home › Working with photos › Articles of the federal law on information and information technologies. Legislative base of the Russian Federation. Laws of the Russian Federation

Articles of the federal law on information and information technologies. Legislative base of the Russian Federation. Laws of the Russian Federation

Fundamental among Russian laws on issues information security, the law "On information, information technologies and information protection" of July 27, 2006 No. 149-FZ (adopted by the State Duma on July 8, 2006) should be considered. It provides basic definitions, outlines the directions in which legislation in this area should develop, regulates relations arising from:

the exercise of the right to search, receive, transfer, produce and disseminate information;

application of information technology;

ensuring the protection of information.

Let's quote the main definitions:

information- information (messages, data) regardless of the form of their presentation;

information Technology- processes, methods of searching, collecting, storing, processing, providing, disseminating information and ways of implementing such processes and methods;

information system- a set of information contained in databases and information technologies and technical means ensuring its processing;

information and telecommunications network- a technological system designed to transmit information over communication lines, access to which is carried out using computer technology;

information holder- a person who independently created information or received, on the basis of a law or contract, the right to authorize or restrict access to information determined by any criteria;

access to the information- the ability to obtain information and use it;

confidentiality of information- a mandatory requirement for a person who has gained access to certain information not to transfer such information to third parties without the consent of its owner;

provision of information- actions aimed at obtaining information by a certain circle of persons or transferring information to a certain circle of persons;

spread of information- actions aimed at obtaining information by an indefinite circle of persons or transferring information to an indefinite circle of persons;

electronic message- information transmitted or received by the user of the information and telecommunication network;

documented information- information recorded on a tangible medium by documenting information with requisites that make it possible to determine such information or, in cases established by the legislation of the Russian Federation, its tangible medium;

operator information system - a citizen or legal entity carrying out activities for the operation of the information system, including information processingcontained in its databases.

We will, of course, not discuss data quality in the Law of Definitions. Let us only pay attention to the unconventional definition of information confidentiality, which equates confidentiality with non-disclosure.

Article 3 of the Law formulates the principles of legal regulation of relations in the field of information, information technology and information protection:

freedom to search, receive, transfer, produce and disseminate information in any legal way;

establishment of restrictions on access to information only by federal laws;

openness of information on the activities of state bodies and local self-government bodies and free access to such information, except for cases established by federal laws;

equality of the languages \u200b\u200bof the peoples of the Russian Federation in the creation of information systems and their operation;

ensuring the security of the Russian Federation during the creation of information systems, their operation and protection of the information contained in them;

reliability of information and timeliness of its provision;

inviolability of private life, inadmissibility of collection, storage, use and dissemination of information about a person's private life without his consent;

the inadmissibility of the establishment by regulatory legal acts of any advantages of using some information technologies over others, unless the obligatory use of certain information technologies for the creation and operation of state information systems is established by federal laws.

Note that these principles explicitly include the integrity (reliability) and availability (timeliness of provision) of information.

Article 9 of the Law contains the following provisions:

Restrictions on access to information are established by federal laws in order to protect the foundations of the constitutional order, morality, health, rights and legitimate interests of others, to ensure the country's defense and state security.

It is mandatory to observe the confidentiality of information, access to which is limited by federal laws.

Protection of information constituting a state secret is carried out in accordance with the legislation of the Russian Federation on state secrets.

Federal laws establish the conditions for classifying information as information constituting a commercial secret, official secret and other secrets, the obligation to maintain the confidentiality of such information, as well as liability for its disclosure.

Note that this article focuses on the confidentiality of information.

Article 11 "Documentation of information" contains the following important provisions:

3 ... An electronic message signed with an electronic digital signature or other analogue of a handwritten signature is recognized as an electronic document equivalent to a document signed with a handwritten signature, in cases where federal laws or other regulatory legal acts do not establish or imply a requirement to draw up such a document on paper.

4 ... For the purpose of concluding civil contracts or formalizing other legal relations in which persons exchanging electronic messages participate, the exchange of electronic messages, each of which is signed with an electronic digital signature or another analogue of the handwritten signature of the sender of such a message, in the manner prescribed by federal laws and other regulatory legal acts or agreement of the parties, is considered an exchange of documents.

Article 16 is entirely devoted to information protection issues. We will quote it in full.

Information protection is the adoption of legal, organizational and technical measures aimed at:

ensuring the protection of information from unauthorized access, destruction, modification, blocking, copying, provision, distribution, as well as from other illegal actions in relation to such information;
observance of confidentiality of information limited access;
realization of the right to access information.

State regulation of relations in the field of information protection is carried out by establishing requirements for the protection of information, as well as liability for violation of the legislation of the Russian Federation on information, information technologies and information protection.

Requirements for the protection of publicly available information may be established only to achieve the goals specified in clauses 1 and 3 of part 1 of this article.

The owner of the information, the operator of the information system in the cases established by the legislation of the Russian Federation, must ensure:

prevention of unauthorized access to information and (or) transfer of it to persons who do not have the right to access information;
timely detection of facts of unauthorized access to information;
prevention of the possibility of adverse consequences of violation of the procedure for access to information;
prevention of impact on technical means of information processing, as a result of which their functioning is disrupted;
the possibility of immediate recovery of information modified or destroyed due to unauthorized access to it;
constant control over ensuring the level of information security.

