A consultation with the Indian working group is scheduled for March 6-7 in New Delhi, deputy director of the Institute for Information Security Problems of Moscow State University told Gazeta.Ru. India is expected to attend representatives of the secretariat of the National Security Adviser, as well as other interested departments. The Russian delegation will be headed by Vladislav Sherstyuk, director of the specialized institute of the Moscow State University, Assistant Secretary of the Security Council.

A consultation with the Chinese working group is scheduled for the second half of March 2012. The Chinese Academy of Engineering and the Chinese Society for Friendship with Foreign Countries will join the talks.

In 2011, Russia and China signed a draft resolution on general rules behavior on the Internet is a "soft", not "legally binding" version of the convention.

“A number of Indian experts said in private during the working consultations that they were ready to sign the text of the convention,” says Salnikov. “With these countries, our views coincide rather than diverge.”

In absentia, British experts (Center for Conflict Research) take part in the discussion, who must present their position on the concept of Great Britain and the United States in two or three months.

One of the goals of the negotiations, according to Salnikov, is to find nuances of interpretations in documents where there may be discrepancies, and generally acceptable wording.

“The consultations should end with a draft of a new version of this document. On April 23-26, in the city of Garmisch-Partenkirchen (Germany), as part of the 6th annual international forum “Partnership of the state, business and civil society in ensuring information security”, a final discussion of the new version of the concept will take place,” he stressed.

The concept of a convention on ensuring international information security was presented on September 22, 2011. The draft document was developed by the Security Council, the Ministry of Foreign Affairs and the Institute for Information Security Problems of Moscow State University. The purpose of the concept is declared to counteract the use of information and communication technologies to violate international peace and security, and "to establish measures to prevent and resolve conflicts in the information space, taking into account military, terrorist and criminal threats."

Now the wording can assume a broad interpretation. Among the threats are listed "the erosion of cultural values", the expansion of another state and the dissemination of information "inciting interethnic, interracial and interfaith hatred."

The right of everyone to seek, receive and disseminate information and ideas, as recorded in UN documents, may be limited by law to protect the national and public security of the state, as well as to prevent misuse and unauthorized interference with information resources, the concept notes.

Last year the concept of the convention was presented in Brussels and London. In November, Russia held bilateral consultations with China involving political circles. At the end of December, the concept of the document was discussed in Berlin.

Russia expected to adopt the convention in 2012. But the main points of the concept are contrary to US policy, in particular, the White House cyberdoctrine, which allows you to actively respond to cyberattacks from abroad.

China, by contrast, has a Golden Shield content filtering system that completely or temporarily blocks access to resources that the Chinese government does not consider loyal, including most Western news sites and social networks. Recently, China announced the tightening of Internet censorship in the field of microblogging.

In India, a law has been in place since last year that makes Internet companies liable for user-generated content posted on their sites. If content is reported, site owners have 36 hours to remove it. A few days ago, Facebook had to remove some of the content from its local sites under the threat of blocking. An Indian court ordered them and 19 other Internet companies to develop a mechanism to block content that could potentially be "offensive to followers of Hinduism, Christianity, Islam and other religious denominations, as well as political movements."

“By and large, the Internet is regulated in any country, including the United States, Europe, China, etc.: the activities of Internet service providers are regulated by local laws,” Salnikov notes, recalling the “International Covenant on Civil and Political Rights”, which was adopted by the United Nations in 1966: the exercise of freedom “to seek, receive and impart information and ideas of all kinds, regardless of frontiers, whether orally, in writing or in print or in the form of art, or by any other media of one’s choice” imposes special obligations and special liability and may be “subject to certain limitations, but these shall only be such as are provided by law and are necessary for respect of the rights or reputations of others; for the protection of national security, public order, public health or morals”.

“All states agreed that the concept of freedom is not absolute,” emphasizes Salnikov. - Problems arise around the interpretation of when, how and by whom such restrictions on freedoms can be imposed: there are contradictions in this even between such allies as England and the USA: in England, incitement to commit a crime is a criminal offense, while in the USA for such appeals cannot be punished, so as not to infringe on freedom of speech.” The problem of limiting freedom on the Internet is often artificially politicized and used for completely different purposes, adds Salnikov.

Participants of the Internet market are cautious in assessing the work of international expert groups. An industry source claims that new concept The UN convention was written by people “who have nothing to do with the Internet”: “The terminology is borrowed from the “Information Security Doctrine of Russia”, which was approved in 2000, it is actually already outdated.”

He called consultations between Russia, India and China "a kind of response" to the 2001 Budapest Convention on Combating Cybercrime, to which Russia did not join.

Another market source noted that "theoretically, there are no threats or advantages in the concept for the Russian Internet business." “But it was created in secret, without taking into account the opinions of all interested parties - business and civil society, which has great importance on the international level. The draft document is being defended in a confrontational manner, it can lead to the isolation of the country and create problems for the Russian Internet business,” he is categorical, noting that “the people who wrote the concept are frequent visitors to China and are inspired by its experience.”

But, according to Urvan Parfentiev, coordinator of the Center for Safe Internet in Russia, the draft Russian convention differs in its meaning from the Budapest convention. “The document of the Council of Europe is aimed at combating cybercrimes that threaten individuals and legal entities (Internet fraud, copyright infringement, distribution of child pornography, etc.), while the concept of the Russian convention touches on global issues, relating rather to the foreign policy actions of states. In this regard, the draft convention introduces the concept of “information warfare” into international legal circulation, among the features of which its developers included, among other things, “massive psychological indoctrination of the population to destabilize society and the state,” he believes.

Another important point in the draft convention, according to Parfentiev, it is a consolidation of the unconditional right of countries to regulate national segments of the Internet at their own discretion. It was this moment that caused the most criticism from Western opponents, including the United States.

“When formulating claims to the draft convention, the United States takes into account the weakness of references in its text to generally recognized civil and political human rights, which gives them the opportunity to talk about the possible legitimization of censorship. But this convention does not cancel the provisions of the International Covenant on Civil and Political Rights. These rights and freedoms operate regardless of the convention,” said the coordinator of the Safe Internet Center.

Russia has figured out how to put a reliable barrier to the Internet revolutions spreading around the world. Kommersant has at its disposal a draft UN convention "On Ensuring International Information Security" prepared by the Security Council and the Russian Foreign Ministry. The document, which Russia expects to be adopted as early as 2012, prohibits the use of the Internet for military purposes and to overthrow regimes in other countries, but at the same time leaves the authorities complete freedom of action within the national segments of the network. Experts are convinced that Moscow's main goal is to eliminate the threat posed by the growing US cyber warfare capabilities.

Digital counterrevolution

The document, which came to Kommersant's disposal, was presented for the first time at a closed meeting of heads of special services and law enforcement agencies of 52 countries, which ended yesterday in Yekaterinburg, organized by the Russian Security Council. The main topic of the forum was global information security, and the highlight of the program was the draft UN convention on its protection prepared by the hosts. The 18-page document is the result of many years of work by experts from the Security Council and the Ministry of Foreign Affairs of the Russian Federation, as well as the Institute for Information Security Problems of Moscow State University.

Moscow has long advocated the need to adopt a set of international rules of conduct in cyberspace (see Kommersant of April 29). According to the FSB, Russian law enforcement We constantly have to deal with cyber attacks: only the websites of the President of the Russian Federation, the State Duma and the Federation Council are subjected to up to 10 thousand attacks daily. Russian business, especially banking, also suffers from hackers.

The main threats against which the document promoted by Russia is aimed are listed in detail in its fourth article. Among them is the use information technologies for hostile actions and acts of aggression", "undermining the political, economic and social systems" of one state by another, "manipulating flows in the information space of other states in order to distort the psychological and spiritual environment of society", as well as "massive psychological treatment of the population to destabilize society and state". Moscow considers such actions constituent parts"information war" and demands that they be recognized as a crime against international peace and security.

