United States, which promotes policy of economic expansion onto China’s market, using tariff and nontariff measures as the levers of pressure.

Sign in / Sign up

Export Citation Format

Share Document