Requirements for the protection of information contained in state information systems are established by the federal executive body in the field of security and the federal executive body authorized in the field of countering technical intelligence and technical protection of information, within the limits of their powers. When creating and operating state information systems, the methods and methods of protecting information used to protect information must comply with the specified requirements.

Federal laws may establish restrictions on the use of certain information protection tools and the implementation of certain types of activities in the field of information protection.

In the cited article of the Law, all three main aspects of information security appear: availability, integrity and confidentiality. In addition, it is mandatory to monitor security breaches and constantly monitor the level of information security.

Measures such as accreditation, certification and licensing are not explicitly mentioned, but clauses 5 and 6 are of course implied.

These are the most important, in our opinion, the provisions of the Law "On Information, Information Technologies and Information Protection". The next page will discuss other laws of the Russian Federation in the field of information security.

Law of the Russian Federation "On Information, Informatization and Information Protection .

Federal Law of February 20, 1995 N 24-FZ "On Information, Informatization and Protection of Information" (as amended on January 10, 2003). Adopted by the State Duma on January 25, 1995.

1. This Federal Law governs relations arising from:

Formation and use of information resources based on the creation, collection, processing, accumulation, storage, search, distribution and provision of documented information to the consumer;

Creation and use of information technologies and means of their support;

Protection of information, rights of subjects involved in information processes and informatization.

State policy in the field of formation of information resources and informatization is aimed at creating conditions for effective and high-quality information support solving strategic and operational tasks of social and economic development of the Russian Federation.

The main directions of state policy in the field of informatization are:

· Provision of conditions for the development and protection of all forms of ownership of information resources;

· Formation and protection of state information resources;

· Creation and development of federal and regional information systems and networks, ensuring their compatibility and interaction in the unified information space of the Russian Federation;

· Creation of conditions for high-quality and effective information support of citizens, state authorities, local authorities, organizations and public associations based on state information resources;

· Ensuring national security in the field of informatization, as well as ensuring the implementation of the rights of citizens, organizations in the context of informatization;

· Assistance in the formation of the market of information resources, services, information systems, technologies, means of their support;

· Formation and implementation of a unified scientific, technical and industrial policy in the field of informatization, taking into account the modern world level of information technology development;

· Support of projects and programs of informatization;

· Creation and improvement of a system for attracting investments and a mechanism to stimulate the development and implementation of informatization projects;

· Development of legislation in the field of information processes, informatization and information protection.

Protection of information and rights of subjects in the field of information processes and informatization

The objectives of the protection are:

1.Prevention of leakage, theft, loss, distortion, forgery of information;

2. prevention of threats to the security of the individual, society, state;

3. prevention of unauthorized actions to destroy, modify, distort, copy, block information; prevention of other forms of illegal interference with information resources and information systems, ensuring the legal regime of documented information as an object of ownership;

4.protection constitutional rights citizens to maintain personal secrecy and confidentiality of personal data available in information systems;

5. preservation of state secrets, confidentiality of documented information in accordance with the legislation;

6. ensuring the rights of subjects in information processes and in the development, production and application of information systems, technologies and means of their support.

Protection of information.

1. Any documented information, the mishandling of which may harm its owner, possessor, user and other person, is subject to protection.

Information protection mode is set:

· In relation to information classified as a state secret - by authorized bodies on the basis of the Law of the Russian Federation "On state secrets";

· In relation to confidential documented information - by the owner of information resources or an authorized person on the basis of this Federal Law;

· In relation to personal data - by the Federal Law.

2. State authorities and organizations responsible for the formation and use of information resources subject to protection, as well as bodies and organizations that develop and use information systems and information technologies for the formation and use of information resources with limited access, are guided in their activities by the legislation of the Russian Federation ...

3. Control over compliance with the requirements for information protection and the operation of special software and hardware protection, as well as the provision of organizational protection measures for information systems that process information with limited access in non-state structures, are carried out by state authorities. Control is carried out in the manner determined by the Government of the Russian Federation.

4. Organizations processing information with limited access, which is the property of the state, create special services to ensure the protection of information.

5. The owner of information resources or persons authorized by him have the right to monitor compliance with the requirements for the protection of information and prohibit or suspend the processing of information in case of failure to comply with these requirements.

6. The owner or the owner of the documented information has the right to apply to state authorities to assess the correctness of compliance with the norms and requirements for the protection of his information in information systems. The relevant bodies are determined by the Government of the Russian Federation. These authorities respect the confidentiality of the information itself and the results of the audit.

Rights and obligations of subjects in the field of information protection.

1. The owner of documents, an array of documents, information systems or persons authorized by him, in accordance with this Federal Law, establish the procedure for providing the user with information indicating the place, time, responsible officials, as well as the necessary procedures and provide conditions for users to access information.

2. The owner of documents, an array of documents, information systems ensures the level of information protection in accordance with the legislation of the Russian Federation.

3. The risk associated with the use of non-certified information systems and means of their support lies with the owner (possessor) of these systems and means.