According to Kommersant's interlocutors in Russian government structures, Moscow is concerned about these threats for a reason. The fact is that in some countries cybertroops are being actively created to conduct combat operations on the Internet. In October 2010, the US Cyber ​​Command (US Cyber ​​Command) with a staff of more than 1,000 people was fully operational. The UK, China, Israel and India have special cyber units. Russia, on the other hand, as Kommersant was told back in July by Ilya Rogachev, head of the Russian Foreign Ministry's Department for New Challenges and Threats, is noticeably behind foreign players in terms of investment in technologies and personnel for fighting in cyberspace. In addition to the militarization of cyberspace, Moscow fears the use of the Internet and cellular communication to mobilize people and coordinate mass anti-government protests.

The rules that should help Russia fight these threats are detailed in the convention's key fifth article. "States will be guided by the principle of the indivisibility of security and will not strengthen their security to the detriment of the security of others," the document says. "Not a single state will attempt to achieve dominance in the information space over other states."

Thus, Moscow wants to enshrine in the new convention the same principle of the indivisibility of security, which it tried to fix in the European Security Treaty proposed by President Medvedev. This will allow the Russian Federation to obtain legal guarantees of non-aggression. According to Kommersant's interlocutors close to the development of the document, that is why Moscow decided to immediately prepare it in the form of a UN convention that has legal force and priority over national legislation.

To do this, the concept contains a number of provisions that are designed to protect Russia and other countries from a cyber attack or from outside assistance to the local opposition in organizing a twitter revolution. The sixth article of the convention obliges states "to refrain from developing and adopting plans capable of provoking an increase in threats in the information space", "not to use information and communication technologies to interfere in matters within the internal competence of another state" and, finally, "to refrain from slanderous statements offensive or hostile propaganda for intervention or interference in the internal affairs of other states".

At the same time, Russia is seeking to enshrine in the convention the principle of non-interference in each other's information space. "Each state has the right to establish sovereign norms and manage its information space in accordance with national laws," the draft notes. And although the document states that states must protect freedom of speech on the Internet and "have no right to restrict citizens' access to the information space," the text makes an important reservation: governments can impose restrictions "in order to protect national and public security." And the degree of threat emanating, for example, from calls to gather on a certain day in a certain area, each country is free to understand in its own way.

Revolutionaries in civilian clothes

According to Kommersant's information, Moscow hopes that the convention will be adopted as early as next year. However, as Kommersant's interlocutors in the Russian Foreign Ministry and the Security Council admit, difficulties may arise with this, since the key points of the Russian treaty directly contradict the policy of the most powerful cyberpower now - the United States.

Washington is actively developing digital diplomacy, the hidden part of which is precisely the measures to destabilize authoritarian regimes with the help of Internet technologies (see Kommersant of September 15). Americans do not recognize the existence of "national internets" and do not believe that measures to break the censorship barriers of other countries are interference in their internal affairs. The United States includes access to the Internet in a set of universal human rights, which cannot be limited under any pretext. The provisions of the White House Cyber ​​Doctrine adopted in May, which leaves the United States the right to develop offensive cyber technologies and respond to cyber attacks by all available means, including nuclear weapons, are also contrary to the proposals of the Russian Federation.

“It will not be easy to convince Western countries to accept Russian proposals. It is unlikely that a document in this form will be adopted at the UN site,” believes Chief Editor Fyodor Lukyanov of Russia in Global Affairs magazine. “But in any case, the Russian initiative will show that Moscow is a source of ideas for an alternative world order, and therefore the convention will be favorably received by countries like China.”

However, Beijing may also not like certain provisions of the convention, primarily the mechanisms for investigating cybercrime. The Convention invites states to cooperate with each other in the investigation of cyber attacks and, in some cases, to allow foreign investigators to access relevant systems on their territory.

Kommersant's interlocutors in the Russian Foreign Ministry are sure that it will be easier to negotiate with the Chinese than with the Americans, but they do not leave hope to convince the latter. According to a Kommersant source in the Foreign Ministry, now the United States and a number of European countries are already preparing their response to the Russian initiative - they want to expand the Council of Europe's 2001 Budapest Convention on Cybercrime by November. Russia did not join this treaty, which was ratified by 31 countries (another 16 signed but did not ratify it), because it is not satisfied with the right of the special services of some countries written in the document to penetrate into the cyberspace of other countries and conduct operations there without putting local authorities to the notoriety.

"The coming months will be extremely busy. The question is who will be able to convince of the benefits of their project more countries — we or they,” sums up Kommersant’s interlocutor in the Russian Foreign Ministry. “We shot first, but the main work is just beginning.” Following the meeting in Yekaterinburg, Nikolai Patrushev expressed the hope that the final document for transfer to the UN could be developed by the next meeting According to Kommersant's information, it will take place in St. Petersburg or Moscow.

Elena Chernenko, Alexander Gabuev

CONVENTION

on ensuring international information security

(concept)

Preamble

The States Parties to this Convention,

noting significant progress in the development of information and communication technologies and tools that form the information space,

expressing concern about the threats associated with the possibility of using such technologies and means for purposes incompatible with the tasks of ensuring international security and stability, both in the civil and military spheres,

giving importance international information security as one of the key elements of the international security system,

convincedin the fact that further deepening of trust and development of interaction between the participating states in matters of ensuring international information security is an urgent need and meets their interests,

taking taking into account the importance of information security for the realization of fundamental rights and freedoms of man and citizen,

Considering resolution of the United Nations General Assembly A/RES/65/41 of December 8, 2010 "Advances in the field of informatization and communications in the context of international security",

striving limit threats to international information security, ensure the information security of the participating States and create an information space characterized by peace, cooperation and harmony,

wanting create legal and organizational bases cooperation of the participating states in the field of ensuring international information security,

referring to United Nations General Assembly resolution A/RES/55/29 of November 20, 2000 "The role of science and technology in the context of international security and disarmament", which, in particular, recognizes that the achievements of science and technology can have both civil , and military application, and that it is necessary to support and encourage the development of science and technology for civilian use,

recognizing the need to prevent the possibility of using information and communication technologies for purposes that are incompatible with the tasks of ensuring international stability and security and are capable of negative impact on the integrity of public infrastructures, damaging their security,

emphasizing the need to enhance coordination and strengthen cooperation among States in combating the criminal use of information technology, and in this context noting the role that the United Nations and other international and regional organizations can play,

emphasizing the importance of the secure, uninterrupted and stable functioning of the Internet and the need to protect the Internet and other information and communication networks from possible adverse effects and exposure to threats,

confirming the need for a common understanding of Internet security issues and further cooperation at the national and international levels,

reaffirmingthat political authority on Internet-related issues public policy are the sovereign right of States, and that States have rights and obligations in relation to Internet-related public policy issues at the international level,

recognizing that trust and security in the use of information and communication technologies are fundamental to the information society and that a sustainable global culture of cybersecurity needs to be promoted, nurtured, developed and actively implemented, as noted in United Nations General Assembly resolution A/RES/64/211 of December 21, 2009 "Building a Global Cybersecurity Culture and Assessing National Efforts to Protect Critical Information Infrastructures",

noting the need to intensify efforts to bridge the digital divide by facilitating the transfer of information and communication technologies to developing countries and building their capacity on best practices and vocational training in the field of cybersecurity, as noted in United Nations General Assembly resolution A/RES/64/211 of December 21, 2009, "Creating a global culture of cybersecurity and assessing national efforts to protect critical information infrastructures",

convinced the need to pursue, as a matter of priority, a common policy aimed at protecting society from offenses in the information space, including through the adoption of relevant legislative acts and the strengthening of international cooperation,

conscious profound changes brought about by the introduction of digital technologies, the convergence and ongoing globalization of computer networks,

being preoccupiedthe threat that computer networks may also be used to commit criminal offenses and that evidence of such offenses may be stored and transmitted over those networks,

recognizing the need for cooperation between states and private business in the fight against offenses in the information space and the need to protect legitimate interests in the use and development of information and communication technologies,

assuming what for effective fight against offenses in the information space, wider, faster and well-established international cooperation in the field of countering offenses is required,

convincedthat this Convention is necessary to counter violations of the confidentiality, integrity and availability of computer systems and networks and computer information, as well as abuse of such systems, networks and information, by making such acts described in this Convention punishable and by providing sufficient powers to effectively combating such offences, by facilitating the detection, investigation and prosecution of such offences, both domestically and internationally, and by developing arrangements for prompt and reliable international cooperation,

mindful on the need to ensure a proper balance between the interests of maintaining law and order and respect for fundamental human rights, as provided for by the International Covenant on Civil and Political Rights of 1966, as well as other international treaties on human rights, which affirms the right of everyone to hold their opinions without interference and the right to freedom of expression, including the freedom to seek, receive and impart information and ideas of all kinds, regardless of frontiers,

mindful also about the right to respect for private life and protectionpersonal data,