The risk associated with the use of information obtained from a non-certified system lies with the consumer of the information.

4. The owner of documents, an array of documents, information systems can apply to organizations that certify the means of protecting information systems and information resources to analyze the adequacy of measures to protect their resources and systems and receive advice.

5. The owner of documents, an array of documents, information systems is obliged to notify the owner of information resources or information systems about all facts of violation of the information protection regime.

Protection of the right to access information.

1. Denial of access to open information or provision of deliberately false information to users may be challenged in court.

Non-fulfillment or improper fulfillment of obligations under the contract for the supply, sale and purchase, and other forms of exchange of information resources between organizations are considered by the arbitration court.

In all cases, persons who have been denied access to information and persons who have received false information are entitled to compensation for the damage they have suffered.

2. The court considers disputes on the unjustified classification of information as information with limited access, claims for damages in cases of unjustified refusal to provide information to users or as a result of other violations of users' rights.

3. Heads, other employees of state authorities, organizations guilty of illegal restriction of access to information and violation of the information protection regime are liable in accordance with criminal, civil legislation and legislation on administrative offenses.

Bibliography.

Federal Law of February 20, 1995 N 24-FZ "On Information, Informatization and Protection of Information" (as amended on January 10, 2003).

Changes and amendments

Adopted by the State Duma on July 8, 2006
Approved by the Federation Council on July 14, 2006

Article 1. Scope of this Federal Law

1. This Federal Law governs relations arising from:

1) exercise of the right to search, receive, transfer, produce and disseminate information;

2) the use of information technology;

3) ensuring the protection of information.

2. The provisions of this Federal Law do not apply to relations arising from legal protection the results of intellectual activity and the means of individualization equated to them.

Article 2. Basic concepts used in this Federal Law

The following basic concepts are used in this Federal Law:

1) information - information (messages, data), regardless of the form of their presentation;

2) information technology - processes, methods of searching, collecting, storing, processing, providing, disseminating information and ways of implementing such processes and methods;

3) information system - a set of information contained in databases and information technologies and technical means ensuring its processing;

4) information and telecommunication network - a technological system designed to transmit information via communication lines, access to which is carried out using computer technology;

5) owner of information - a person who independently created information or received, on the basis of a law or an agreement, the right to authorize or restrict access to information determined by any signs;

6) access to information - the ability to obtain information and use it;

7) confidentiality of information - a mandatory requirement for a person who has gained access to certain information not to transfer such information to third parties without the consent of its owner;

8) provision of information - actions aimed at obtaining information by a certain circle of persons or transferring information to a certain circle of persons;

9) distribution of information - actions aimed at obtaining information by an indefinite circle of persons or transferring information to an indefinite circle of persons;

10) electronic message - information transmitted or received by the user of the information and telecommunication network;

11) documented information - information recorded on a material medium by documenting information with details that allow one to determine such information or, in cases established by the legislation of the Russian Federation, its material medium;

12) operator of an information system - a citizen or a legal entity carrying out activities for the operation of the information system, including the processing of information contained in its databases.

Article 3. Principles of legal regulation of relations in the field of information, information technology and information protection

Legal regulation of relations arising in the field of information, information technology and information protection is based on the following principles:

1) freedom to search, receive, transfer, produce and disseminate information in any legal way;

2) establishment of restrictions on access to information only by federal laws;

3) openness of information on the activities of state bodies and local self-government bodies and free access to such information, except for cases established by federal laws;

4) equality of the languages \u200b\u200bof the peoples of the Russian Federation in the creation of information systems and their operation;

5) ensuring the security of the Russian Federation during the creation of information systems, their operation and protection of the information contained in them;

6) the reliability of information and the timeliness of its provision;

7) inviolability of private life, inadmissibility of collection, storage, use and dissemination of information about the private life of a person without his consent;

8) the inadmissibility of the establishment by regulatory legal acts of any advantages of using some information technologies over others, unless the mandatory use of certain information technologies for the creation and operation of state information systems is established by federal laws.

Article 4. Legislation of the Russian Federation on information, information technology and information protection

1. The legislation of the Russian Federation on information, information technologies and on the protection of information is based on the Constitution of the Russian Federation, international treaties of the Russian Federation and consists of this Federal Law and other federal laws governing the use of information.

2. The legal regulation of relations related to the organization and activities of the mass media is carried out in accordance with the legislation of the Russian Federation on the mass media.

3. The procedure for storing and using documented information included in the archival funds is established by the legislation on archiving in the Russian Federation.

Article 5. Information as an object of legal relations

1. Information can be the object of public, civil and other legal relations. Information can be freely used by any person and transferred by one person to another person, unless federal laws establish restrictions on access to information or other requirements for the procedure for its provision or dissemination.

2. Information, depending on the category of access to it, is divided into publicly available information, as well as information, access to which is limited by federal laws (information of limited access).

3. Information, depending on the order of its provision or distribution, is divided into:

1) information freely distributed;

2) information provided by agreement of the persons participating in the relevant relationship;

3) information that, in accordance with federal laws, is subject to provision or distribution;

4) information the dissemination of which in the Russian Federation is restricted or prohibited.

4. The legislation of the Russian Federation may establish the types of information depending on its content or owner.

Article 6. Information holder

1. The owner of information can be a citizen (individual), legal entity, the Russian Federation, a constituent entity of the Russian Federation, a municipal entity.

2. On behalf of the Russian Federation, a constituent entity of the Russian Federation, a municipal formation, the powers of the owner of the information are exercised, respectively, by state bodies and local self-government bodies within the limits of their powers established by the relevant regulatory legal acts.

3. The owner of the information, unless otherwise provided by federal laws, has the right:

1) allow or restrict access to information, determine the procedure and conditions for such access;

2) use the information, including disseminate it, at its own discretion;

3) transfer information to other persons under an agreement or on another basis established by law;

4) protect their rights in the manner established by law in the event of illegal receipt of information or its illegal use by other persons;

5) take other actions with information or authorize the implementation of such actions.

4. The owner of information, when exercising his rights, is obliged:

1) observe the rights and legal interests of other persons;

2) take measures to protect information;

3) restrict access to information, if such a duty is established by federal laws.

Article 7. Publicly available information

1. Publicly available information includes generally known information and other information, access to which is not limited.

2. Publicly available information can be used by any person at their discretion, subject to the restrictions established by federal laws with respect to the dissemination of such information.

3. The owner of information that has become publicly available by his decision has the right to demand that the persons disseminating such information indicate themselves as a source of such information.

Article 8. Right to access information

1. Citizens (individuals) and organizations (legal entities) (hereinafter referred to as organizations) have the right to search for and receive any information in any form and from any source, subject to the requirements established by this Federal Law and other federal laws.

2. A citizen (individual) has the right to receive from state bodies, local self-government bodies, their officials in the manner prescribed by the legislation of the Russian Federation, information directly affecting his rights and freedoms.

3. An organization has the right to receive information from state bodies, local self-government bodies that directly relate to the rights and obligations of this organization, as well as information necessary in connection with interaction with these bodies in the implementation of its statutory activities by this organization.

4. Access to:

1) regulatory legal acts affecting the rights, freedoms and obligations of a person and a citizen, as well as establishing the legal status of organizations and the powers of state bodies, local governments;

2) information about the state of the environment;

3) information on the activities of state bodies and local self-government bodies, as well as on the use of budgetary funds (except for information constituting a state or official secret);

4) information accumulated in open funds of libraries, museums and archives, as well as in state, municipal and other information systems created or intended to provide citizens (individuals) and organizations with such information;

5) other information, the inadmissibility of restricting access to which is established by federal laws.

5. State bodies and local self-government bodies are obliged to provide access to information about their activities in Russian and the state language of the respective republic within the Russian Federation in accordance with federal laws, laws of the constituent entities of the Russian Federation and regulatory legal acts of local self-government bodies. A person wishing to gain access to such information is not obliged to justify the need to obtain it.

6. Decisions and actions (inaction) of state bodies and local self-government bodies, public associations, officials that violate the right to access information may be appealed to a higher body or a higher official or to a court.

7. If, as a result of unlawful denial of access to information, untimely provision of it, provision of deliberately inaccurate information or information that does not correspond to the content of the request, losses have been caused, such losses are subject to compensation in accordance with civil law.

8. The information is provided free of charge:

1) on the activities of state bodies and local self-government bodies posted by such bodies in information and telecommunication networks;

2) affecting the rights and obligations of the interested person established by the legislation of the Russian Federation;

3) other information specified by law.

9. The establishment of fees for the provision by a state body or a local self-government body of information about its activities is possible only in cases and on conditions established by federal laws.

Article 9. Restricting access to information

1. Restriction of access to information is established by federal laws in order to protect the foundations of the constitutional order, morality, health, rights and legitimate interests of others, to ensure the country's defense and state security.

2. Compliance with the confidentiality of information, access to which is limited by federal laws, is mandatory.

3. Protection of information constituting a state secret is carried out in accordance with the legislation of the Russian Federation on state secrets.

4. Federal laws establish the conditions for classifying information as information constituting a commercial secret, official secret and other secrets, the obligation to observe the confidentiality of such information, as well as responsibility for its disclosure.

5. Information received by citizens ( individuals) in the performance of their professional duties or by organizations in the implementation of certain types of activities (professional secrecy), is subject to protection in cases where these persons are obliged by federal laws to maintain the confidentiality of such information.

6. Information constituting a professional secret may be provided to third parties in accordance with federal laws and (or) by a court decision.

7. The term of fulfillment of obligations to maintain the confidentiality of information constituting a professional secret can be limited only with the consent of the citizen (individual) who provided such information about himself.

8. It is prohibited to demand from a citizen (individual) to provide information about his private life, including information constituting a personal or family secret, and to receive such information against the will of the citizen (individual), unless otherwise provided by federal laws.

9. The procedure for access to personal data of citizens (individuals) is established by the federal law on personal data.

Article 10. Dissemination of information or provision of information

1. In the Russian Federation, the dissemination of information is carried out freely subject to the requirements established by the legislation of the Russian Federation.