Considering the provisions of the 1989 Convention on the Rights of the Child and the Convention on the Prohibition and Immediate Action for the Elimination of the Worst Forms of Child Labour, adopted by the General Conference of the International Labor Organization in 1999,

welcoming recent developments that contribute to the further growth of international understanding and cooperation in the fight against offenses in the information space, including measures taken by the United Nations, Shanghai Organization cooperation, European Union, Asia-Pacific Cooperation Organization, Organization American states, the Association of Southeast Asian Nations, the Organization for Economic Cooperation and Development, the G8 and others international organizations and forums

agreed on the following:

Chapter 1. GENERAL PROVISIONS

Article 1. Object and purpose of the Convention

Subject regulation of this Convention is the activity of states to ensure international information security.

aim of this Convention is to counteract the use of information and communication technologies to violate international peace and security, as well as to establish measures to ensure that the activities of states in the information space:

contributed to the general social and economic development;

carried out in a manner consistent with the maintenance of international peace and security;

comply with generally accepted principles and norms international law, including the principles of peaceful settlement of disputes and conflicts, non-use of force, non-interference in internal affairs, respect for human rights and fundamental freedoms;

be consistent with the right of everyone to seek, receive and impart information and ideas, as recorded in UN documents, subject to the fact that such a right may be limited by law to protect the national and public security interests of each state, as well as to prevent misuse and unauthorized interference with information resources;

guaranteed freedom of technological exchange and freedom of information exchange, taking into account respect for the sovereignty of states and their existing political, historical and cultural characteristics.

Article 2. Terms and definitions

For the purposes of this Convention, the following terms and definitions are used:

"access to the information"the possibility of obtaining information and its use;

"Information Security"the state of protection of the interests of the individual, society and the state from destructive and other threats negative impacts in the information space;

"information war"confrontation between two or more states in the information space with the aim of causing damage to information systems, processes and resources, critical and other structures, undermining the political, economic and social systems, massive psychological indoctrination of the population to destabilize society and the state, as well as forcing the state to accept decisions in the interests of the opposing side;

"information infrastructure"a set of technical means and systems for the formation, transformation, transmission, use and storage of information;

"Information system"the totality of the information contained in the databases and the information technologies and technical means that ensure its processing;

"information weapon"information technologies, means and methods intended for conducting information warfare;

"information space"field of activity associated with the formation, creation, transformation, transfer, use, storage of information that has an impact, including on the individual and public consciousness, information infrastructure and information itself;

"information and communication technologies"a set of methods, production processes and software and hardware tools integrated with the aim of forming, transforming, transferring, using and storing information;

"informational resources"information infrastructure, as well as the actual information and its flows;

"confidentiality of information"a mandatory requirement for a person who has gained access to certain information not to transfer such information to third parties without the consent of its owner;

"a critically important object of information infrastructure"a part (element) of the information infrastructure, the impact on which may have consequences that directly affect national security, including the security of the individual, society and the state;

"international information security"the state of international relations, excluding the violation of world stability and the creation of a threat to the security of states and the world community in the information space;

"misuse of information resources"use of information resources without appropriate rights or in violation of established rules, state legislation or international law;

"Unauthorized intervention in information resources"unlawful influence on the processes of formation, processing, transformation, transfer, use and storage of information;

"information system operator"a citizen or a legal entity engaged in the operation of an information system, including the processing of information contained in its databases;

"crime in the information space"use of information resources and (or) influence on them in the information space for illegal purposes;

"provision of information"actions aimed at obtaining information by a certain circle of persons or transferring information to a certain circle of persons;

"Spread of information"actions aimed at obtaining information by an indefinite circle of persons or transferring information to an indefinite circle of persons;

"terrorism in the information space"use of information resources and (or) influence on them in the information space for terrorist purposes;

"threat in the information space (threat to information security)"factors that create a danger to the individual, society, state and their interests in the information space.

Article 3. Exceptions to the application of the Convention

This Convention does not apply in cases where the actions were carried out within the information infrastructure of one state, by a citizen or legal entity under the jurisdiction of that state, and the consequences of these actions took place only in relation to citizens and legal entities under the jurisdiction of that State, and no other State has grounds for exercising its jurisdiction.

Article 4. Main threats to international peace and security in the information space

The following are considered as the main threats in the information space, leading to the violation of international peace and security:

use of information technologies and means to carry out hostile actions and acts of aggression;

targeted destructive impact in the information space on the critical structures of another state;

illegal use of information resources of another state without the consent of the state in whose information space these resources are located;

actions in the information space with the aim of undermining the political, economic and social systems of another state, psychological manipulation of the population, destabilizing society;

use of the international information space by state and non-state structures, organizations, groups and individuals for terrorist, extremist and other criminal purposes;

cross-border dissemination of information that is contrary to the principles and norms of international law, as well as the national laws of states;

use of the information infrastructure to disseminate information that incites interethnic, interracial and interfaith hatred, racist and xenophobic written materials, images or any other presentation of ideas or theories that promote, promote or incite hatred, discrimination or violence against any person or group of persons, if factors based on race, skin color, national or ethnic origin, and religion are used as a pretext for this;

manipulation of information flows in the information space of other states, disinformation and concealment of information in order to distort the psychological and spiritual environment of society, erosion of traditional cultural, moral, ethical and aesthetic values;

use of information and communication technologies and means to the detriment of fundamental human rights and freedoms implemented in the information space;

counteracting access to the latest information and communication technologies, creating conditions for technological dependence in the field of informatization to the detriment of other states;

information expansion, the acquisition of control over the national information resources of another state.

Additional factors that increase the risk of these threats are:

uncertainty in identifying the source of hostile activities, especially given the increasing activity of individuals, groups and organizations, including criminal organizations that perform intermediary functions in carrying out activities on behalf of others;

the potential danger of including undeclared destructive capabilities in information and communication technologies;

differences in the degree of equipping with information and communication technologies and their security in different states (“digital divide”);

differences in national legislation and practice in the formation of a secure and rapidly recovering information infrastructure.

Article 5. Basic principles for ensuring international information security

The information space is a common human property. Its security is the basis for ensuring sustainable development world civilization.

In order to create and maintain an atmosphere of trust in the information space, it is necessary for participating States to observe the following principles:

the activities of each participating state in the information space should contribute to social and economic development and be carried out in such a way as to be compatible with the tasks of maintaining international peace and security, comply with the generally recognized principles and norms of international law, including the principles of the peaceful settlement of disputes and conflicts, the non-use of force in international relations, non-interference in the internal affairs of other states, respect for the sovereignty of states, fundamental human rights and freedoms;

participating States in the course of forming the system of international information security will be guided by the principle of indivisibility of security, which means that the security of each of them is inextricably linked with the security of all other states and the world community as a whole, and will not strengthen their security to the detriment of the security of other states;

each participating State should strive to overcome differences in the degree of equipment of national information systems with modern information and communication technologies, reduce the "digital divide" in order to reduce the overall level of threats in the information space;

all participating states in the information space enjoy sovereign equality, have the same rights and obligations and are equal subjects of the information space, regardless of economic, social, political or other differences;

each participating state has the right to establish sovereign norms and manage its information space in accordance with national laws. Sovereignty and laws apply to information infrastructure located on the territory of a State Party or otherwise subject to its jurisdiction. Member States should strive to harmonize national legislations, differences in them should not create barriers to the formation of a reliable and secure information environment;

each participating state must adhere to the principle of responsibility for its own information space, including for its security and for the content of the information posted in it;

each participating state has the right to freely develop its information space without outside interference, and every other state is obliged to respect this right in accordance with the principle of equal rights and self-determination of peoples enshrined in the Charter of the United Nations;