2. Information disseminated without using the mass media must include reliable information about its owner or about another person disseminating information, in a form and in an amount that are sufficient to identify such a person.

3. When using for the dissemination of information means that allow you to determine the recipients of information, including postal items and electronic messages, the person disseminating the information is obliged to provide the recipient of the information with the opportunity to refuse such information.

4. The provision of information is carried out in accordance with the procedure established by the agreement of the persons participating in the exchange of information.

5. Cases and conditions of mandatory dissemination of information or provision of information, including provision of mandatory copies of documents, are established by federal laws.

6. It is prohibited to disseminate information that is aimed at promoting war, inciting national, racial or religious hatred and enmity, as well as other information for the dissemination of which criminal or administrative liability is provided.

Article 11. Documenting information

1. The legislation of the Russian Federation or agreement of the parties may establish requirements for documenting information.

2. In federal executive bodies, information is documented in accordance with the procedure established by the Government of the Russian Federation. The rules of office work and document flow established by other state bodies, local self-government bodies within their competence must comply with the requirements established by the Government of the Russian Federation in terms of office work and document flow for federal executive bodies.

3. An electronic message signed with an electronic digital signature or other analogue of a handwritten signature is recognized as an electronic document equivalent to a document signed with a handwritten signature, in cases where federal laws or other regulatory legal acts do not establish or imply a requirement to draw up such a document on paper ...

4. For the purpose of concluding civil law contracts or formalizing other legal relations in which persons exchanging electronic messages participate, the exchange of electronic messages, each of which is signed with an electronic digital signature or other analogue of the handwritten signature of the sender of such a message, in the manner prescribed by federal laws, other regulatory legal acts or agreement of the parties, is considered an exchange of documents.

5. Ownership and other property rights to tangible media containing documented information are established by civil legislation.

Article 12. State regulation in the field of information technology application

1. State regulation in the field of information technology application provides for:

1) regulation of relations related to the search, receipt, transfer, production and dissemination of information using information technology (informatization), on the basis of the principles established by this Federal Law;

2) development of information systems for various purposes to provide citizens (individuals), organizations, state bodies and local governments with information, as well as ensuring the interaction of such systems;

3) creating conditions for effective use in the Russian Federation information and telecommunication networks, including the Internet and other similar information and telecommunication networks.

2. State bodies, bodies of local self-government in accordance with their powers:

1) participate in the development and implementation of targeted programs for the use of information technologies;

2) create information systems and provide access to the information contained in them in Russian and in the state language of the corresponding republic within the Russian Federation.

Article 13. Information Systems

1. Information systems include:

1) state information systems - federal information systems and regional information systems created on the basis of federal laws, laws of the constituent entities of the Russian Federation, respectively, on the basis of legal acts of state bodies;

2) municipal information systems created on the basis of a decision of the local government;

3) other information systems.

2. Unless otherwise established by federal laws, the operator of the information system is the owner of the technical means used to process the information contained in the databases, who lawfully uses such databases, or the person with whom this owner has concluded an agreement on the operation of the information system.

3. The rights of the owner of the information contained in the databases of the information system are subject to protection, regardless of copyright and other rights to such databases.

4. The requirements for state information systems established by this Federal Law shall apply to municipal information systems, unless otherwise provided by the legislation of the Russian Federation on local self-government.

5. Features of the operation of state information systems and municipal information systems can be established in accordance with technical regulations, regulatory legal acts of state bodies, regulatory legal acts of local government bodies that make decisions on the creation of such information systems.

6. The procedure for the creation and operation of information systems that are not state information systems or municipal information systems is determined by the operators of such information systems in accordance with the requirements established by this Federal Law or other federal laws.

Article 14. State information systems

1. State information systems are created in order to exercise the powers of state bodies and to ensure the exchange of information between these bodies, as well as for other purposes established by federal laws.

2. State information systems are created taking into account the requirements stipulated by the Federal Law of July 21, 2005 N 94-FZ "On the placement of orders for the supply of goods, performance of work, provision of services for state and municipal needs."

3. State information systems are created and operated on the basis of statistical and other documented information provided by citizens (individuals), organizations, state bodies, local governments.

4. Lists of types of information provided on a mandatory basis are established by federal laws, the conditions for its provision - by the Government of the Russian Federation or the relevant state bodies, unless otherwise provided by federal laws.

5. Unless otherwise established by a decision on the creation of a state information system, the functions of its operator are performed by the customer who has entered into a state contract for the creation of such an information system. At the same time, the commissioning of the state information system is carried out in the manner prescribed by the specified customer.

6. The Government of the Russian Federation has the right to establish mandatory requirements for the procedure for putting into operation certain state information systems.

7. Operation of the state information system is not allowed without proper registration of rights to use its components that are objects of intellectual property.

8. Technical means intended for processing information contained in state information systems, including software and technical means and information protection means must comply with the requirements of the legislation of the Russian Federation on technical regulation.

9. Information contained in state information systems, as well as other information and documents at the disposal of state bodies are state information resources.

Article 15. Use of information and telecommunication networks

1. On the territory of the Russian Federation, the use of information and telecommunication networks is carried out in compliance with the requirements of the legislation of the Russian Federation in the field of communications, this Federal Law and other regulatory legal acts of the Russian Federation.

2. Regulation of the use of information and telecommunication networks, access to which is not limited to a certain circle of persons, is carried out in the Russian Federation, taking into account the generally accepted international practice of the activities of self-regulatory organizations in this area. The procedure for using other information and telecommunication networks is determined by the owners of such networks, taking into account the requirements established by this Federal Law.

3. The use on the territory of the Russian Federation of information and telecommunication networks in economic or other activities may not serve as a basis for establishing additional requirements or restrictions regarding the regulation of these activities carried out without using such networks, as well as for non-compliance with the requirements established by federal laws.

4. Federal laws may provide for mandatory identification of individuals, organizations using an information and telecommunications network in the implementation of entrepreneurial activities. In this case, the recipient of an electronic message located on the territory of the Russian Federation has the right to conduct a check, which makes it possible to identify the sender of the electronic message, and in cases established by federal laws or by agreement of the parties, he is obliged to carry out such a check.

5. The transfer of information through the use of information and telecommunication networks is carried out without restrictions, provided that the requirements established by federal laws for the dissemination of information and the protection of intellectual property are observed. The transfer of information can be limited only in the manner and on the conditions established by federal laws.

6. The specifics of connecting state information systems to information and telecommunication networks may be established by a regulatory legal act of the President of the Russian Federation or a regulatory legal act of the Government of the Russian Federation.

Article 16. Protection of information

1. Information protection is the adoption of legal, organizational and technical measures aimed at:

1) ensuring the protection of information from unauthorized access, destruction, modification, blocking, copying, provision, distribution, as well as from other illegal actions in relation to such information;

2) observance of confidentiality of information of limited access,

3) the exercise of the right to access information.

2. State regulation of relations in the field of information protection is carried out by establishing requirements for the protection of information, as well as liability for violation of the legislation of the Russian Federation on information, information technology and information protection.

3. Requirements for the protection of publicly available information may be established only to achieve the goals specified in clauses 1 and 3 of part 1 of this article.

4. The owner of the information, the operator of the information system in the cases established by the legislation of the Russian Federation, are obliged to ensure:

1) prevention of unauthorized access to information and (or) transfer of it to persons who do not have the right to access information;

2) timely detection of facts of unauthorized access to information;

3) prevention of the possibility of adverse consequences of violation of the procedure for access to information;

4) prevention of impact on technical means of information processing, as a result of which their functioning is disrupted;

5) the possibility of immediate recovery of information modified or destroyed due to unauthorized access to it;

6) constant control over ensuring the level of information security.

5. Requirements for the protection of information contained in state information systems are established by the federal executive body in the field of security and the federal executive body authorized in the field of countering technical intelligence and technical protection of information, within the limits of their powers. When creating and operating state information systems, the methods and methods of protecting information used to protect information must comply with the specified requirements.

6. Federal laws may establish restrictions on the use of certain means of protecting information and carrying out certain types of activities in the field of information protection.

Article 17. Responsibility for offenses in the field of information, information technology and information protection

1. Violation of the requirements of this Federal Law entails disciplinary, civil, administrative or criminal liability in accordance with the legislation of the Russian Federation.

2. Persons whose rights and legitimate interests have been violated in connection with the disclosure of information of limited access or other unlawful use of such information, have the right to apply in accordance with the established procedure for judicial protection of their rights, including claims for damages, compensation for moral damage, protection honor, dignity and business reputation. A claim for damages cannot be satisfied if it is presented by a person who did not take measures to maintain confidentiality of information or violated the requirements for information protection established by the legislation of the Russian Federation, if the adoption of these measures and compliance with such requirements were the obligations of this person.

3. If the dissemination of certain information is limited or prohibited by federal laws, civil liability for the dissemination of such information shall not be borne by the person providing the services:

1) either on the transfer of information provided by another person, subject to its transfer without changes and corrections;

2) either on storing information and providing access to it, provided that this person could not know about the illegality of the dissemination of information.

Article 18.On invalidation of certain legislative acts (provisions of legislative acts) of the Russian Federation

From the date of entry into force of this Federal Law, to declare invalid:

1) Federal Law of February 20, 1995 N 24-FZ "On Information, Informatization and Protection of Information" (Collected Legislation of the Russian Federation, 1995, N 8, Art. 609);

2) Federal Law of July 4, 1996 N 85-FZ "On participation in international information exchange" (Collected Legislation of the Russian Federation, 1996, N 28, Art. 3347);

3) Article 16 of the Federal Law of January 10, 2003 N 15-FZ "On Amendments and Additions to Certain Legislative Acts of the Russian Federation in Connection with the Adoption of the Federal Law" On Licensing Certain Types of Activities "(Collected Legislation of the Russian Federation, 2003, N 2 , p. 167);

4) Article 21 of the Federal Law of June 30, 2003 N 86-FZ "On Amendments and Additions to Certain Legislative Acts of the Russian Federation, Recognizing Certain Legislative Acts of the Russian Federation as Invalid, Providing separate guarantees employees of internal affairs bodies, bodies for control over the circulation of narcotic drugs and psychotropic substances and the abolished federal bodies of the tax police in connection with the implementation of measures to improve public administration "(Collected Legislation of the Russian Federation, 2003, No. 27, Art. 2700);

5) Article 39 of the Federal Law of June 29, 2004 N 58-FZ "On Amendments to Certain Legislative Acts of the Russian Federation and the Recognition of Invalidation of Certain Legislative Acts of the Russian Federation in Connection with the Implementation of Measures to Improve Public Administration" (Collected Legislation of the Russian Federation, 2004, N 27, Art.2711).