each participating state, taking into account the legitimate security interests of other states, can freely and independently determine its interests in ensuring information security on the basis of sovereign equality, as well as freely choose ways to ensure its own information security in accordance with international law;

the participating States recognize that aggressive "information warfare" constitutes a crime against international peace and security;

the information space of a participating state should not be the object of acquisition by another state as a result of the threat or use of force;

each participating state has an inalienable right to self-defence in the face of aggressive actions in the information space against it, provided that the source of aggression is reliably identified and the response measures are adequate;

each participating state will determine its military potential in the information space on the basis of national procedures, taking into account the legitimate security interests of other states, as well as the need to promote international peace and security. None of the participating states will attempt to achieve dominance in the information space over other states;

a state party may deploy its forces and means of ensuring information security on the territory of another state in accordance with an agreement developed by them on a voluntary basis during negotiations, as well as in accordance with international law;

each State Party takes necessary measures to ensure non-interference in the activities of international information systems for managing transport, financial flows, means of communication, means of international information, including scientific and educational exchange, based on the understanding that such interference may adversely affect the information space as a whole;

participating States should support and stimulate scientific and technological developments in the field of development of the information space, as well as educational and educational activities aimed at creating a global culture of cybersecurity;

each participating state, within the available means, ensures in its information space the observance of the fundamental rights and freedoms of man and citizen, the observance of intellectual property rights, including patents, technologies, trade secrets, trademarks and copyrights;

each participating state guarantees freedom of speech, expression of opinions in the information space, protection from unlawful interference in the private life of citizens;

each participating State strives to strike a balance between fundamental freedoms and effective counteraction to terrorist use of the information space;

Member States shall not have the right to restrict or disrupt the access of citizens to the information space, except for the purposes of protecting national and public security, as well as preventing misuse and unauthorized interference with the national information infrastructure;

participating states stimulate partnership between business and civil society in the information space;

participating States recognize their responsibilities to ensure that their citizens, public and state bodies, other states and the world community are aware of new threats in the information space and about known ways improving their security.

Chapter 2. Main measures for the prevention and resolution of MILITARY conflicts in the information space

Article 6. Basic measures to prevent military conflicts in the information space

Guided by the principles set out in Article 5, the participating States undertake to take measures to proactively identify potential conflicts in the information space, as well as to make joint efforts to prevent them, peacefully resolve crises and disputes.

To this end, participating States:

undertake to cooperate with each other in the field of ensuring international information security in order to maintain international peace and security and promote international economic stability and progress, the common welfare of peoples and international cooperation, free from discrimination;

will take all necessary measures to prevent destructive information impact from their territory or using the information infrastructure under its jurisdiction, and also undertake to cooperate to determine the source of computer attacks carried out using their territory, counteract these attacks and eliminate the consequences;

will refrain from developing and adopting plans, doctrines that can provoke an increase in threats in the information space, as well as cause tension in relations between states and the emergence of "information wars";

will refrain from any actions aimed at the complete or partial violation of the integrity of the information space of another state;

undertake not to use information and communication technologies to interfere in matters within the internal competence of another state;

will refrain in international relations from the threat or use of force against the information space of any other state for its violation or as a means of resolving conflicts;

undertake to refrain from organizing or encouraging the organization of any irregular forces for the purpose of misconduct in the information space of another state;

undertake to refrain from slanderous statements, as well as from insulting or hostile propaganda for the purpose of intervention or interference in the internal affairs of other states;

have the right and undertake to fight against the dissemination of false or distorted communications which may be considered as interference in the internal affairs of other States or as detrimental to international peace and security;

will take measures to limit the spread of "information weapons" and technologies for their creation.

Article 7. Measures aimed at resolving military conflicts in the information space

The participating states resolve conflicts in the information space, primarily through negotiations, examination, mediation, conciliation, arbitration, judicial trial, recourse to regional bodies or agreements or other peaceful means of one's choice in a manner that does not endanger international world and security.

In case of any international conflict the right of participating States in a conflict to choose methods or means of waging "information warfare" is limited by the applicable rules of international humanitarian law.

Chapter 3. BASIC Measures to Counteract the Use of the Information Space for Terrorist Purposes

Article 8. Use of the information space for terrorist purposes

The participating States are aware of the possibility of using the information space to carry out terrorist activities.

Article 9. Main measures to counteract the use of the information space for terrorist purposes

In order to counter the use of the information space for terrorist purposes, the participating States:

take measures to counter the use of the information space for terrorist purposes and recognize the need for joint decisive action for this;

will strive to develop common approaches to the termination of the functioning of Internet resources of a terrorist nature;

are aware of the need to establish and expand the exchange of information on the threats of computer attacks, on the signs, facts, methods and means of using the Internet for terrorist purposes, on the aspirations and activities of terrorist organizations in the information space, as well as the exchange of experience and best practices for monitoring Internet information resources , searching and tracking the content of terrorist sites, conducting forensic computer examinations in this area, legal regulation and organization of activities to counter the use of the information space for terrorist purposes;

take such legislative and other measures as may be necessary to allow the competent authorities to carry out investigative, search and other procedural measures aimed at preventing, suppressing and eliminating the consequences of terrorist actions in the information space, as well as punishing those responsible for them and organizations;

take the necessary legislative and other measures that guarantee legal access to the territory of the State Party to certain parts of the information and communication infrastructure, in respect of which there are legitimate grounds to believe that they will be used to conduct terrorist activities or activities that contribute to the information space or with their use carrying out terrorist acts or activities of terrorist organizations, groups or individual terrorists.

Chapter 4. Main measures to counteract offenses in the information space

Article 10. Basic measures to counteract offenses in the information space

In order to counteract offenses in the information space, the participating states:

make efforts to criminalize the use of information resources and (or) influence on them in the information space for illegal purposes, which include, among other things, the illegal dissemination of information, violations of confidentiality, integrity and availability of information, as well as take legislative and other measures necessary to to establish and apply liability to persons for attempt, complicity, incitement to commit and commit criminalized socially dangerous acts in the information space;

take legislative and other measures necessary to ensure that effective, proportionate and convincing penalties are applied to persons who have committed offenses in the information space.

Article 11. Measures for the organization of criminal proceedings

In order to organize the criminal process, the participating States:

take legislative and other measures necessary to establish powers and procedures for the purpose of conducting specific criminal investigations or judicial proceedings on the facts of the commission of criminalized socially dangerous acts in the information space;

ensure the establishment, execution and application of powers and procedures for the purpose of conducting specific criminal investigations or judicial proceedings on the facts of the commission of criminalized socially dangerous acts in the information space in accordance with the conditions and guarantees provided for by its legislation and ensuring adequate protection of human rights and freedoms, and in accordance with the principle of proportionality;

take legislative and other measures necessary to enable its competent authorities to promptly secure specific data, including data on information flows, stored in the information and communication infrastructure, when there is reason to believe that these data are particularly at risk of loss or alteration ;

take the legislative and other measures necessary to ensure that the competent authorities of a Member State, or a person designated by those authorities, are promptly provided with sufficient information flow data to enable the identification of service providers and the route by which a particular message was transmitted in its information space;

take legislative and other measures as may be necessary to grant its competent authorities the authority to search or otherwise similar access to information and communication systems and parts thereof and the data stored therein, information media on which the sought-for data may be stored, in its territory, and also to other data and information and communication systems of its information space, in respect of which there are sufficient grounds to believe that they contain the required data;

take legislative and other measures necessary to give its competent authorities the power to demand from a person located in the territory of the state and having knowledge of the functioning of the relevant information and communication system, the protection measures applied, the data stored there, to provide necessary information which will allow them, within the established powers, to carry out procedures for the purpose of conducting specific criminal investigations or judicial proceedings on the facts of the commission of criminalized socially dangerous acts in the information space;

take legislative and other measures necessary to give its competent authorities the authority to collect or record information using technical means in its territory, as well as to oblige service providers to carry out similar actions in real time in cooperation with the competent authorities of this State;

take legislative and other measures to establish jurisdiction over any criminalized socially dangerous act in the information space committed on its territory, on board a ship flying the flag of this state, on board an aircraft or other aircraft registered under the laws of this state.