The president
Russian Federation
V. Putin

Article 15.1. Unified register of domain names, indexes of pages of sites on the Internet and network addresses that allow identifying sites on the Internet, containing information, the distribution of which is prohibited in the Russian Federation

1. In order to restrict access to sites on the Internet, containing information, the distribution of which is prohibited in the Russian Federation, a unified automated information system is being created "Unified Register of Domain Names, Indexes of Pages of Sites on the Internet" and network addresses that allow identifying sites on the Internet containing information, the distribution of which is prohibited in the Russian Federation "(hereinafter referred to as the register).

2. The register includes:

1) domain names and (or) indexes of pages of sites on the Internet, containing information, the distribution of which is prohibited in the Russian Federation;

2) network addresses that allow identifying sites on the Internet that contain information, the distribution of which is prohibited in the Russian Federation.

3. Creation, formation and maintenance of the register shall be carried out by the federal executive authority exercising control and supervision functions in the field of mass media, mass communications, information technology and communications, in the manner established by the Government of the Russian Federation.

4. The federal executive body performing the functions of control and supervision in the field of mass media, mass communications, information technology and communications, in the manner and in accordance with the criteria determined by the Government of the Russian Federation, may involve the registry operator in the formation and maintenance of the register - an organization registered on the territory of the Russian Federation.

5. The grounds for inclusion in the register of the information specified in part 2 of this article are:

1) decisions of federal executive bodies authorized by the Government of the Russian Federation, adopted in accordance with their competence in the manner established by the Government of the Russian Federation, in relation to those distributed via the Internet:

a) materials with pornographic images of minors and (or) advertisements for attracting minors as performers to participate in entertainment events of a pornographic nature;

b) information on the methods, methods of development, manufacture and use of narcotic drugs, psychotropic substances and their precursors, new potentially dangerous psychoactive substances, places of their acquisition, methods and places of cultivation of narcotic plants;

c) information on methods of committing suicide, as well as calls to commit suicide;

d) information about a minor who has suffered as a result of illegal actions (inaction), the dissemination of which is prohibited by federal laws;

e) information that violates the requirements of the Federal Law of December 29, 2006 N 244-FZ "On state regulation of activities for the organization and conduct of gambling and on amendments to certain legislative acts of the Russian Federation" and Federal Law of November 11, 2003 N 138- The Federal Law "On Lotteries" on the prohibition of activities for the organization and conduct of gambling and lotteries using the Internet and other means of communication;

f) information containing proposals for remote retail sale of alcoholic beverages, and (or) alcohol-containing food products, and (or) ethyl alcohol, and (or) alcohol-containing non-food products, retail sale of which is limited or prohibited by legislation on state regulation of production and circulation ethyl alcohol, alcoholic and alcohol-containing products and on limiting the consumption (drinking) of alcoholic products;

g) information aimed at persuading or otherwise involving minors in committing illegal actions that pose a threat to their life and (or) health or to the life and (or) health of other persons;

2) a court decision that has entered into legal force recognizing information disseminated via the Internet as information the dissemination of which is prohibited in the Russian Federation;

3) the decision of the bailiff-executor on the restriction of access to information disseminated on the Internet, defaming the honor, dignity or business reputation of a citizen or the business reputation of a legal entity.

6. The decision to include in the register of domain names, indexes of pages of sites on the Internet and network addresses that allow identifying sites on the Internet, containing information, the distribution of which in the Russian Federation is prohibited, may be appealed by the owner of the site on the Internet ", a hosting provider, a communications operator providing services for providing access to the information and telecommunications network" Internet ", to the court within three months from the date of such a decision.

7. Immediately from the moment of receipt from the registry operator of the notification about the inclusion of the domain name and (or) the index of the website page on the Internet in the registry, the hosting provider is obliged to inform the owner of the Internet site it serves and notify him of the need to delete the Internet - a page containing information, the distribution of which is prohibited in the Russian Federation.

8. Immediately from the moment of receipt from the hosting provider of the notification on the inclusion of the domain name and (or) the index of the website page on the Internet in the register, the owner of the website on the Internet is obliged to delete the website containing information, the distribution of which is prohibited in the Russian Federation ... In case of refusal or inaction of the owner of a site on the Internet, the hosting provider is obliged to restrict access to such a site on the Internet immediately.

9. If the hosting provider and (or) the owner of the Internet site does not take the measures specified in parts 7 and 8 of this article, the network address that allows you to identify the site on the Internet containing information, the distribution of which is prohibited in the Russian Federation , is included in the register.

10. Within 24 hours from the date of inclusion in the register network addressallowing to identify a site on the Internet, containing information, the distribution of which is prohibited in the Russian Federation, a telecom operator providing services for providing access to the Internet information and telecommunications network must restrict access to such a site on the Internet.

11. The federal executive body exercising the functions of control and supervision in the field of mass media, mass communications, information technology and communications, or the registry operator engaged by it in accordance with part 4 of this article excludes the domain name from the register, the index of the website page on the network "Internet" or a network address that allows you to identify a site on the "Internet", based on the appeal of the owner of the site on the "Internet", a hosting provider or a telecom operator providing services for providing access to the information and telecommunications network "Internet", no later than within three days from the date of such an appeal after taking measures to remove information, the dissemination of which is prohibited in the Russian Federation, or on the basis of a court decision that has entered into legal force to cancel the decision of the federal executive body exercising the functions of control and supervision in the field of mass media , mass communications, information technology and communications, on the inclusion in the registry of a domain name, an index of a page of a site on the Internet or a network address that allows identifying a site on the Internet.

12. The procedure for interaction between the registry operator and the hosting provider and the procedure for obtaining access to the information contained in the register by the communications operator providing services for providing access to the information and telecommunications network "Internet" are established by the federal executive body authorized by the Government of the Russian Federation.

13. The procedure for restricting access to sites on the Internet, provided for by this article, does not apply to information, the procedure for restricting access to which is provided for in Article 15.3 of this Federal Law.

14. The federal executive body exercising control and supervision functions in the field of mass media, mass communications, information technology and communications, or the registry operator engaged by it in accordance with Part 4 of this Article within 24 hours from the date of receipt of the decisions specified in subparagraphs "a", "c" and "g" of paragraph 1 of part 5 of this article shall notify the federal executive body in the field of internal affairs through the interaction system.

In accordance with Article 24 of the Constitution, state authorities and local self-government bodies, their officials are obliged to provide everyone with the opportunity to familiarize themselves with documents and materials directly affecting his rights and freedoms, unless otherwise provided by law.

Article 41 guarantees the right to knowledge of facts and circumstances that pose a threat to human life and health, Article 42 - the right to knowledge of reliable information about the state of the environment.

Basically, right to information can be implemented by means of paper technologies, but in modern conditions the most practical and convenient for citizens is the creation of information servers by the relevant legislative, executive and judicial bodies and maintaining the availability and integrity of the information presented on them, that is, ensuring their (servers) information security.

Article 23 of the Constitution guarantees the right to personal and family secrets, on the privacy of correspondence, telephone conversations, postal, telegraph and other messages, Article 29 - the right to freely search, receive, transmit, produce and distribute information in any legal way. The modern interpretation of these provisions includes ensuring the confidentiality of data, including in the process of their transmission over computer networks, as well as access to information security.

The Civil Code of the Russian Federation (in our presentation we rely on the edition of May 15, 2001) includes such concepts as banking, commercial and official secrets. According to article 139, information constitutes official or trade secret in the case when information has actual or potential commercial value due to its unknown to third parties, there is no free access to it on a legal basis, and the owner of the information takes measures to protect its confidentiality. This implies, at a minimum, competence in information security and the availability of available (and legal) means of ensuring confidentiality. (Note: Abolished from January 1, 2008. - Federal Law of December 18, 2006 N 231-FZ.)

Very advanced in terms of information security is Criminal Code Russian Federation (as amended on March 14, 2002). Chapter 28, Computer Information Crimes, contains three articles:

article 272. Illegal access to computer information;
article 273. Creation, use and distribution malware for computers;
article 274. Violation of the rules for the operation of storage, processing or transfer facilities computer information and information telecommunication networks.

The first deals with encroachments on confidentiality, the second - with malware, the third - with violations of accessibility and integrity, which entailed the destruction, blocking or modification of legally protected computer information. Inclusion of accessibility issues into the scope of the Criminal Code of the Russian Federation information services seems to us very timely.

Article 138 of the Criminal Code of the Russian Federation, protecting the confidentiality of personal data, provides for punishment for violation of the secrecy of correspondence, telephone conversations, postal, telegraph or other messages. Article 183 of the Criminal Code of the Russian Federation plays a similar role for banking and commercial secrets.

The interests of the state in terms of ensuring the confidentiality of information are most fully expressed in the Law "On state secrets"(as amended on August 22, 2004). It defines the state secret as information protected by the state in the field of its military, foreign policy, economic, intelligence, counterintelligence and operational-search activities, the spread of which may damage the security of the Russian Federation. the definition of information security means is given.According to this Law, these are technical, cryptographic, software and other means designed to protect information constituting state secret ; means in which they are implemented, as well as means for monitoring the effectiveness of information protection. Let us emphasize the importance of the last part of the definition.

Law "On Information, Information Technology and Information Protection"

The law "On Information, Information Technologies and Information Protection" of July 27, 2006, No. 149-FZ (adopted by the State Duma on July 8, 2006) should be considered fundamental among Russian laws on information security. It provides basic definitions, outlines the directions in which legislation in this area should develop, regulates relations arising from:

the exercise of the right to search, receive, transfer, produce and disseminate information;
application of information technology;
ensuring the protection of information.