Where more than one State Party claims jurisdiction over an alleged offense, the States concerned shall consult with a view to determining the most appropriate jurisdiction for the prosecution.

Chapter 5. International cooperation in the field of international information security

Article 12. Cooperation of the participating States

The States Parties undertake to cooperate with each other in accordance with the provisions of this Convention and through the application of other international agreements.

Participating States, on the basis of voluntariness and reciprocity, exchange best practices in the work on the prevention, legal investigation and elimination of the consequences of criminal acts, including actions for terrorist purposes, using the information space. The exchange can be carried out both on a bilateral and multilateral basis. The State Party providing the information is free to establish confidentiality requirements. A participating State that has received such information may use it as an argument in its relations with the providing participating State when discussing issues of mutual assistance.

Article 13. Confidence building measures in the field of military use of the information space

Each participating State should strive to build confidence-building measures in the field of the military use of the information space, which include:

exchange of national concepts for ensuring security in the information space;

prompt exchange of information about crisis events and threats in the information space and measures taken to resolve and neutralize them;

consultations on activities in the information space that may be of concern to the participating States, and cooperation on the settlement of conflict situations of a military nature.

Article 14. Advisory assistance

The States Parties undertake to consult and cooperate with each other in the solution of any questions that may arise in relation to the objectives of or in connection with the implementation of the provisions of this Convention.

FINAL REGULATIONS

Article 15 Signature of the Convention

This Convention is open for signature by all States.

Article 16 Ratification of the Convention

This Convention is subject to ratification. Instruments of ratification shall be deposited with the Secretary-General of the United Nations.

Article 17 Accession to the Convention

This Convention is open for accession by any State. Instruments of accession shall be deposited with the Secretary-General of the United Nations.

Article 18 Entry into force of the Convention

1. This Convention shall enter into force on the thirtieth day following the date of the deposit with the Secretary-General of the United Nations of the twentieth instrument of ratification or accession.

2. For each State which ratifies or accedes to this Convention after the twentieth instrument of ratification or accession has been deposited, this Convention shall enter into force on the thirtieth day after such State has deposited its instrument of ratification or accession.

Article 19 Amendment of the Convention

1. Any State Party may propose an amendment and submit it to the Secretary-General of the United Nations. The Secretary-General shall then communicate the proposed amendment to the States Parties with a request that they indicate whether they favor a conference of States Parties for the purpose of considering and voting on the proposals. If, within four months from the date of such communication, at least one third of the States Parties favor such a conference, the Secretary-General shall convene the conference under the auspices of the United Nations. Any amendment adopted by a majority of the States Parties present and voting at this conference shall be submitted to the General Assembly for approval.

2. An amendment adopted in accordance with paragraph 1 of this article shall enter into force upon its approval by the General Assembly of the United Nations and acceptance by a two-thirds majority of the States Parties.

3. When an amendment enters into force, it shall be binding on those States Parties which have accepted it, while the other States Parties shall remain bound by the provisions of this Convention and any earlier amendments which they have accepted.

Article 20 Reservations to the Convention

1. The Secretary-General of the United Nations shall receive and circulate to all States the text of reservations made by States at the time of ratification or accession.

2. A reservation inconsistent with the object and purpose of this Convention is not permitted.

3. Reservations may be withdrawn at any time by notification to the effect addressed to the Secretary-General of the United Nations, who shall then inform all States accordingly. Such notification shall take effect from the date of its receipt by the Secretary General.

Article 21 Denunciation of the Convention

Any State Party may denounce this Convention by written notification to the Secretary-General of the United Nations. The denunciation shall take effect one year after the receipt of the notification by the Secretary General.

Article 22 Depositary of the Convention

The Secretary-General of the United Nations is designated as the depositary of this Convention.

Article 23 The original of this Convention, of which the Arabic, Chinese, English, French, Russian and Spanish texts are equally authentic, shall be deposited with the Secretary-General of the United Nations.

In witness whereof the undersigned plenipotentiaries duly authorized thereto by their respective governments, have signed this Convention.

PREAMBLE

The States Parties to this Convention,
noting significant progress in the development of information and communication technologies and tools that form the information space,
expressing concern about the threats associated with the possibility of using such technologies and means for purposes incompatible with the tasks of ensuring international security and stability, both in the civil and military spheres,
giving the importance of international information security as one of the key elements of the international security system,
convinced in the fact that further deepening of trust and development of interaction between the participating states in matters of ensuring international information security is an urgent need and meets their interests,
taking taking into account the importance of information security for the realization of fundamental rights and freedoms of man and citizen,
Considering resolution of the United Nations General Assembly A/RES/65/41 of December 8, 2010 "Advances in the field of informatization and communications in the context of international security",
striving limit threats to international information security, ensure the information security of the participating States and create an information space characterized by peace, cooperation and harmony,
wanting create legal and organizational foundations for cooperation between the participating states in the field of ensuring international information security,
referring to United Nations General Assembly resolution A/RES/55/29 of November 20, 2000 "The role of science and technology in the context of international security and disarmament", which, in particular, recognizes that the achievements of science and technology can have both civil and military applications, and that it is necessary to support and encourage the development of science and technology for civilian use,
recognizing the need to prevent the possibility of using information and communication technologies for purposes that are incompatible with the tasks of ensuring international stability and security and that can have a negative impact on the integrity of state infrastructures, damaging their security,
emphasizing the need to enhance coordination and strengthen cooperation among States in combating the criminal use of information technology, and in this context noting the role that the United Nations and other international and regional organizations can play,
emphasizing the importance of the secure, uninterrupted and stable functioning of the Internet and the need to protect the Internet and other information and communication networks from possible adverse effects and exposure to threats,
confirming the need for a common understanding of Internet security issues and further cooperation at the national and international levels,
reaffirming that political authority over Internet-related public policy matters is the sovereign right of States, and that States have rights and obligations in relation to Internet-related public policy matters at the international level,
recognizing that trust and security in the use of information and communications technologies are fundamental to the information society and that a sustainable global culture of cybersecurity needs to be encouraged, nurtured, developed and actively implemented, as noted in United Nations General Assembly resolution A/RES/64/211 of 21 December 2009 "Creating a Global Cybersecurity Culture and Assessing National Efforts to Protect Critical Information Infrastructures",
noting the need to intensify efforts to bridge the digital divide by facilitating the transfer of information and communications technologies to developing countries and building their capacity in cybersecurity best practices and training, as noted in United Nations General Assembly resolution A/RES/64/211 dated December 21, 2009 "Building a Global Cybersecurity Culture and Assessing National Efforts to Protect Critical Information Infrastructures",
convinced the need to pursue, as a matter of priority, a common policy aimed at protecting society from offenses in the information space, including through the adoption of relevant legislative acts and the strengthening of international cooperation,
conscious profound changes brought about by the introduction of digital technologies, the convergence and ongoing globalization of computer networks,
being preoccupied the threat that computer networks may also be used to commit criminal offenses and that evidence of such offenses may be stored and transmitted over those networks,
recognizing the need for cooperation between states and private business in the fight against offenses in the information space and the need to protect legitimate interests in the use and development of information and communication technologies,
assuming that the effective fight against offenses in the information space requires wider, faster and well-established international cooperation in the field of countering offences,
convinced that this Convention is necessary to counter violations of the confidentiality, integrity and availability of computer systems and networks and computer information, as well as abuse of such systems, networks and information, by making such acts described in this Convention punishable and by providing sufficient powers to effectively combating such offences, by facilitating the detection, investigation and prosecution of such offences, both domestically and internationally, and by developing arrangements for prompt and reliable international cooperation,
mindful about the need to strike a proper balance between the interests of maintaining the rule of law and respect for fundamental human rights, as provided for by the International Covenant on Civil and Political Rights of 1966, as well as other international human rights treaties, which confirm the right of everyone to freely hold their opinions and the right to freedom expression of one's opinion, including freedom to seek, receive and impart information and ideas of all kinds, regardless of frontiers,
mindful also on the right to respect for private life and the protection of personal data,
Considering the provisions of the 1989 Convention on the Rights of the Child and the Convention on the Prohibition and Immediate Action for the Elimination of the Worst Forms of Child Labour, adopted by the General Conference of the International Labor Organization in 1999,
welcoming recent developments that contribute to the further growth of international understanding and cooperation in the fight against offenses in the information space, including measures taken by the United Nations, the Shanghai Cooperation Organization, the European Union, the Asia-Pacific Cooperation Organization, the Organization of American States, the Association of Southeast Asian Nations , the Organization for Economic Cooperation and Development, the G8 and other international organizations and forums,
agreed on the following:

Chapter 1. GENERAL PROVISIONS

Article 1. Object and purpose of the Convention
Subject regulation of this Convention is the activity of states to ensure international information security.
aim of this Convention is to counteract the use of information and communication technologies to violate international peace and security, as well as to establish measures to ensure that the activities of states in the information space:

1) contributed to the overall social and economic development;
2) carried out in such a way as to be compatible with the objectives of maintaining international peace and security;
3) comply with the generally recognized principles and norms of international law, including the principles of peaceful settlement of disputes and conflicts, non-use of force, non-interference in internal affairs, respect for human rights and fundamental freedoms;
4) be compatible with the right of everyone to seek, receive and impart information and ideas, as recorded in UN documents, taking into account that such a right may be limited by law to protect the interests of national and public security of each state, as well as to prevent misuse and unauthorized interference with information resources;
5) guaranteed freedom of technological exchange and freedom of information exchange, taking into account respect for the sovereignty of states and their existing political, historical and cultural characteristics.

Article 2. Terms and definitions
For the purposes of this Convention, the following terms and definitions are used:
"access to the information"- the possibility of obtaining information and its use;
"Information Security"- the state of protection of the interests of the individual, society and the state from the threats of destructive and other negative influences in the information space;
"information war"- confrontation between two or more states in the information space with the aim of causing damage to information systems, processes and resources, critical and other structures, undermining the political, economic and social systems, massive psychological indoctrination of the population to destabilize society and the state, as well as forcing the state to making decisions in the interests of the opposing side;
"information infrastructure"- a set of technical means and systems for the formation, transformation, transmission, use and storage of information;
"Information system"- a set of information contained in databases and information technologies and technical means that ensure its processing;
"information weapon"- information technologies, means and methods intended for conducting information warfare;
"information space"- the field of activity associated with the formation, creation, transformation, transfer, use, storage of information, which has an impact, including on individual and public consciousness, information infrastructure and information itself;
"information and communication technologies"- a set of methods, production processes and software and hardware integrated with the aim of forming, transforming, transferring, using and storing information;
"informational resources"- information infrastructure, as well as the actual information and its flows;
"confidentiality of information"- a mandatory requirement for a person who has gained access to certain information not to transfer such information to third parties without the consent of its owner;
"a critically important object of information infrastructure"- a part (element) of the information infrastructure, the impact on which may have consequences that directly affect national security, including the security of the individual, society and the state;
"international information security"- the state of international relations, excluding the violation of world stability and the creation of a threat to the security of states and the world community in the information space;
"misuse of information resources"- use of information resources without appropriate rights or in violation of established rules, state legislation or international law;
"Unauthorized intervention in information resources"- unlawful influence on the processes of formation, processing, transformation, transfer, use and storage of information;
"information system operator"- a citizen or a legal entity engaged in the operation of an information system, including the processing of information contained in its databases;
"crime in the information space"- use of information resources and (or) influence on them in the information space for illegal purposes;
"provision of information"- actions aimed at obtaining information by a certain circle of persons or transferring information to a certain circle of persons;
"Spread of information"- actions aimed at obtaining information by an indefinite circle of persons or transferring information to an indefinite circle of persons;
"terrorism in the information space"- use of information resources and (or) influence on them in the information space for terrorist purposes;
"threat in the information space (threat to information security)"- factors that create a danger to the individual, society, state and their interests in the information space.

Article 3. Exceptions to the application of the Convention
This Convention does not apply in cases where the actions were carried out within the information infrastructure of one state, by a citizen or legal entity under the jurisdiction of that state, and the consequences of these actions took place only in relation to citizens and legal entities under the jurisdiction of that state, and no other state has grounds for exercising its jurisdiction.

Article 4. Main threats to international peace and security in the information space
The following are considered as the main threats in the information space, leading to the violation of international peace and security:

1) the use of information technologies and means to carry out hostile actions and acts of aggression;
2) targeted destructive impact in the information space on the critical structures of another state;
3) misuse of information resources of another state without the consent of the state in whose information space these resources are located;
4) actions in the information space with the aim of undermining the political, economic and social systems of another state, psychological manipulation of the population, destabilizing society;
5) use of the international information space by state and non-state structures, organizations, groups and individuals for terrorist, extremist and other criminal purposes;
6) cross-border dissemination of information that is contrary to the principles and norms of international law, as well as the national laws of states;
7) use of the information infrastructure for the dissemination of information that incites inter-ethnic, inter-racial and inter-confessional hatred, racist and xenophobic written materials, images or any other presentation of ideas or theories that promote, promote or incite hatred, discrimination or violence against any person or group of persons if factors based on race, colour, national or ethnic origin or religion are used as an excuse;
8) manipulation of information flows in the information space of other states, disinformation and concealment of information in order to distort the psychological and spiritual environment of society, erosion of traditional cultural, moral, ethical and aesthetic values;
9) use of information and communication technologies and means to the detriment of fundamental human rights and freedoms implemented in the information space;
10) counteracting access to the latest information and communication technologies, creating conditions for technological dependence in the field of informatization to the detriment of other states;
11) information expansion, the acquisition of control over the national information resources of another state.

Additional factors that increase the risk of these threats are:

1) uncertainty in identifying the source of hostile actions, especially given the increasing activity of individuals, groups and organizations, including criminal organizations that perform intermediary functions in carrying out activities on behalf of others;
2) the potential danger of including undeclared destructive capabilities in information and communication technologies;
3) differences in the degree of equipping with information and communication technologies and their security in different states (“digital divide”);
4) differences in national legislation and practice in the formation of a secure and rapidly recovering information infrastructure.

Article 5. Basic principles for ensuring international information security
The information space is a common human property. Its security is the basis for ensuring the sustainable development of world civilization.
In order to create and maintain an atmosphere of trust in the information space, it is necessary for participating States to observe the following principles:

1) the activities of each participating state in the information space should contribute to social and economic development and be carried out in such a way as to be compatible with the tasks of maintaining international peace and security, comply with the generally recognized principles and norms of international law, including the principles of the peaceful settlement of disputes and conflicts, the non-use of force in international relations, non-interference in the internal affairs of other states, respect for the sovereignty of states, fundamental human rights and freedoms;
2) the participating states, in the course of forming an international information security system, will be guided by the principle of indivisibility of security, which means that the security of each of them is inextricably linked with the security of all other states and the world community as a whole, and will not strengthen their security to the detriment of the security of other states ;
3) each participating State should strive to overcome differences in the degree of equipment of national information systems with modern information and communication technologies, reduce the "digital divide" in order to reduce the overall level of threats in the information space;
4) all participating states in the information space enjoy sovereign equality, have the same rights and obligations and are equal subjects of the information space, regardless of economic, social, political or other differences;
5) each participating state has the right to establish sovereign norms and manage its information space in accordance with national laws. Sovereignty and laws apply to information infrastructure located on the territory of a State Party or otherwise subject to its jurisdiction. Member States should strive to harmonize national legislations, differences in them should not create barriers to the formation of a reliable and secure information environment;
6) each participating state must adhere to the principle of responsibility for its own information space, including for its security and for the content of the information posted in it;
7) each participating state has the right to freely develop its information space without outside interference, and every other state is obliged to respect this right in accordance with the principle of equal rights and self-determination of peoples, enshrined in the Charter of the United Nations;
8) each participating state, taking into account the legitimate security interests of other states, can freely and independently determine its interests in ensuring information security on the basis of sovereign equality, as well as freely choose ways to ensure its own information security in accordance with international law;
9) the participating States recognize that an aggressive "information war" constitutes a crime against international peace and security;
10) the information space of a participating state should not be the object of acquisition by another state as a result of the threat or use of force;
11) each participating state has an inalienable right to self-defense in the face of aggressive actions in the information space against it, provided that the source of aggression is reliably established and the response measures are adequate;
12) each participating state will determine its military potential in the information space on the basis of national procedures, taking into account the legitimate security interests of other states, as well as the need to promote international peace and security. None of the participating states will attempt to achieve dominance in the information space over other states;
13) a participating state may deploy its forces and means of ensuring information security on the territory of another state in accordance with an agreement developed by them on a voluntary basis during negotiations, as well as in accordance with international law;
14) each State Party takes the necessary measures to ensure non-interference in the activities of international information systems for managing transport, financial flows, means of communication, means of international information, including scientific and educational exchange, based on the understanding that such interference may adversely affect information space as a whole;
15) participating States should support and stimulate scientific and technological developments in the field of development of the information space, as well as educational and educational activities aimed at creating a global culture of cybersecurity;
16) each State Party, within the available means, ensures in its information space the observance of the fundamental rights and freedoms of man and citizen, the observance of intellectual property rights, including patents, technologies, trade secrets, trademarks and copyrights;
17) each participating state guarantees freedom of speech, expression of opinions in the information space, protection from unlawful interference in the private life of citizens;
18) each participating State shall strive to maintain a balance between fundamental freedoms and effective counteraction to the terrorist use of the information space;
19) Member States shall not have the right to restrict or disrupt the access of citizens to the information space, except for the purposes of protecting national and public security, as well as preventing misuse and unauthorized interference with the national information infrastructure;
20) participating states stimulate partnership between business and civil society in the information space;
21) the participating states recognize their obligations to ensure that their citizens, public and state bodies, other states and the world community are aware of new threats in the information space and of known ways to improve their security.

Chapter 2. BASIC MEASURES TO PREVENT AND RESOLUTION MILITARY CONFLICTS IN THE INFORMATION SPACE

Article 6. Basic measures to prevent military conflicts in the information space
Guided by the principles set out in Article 5, the participating States undertake to take measures to proactively identify potential conflicts in the information space, as well as to make joint efforts to prevent them, peacefully resolve crises and disputes.
To this end, participating States:

1) undertake to cooperate with each other in the field of ensuring international information security in order to maintain international peace and security and promote international economic stability and progress, the common welfare of peoples and international cooperation free from discrimination;
2) will take all necessary measures to prevent destructive information impact from its territory or using the information infrastructure under its jurisdiction, and also undertake to cooperate to determine the source of computer attacks carried out using their territory, counteract these attacks and eliminate the consequences;
3) will refrain from developing and adopting plans, doctrines that can provoke an increase in threats in the information space, as well as cause tension in relations between states and the emergence of "information wars";
4) will refrain from any actions aimed at the complete or partial violation of the integrity of the information space of another state;
5) undertake not to use information and communication technologies to interfere in matters that fall within the internal competence of another state;
6) will refrain in international relations from the threat or use of force against the information space of any other state in order to violate it or as a means of resolving conflicts;
7) undertake to refrain from organizing or encouraging the organization of any irregular forces to carry out illegal actions in the information space of another state;
8) undertake to refrain from slanderous statements, as well as from offensive or hostile propaganda in order to intervene or interfere in the internal affairs of other states;
9) have the right and undertake to fight against the dissemination of false or distorted messages that may be considered as interference in the internal affairs of other states or as detrimental to international peace and security;
10) will take measures to limit the spread of "information weapons" and technologies for their creation.

Article 7. Measures aimed at resolving military conflicts in the information space

1) Participating States shall resolve conflicts in the information space primarily through negotiation, inquiry, mediation, conciliation, arbitration, litigation, recourse to regional bodies or agreements, or other peaceful means of their choice in a manner that does not endanger international peace and security.
2) In the event of any international conflict, the right of the participating States in the conflict to choose methods or means of waging "information warfare" is limited by the applicable rules of international humanitarian law.

Chapter 3. MAIN MEASURES TO COUNTER THE USE OF THE INFORMATION SPACE FOR TERRORISM

Article 8. Use of the information space for terrorist purposes
The participating States are aware of the possibility of using the information space to carry out terrorist activities.

Article 9. Main measures to counteract the use of the information space for terrorist purposes
In order to counter the use of the information space for terrorist purposes, the participating States:

1) take measures to counter the use of the information space for terrorist purposes and recognize the need for joint decisive action for this;
2) will strive to develop common approaches to the termination of the functioning of Internet resources of a terrorist nature;
3) are aware of the need to establish and expand the exchange of information on the threats of computer attacks, on signs, facts, methods and means of using the Internet for terrorist purposes, on the aspirations and activities of terrorist organizations in the information space, as well as the exchange of experience and best practices for monitoring information resources the Internet, searching and tracking the content of terrorist sites, conducting forensic computer examinations in this area, legal regulation and organization of activities to counter the use of the information space for terrorist purposes;
4) take such legislative and other measures as may be necessary to allow the competent authorities to carry out investigative, search and other procedural measures aimed at preventing, suppressing and eliminating the consequences of terrorist acts in the information space, as well as punishing those responsible for them individuals and organizations;
5) take the necessary legislative and other measures that guarantee legal access to the territory of the State Party to certain parts of the information and communication infrastructure, in respect of which there are legitimate grounds to believe that they will be used to conduct terrorist activities or activities in the information space or with their use facilitating the conduct of terrorist acts or the activities of terrorist organizations, groups or individual terrorists.

Chapter 4

Article 10. Basic measures to counteract offenses in the information space
In order to counteract offenses in the information space, the participating states:
1) make efforts to criminalize the use of information resources and (or) influence on them in the information space for illegal purposes, which include, among other things, the illegal dissemination of information, violations of confidentiality, integrity and availability of information, as well as take legislative and other measures necessary in order to establish and apply liability to persons for attempt, complicity, incitement to commit and commit criminalized socially dangerous acts in the information space;
2) take legislative and other measures necessary to ensure that effective, proportionate and convincing punishment measures are applied to persons who have committed offenses in the information space.

Article 11. Measures for the organization of criminal proceedings
In order to organize the criminal process, the participating States:

1) take legislative and other measures necessary to establish powers and procedures for the purpose of conducting specific criminal investigations or judicial proceedings on the facts of the commission of criminalized socially dangerous acts in the information space;
2) ensure the establishment, execution and application of powers and procedures for the purpose of conducting specific criminal investigations or judicial proceedings on the facts of the commission of criminalized socially dangerous acts in the information space in accordance with the conditions and guarantees provided for by its legislation and ensuring proper protection of human rights and freedoms, and in accordance with the principle of proportionality;
3) take legislative and other measures necessary to ensure that its competent authorities are able to promptly ensure the safety of specific data, including data on information flows stored in the information and communication infrastructure, when there are reasons to believe that these data are particularly at risk of loss or changes;
4) take the legislative and other measures necessary to ensure that the competent authorities of a Member State, or a person designated by those authorities, are promptly provided with sufficient information flow data to enable the identification of service providers and the route by which a particular message was transmitted in its information space;
5) take legislative and other measures that may be necessary to provide its competent authorities with the authority to search or other similar access to information and communication systems and their parts and data stored in them, information carriers on which the required data may be stored, on its territory , as well as to other data and information and communication systems of its information space, in respect of which there are sufficient grounds to believe that they contain the required data;
6) take legislative and other measures necessary to provide its competent authorities with the authority to demand from a person located in the territory of the state and having knowledge of the functioning of the relevant information and communication system, the applied protection measures for the data stored there, to provide the necessary information that will allow them within the established powers, carry out procedures for the purpose of conducting specific criminal investigations or judicial proceedings on the facts of the commission of criminalized socially dangerous acts in the information space;
7) take legislative and other measures necessary to give its competent authorities the authority to collect or record information using technical means in its territory, as well as to oblige service providers to carry out similar actions in real time in cooperation with the competent authorities of this state;
8) take legislative and other measures to establish jurisdiction over any criminalized socially dangerous act in the information space committed on its territory, on board a ship flying the flag of this state, on board an aircraft or other aircraft registered under the laws of this state.

Where more than one State Party claims jurisdiction over an alleged offense, the States concerned shall consult with a view to determining the most appropriate jurisdiction for the prosecution.

Chapter 5. INTERNATIONAL COOPERATION IN THE SPHERE OF INTERNATIONAL INFORMATION SECURITY

Article 12. Cooperation of the participating States
1) The States Parties undertake to cooperate with each other in accordance with the provisions of this Convention and through the application of other international agreements.
2) The participating States, on the basis of voluntariness and reciprocity, exchange best practices in the work on the prevention, legal investigation and elimination of the consequences of criminal acts, including acts for terrorist purposes, using the information space. The exchange can be carried out both on a bilateral and multilateral basis. The State Party providing the information is free to establish confidentiality requirements. A participating State that has received such information may use it as an argument in its relations with the providing participating State when discussing issues of mutual assistance.

Article 13. Confidence building measures in the field of military use of the information space
Each participating State should strive to build confidence-building measures in the field of the military use of the information space, which include:
1) exchange of national concepts for ensuring security in the information space;
2) prompt exchange of information about crisis events and threats in the information space and measures taken in relation to their settlement and neutralization;
3) consultations on activities in the information space, which may cause concern to the participating states, and cooperation in relation to the settlement of conflict situations of a military nature.

Article 14. Advisory assistance
The States Parties undertake to consult and cooperate with each other in the solution of any questions that may arise in relation to the objectives of or in connection with the implementation of the provisions of this Convention.

FINAL PROVISIONS

Article 15 Signature of the Convention
This Convention is open for signature by all States.

Article 16 Ratification of the Convention
This Convention is subject to ratification. Instruments of ratification shall be deposited with the Secretary-General of the United Nations.

Article 17 Accession to the Convention
This Convention is open for accession by any State. Instruments of accession shall be deposited with the Secretary-General of the United Nations.

Article 18 Entry into force of the Convention
1. This Convention shall enter into force on the thirtieth day following the date of the deposit with the Secretary-General of the United Nations of the twentieth instrument of ratification or accession.
2. For each State which ratifies or accedes to this Convention after the twentieth instrument of ratification or accession has been deposited, this Convention shall enter into force on the thirtieth day after such State has deposited its instrument of ratification or accession.

Article 19 Amendment of the Convention
1. Any State Party may propose an amendment and submit it to the Secretary-General of the United Nations. The Secretary-General shall then communicate the proposed amendment to the States Parties with a request that they indicate whether they favor a conference of States Parties for the purpose of considering and voting on the proposals. If, within four months from the date of such communication, at least one third of the States Parties favor such a conference, the Secretary-General shall convene the conference under the auspices of the United Nations. Any amendment adopted by a majority of the States Parties present and voting at this conference shall be submitted to the General Assembly for approval.
2. An amendment adopted in accordance with paragraph 1 of this article shall enter into force upon its approval by the General Assembly of the United Nations and acceptance by a two-thirds majority of the States Parties.
3. When an amendment enters into force, it shall be binding on those States Parties which have accepted it, while the other States Parties shall remain bound by the provisions of this Convention and any earlier amendments which they have accepted.

Article 20 Reservations to the Convention
1. The Secretary-General of the United Nations shall receive and circulate to all States the text of reservations made by States at the time of ratification or accession.
2. A reservation inconsistent with the object and purpose of this Convention is not permitted.
3. Reservations may be withdrawn at any time by notification to the effect addressed to the Secretary-General of the United Nations, who shall then inform all States accordingly. Such notification shall take effect from the date of its receipt by the Secretary General.

Article 21 Denunciation of the Convention
Any State Party may denounce this Convention by written notification to the Secretary-General of the United Nations. The denunciation shall take effect one year after the receipt of the notification by the Secretary General.

Article 22 Depositary of the Convention
The Secretary-General of the United Nations is designated as the depositary of this Convention.

Article 23 The original of this Convention, of which the Arabic, Chinese, English, French, Russian and Spanish texts are equally authentic, shall be deposited with the Secretary-General of the United Nations.

In witness whereof the undersigned plenipotentiaries, being duly authorized thereto by their respective governments, have signed this Convention.

"20435"

In the first ten days of June 2012, the Third International Meeting of High Representatives in charge of security issues took place in St. Petersburg. It was attended by delegations from 59 countries representing security councils, offices of presidents and heads of government, ministries and departments responsible for the security of their countries, as well as from the UN Office on Drugs and Crime and the International Maritime Organization. Issues of international energy and information security, countering piracy, as well as threats associated with asteroid-comet hazard and space debris were discussed (1).

One of the main points was to be the discussion of the project proposed last year by the Russian side UN Convention "On Ensuring International Information Security". Convention on International Information Security. The St. Petersburg meeting was supposed to be the final one before submitting this document to the UN for consideration (2).

The essence of the document is the consolidation at the international level of a number of concepts - information warfare, information security, information weapons, terrorism in the information space and others, which so far appear exclusively in scientific and scientific publicistic works, but have not become categories of international law. The Russian draft Convention clearly spells out the issues of maintaining the sovereignty of the state over its information space, as well as provisions aimed at protection from “actions in the information space with the aim of undermining the political, economic and social systems of another state, psychological manipulation of the population, destabilizing society” (3) .

In many ways Russian project The UN Convention on Ensuring International Information Security is a counterbalance to the well-known Budapest Convention (Council of Europe Convention on Cybercrime), which Washington is trying to impose as a document of a “global” nature in matters of cybersecurity.

Russia is categorically not satisfied with at least the 32nd article in the Budapest Convention on "cross-border access", which allows the special services of some countries to penetrate the computer networks of other countries and conduct operations there without the knowledge of national authorities. For a long time the Russian side tried to convince the Europeans to remove or edit this state-sovereignty-violating provision (4), but the US-backed signatories categorically refuse to make any changes to the document. The logical step for Russia in this case was the refusal to sign the Budapest Convention.

If Moscow believes that it is necessary to talk about the whole range of measures related to the possible illegal (hostile) use of information or information and communication technologies (ICT), then Washington insists that it is enough to limit everything to issues of cyber threats. With the American approach, information and psychological operations are excluded from the sphere of international legal regulation, which, in last years are increasingly carried out precisely through ICT and, in particular, through social networks. Moreover, the United States, through its representatives in various forums, says that any attempt to bring these issues into the circle of cybersecurity (or information security) problems will be seen as a desire to put pressure on "civil society", threaten "freedom of speech" and "strengthen authoritarian tendencies."

Not only Russia disagrees with this interpretation of the problem. China has long been a reliable ally of the Russian Federation in this matter. There are many who support this approach in the countries of the CIS, Asia, Africa, Latin America. And not all European states are delighted with the ideas embodied in the Budapest Convention: it is no coincidence that only two thirds of the member states of the Council of Europe have signed/ratified this convention.

Russia has done significant work in connection with its proposed draft UN Convention. First submitted to the public in its entirety in 2011 in Yekaterinburg at the Second International Meeting of High Representatives in charge of security issues, it went through a lot of discussions.

March 6-7, 2012 in Russian center science and culture in Delhi, a Russian-Indian scientific seminar "Concept of the Convention on Ensuring International Information Security" was held, dedicated to the discussion of the draft convention. The organizers of the scientific event were the Institute of Information Security Problems of Moscow State University named after M.V. Lomonosov, the Embassy of the Russian Federation in India, the Defense Research and Development Organization of the Ministry of Defense of India (IDSA) with the assistance of the representative office of Rossotrudnichestvo (5). On February 7-8, 2012, at the 14th National Information Security Forum in Moscow, this issue was also on the agenda (6). Non-governmental organizations and business joined the discussion of the document (7). The Russian side is holding bilateral consultations on this issue with its partners.

However, there are occasional surprises here as well. An example is the recent decision of Belarus to apply for accession to the Budapest Convention (8). According to media reports, this happened in violation of agreements with Russia regarding the readiness of Minsk to support the Russian project and without notifying the Russian side. The interlocutors of Kommersant who reported this in Russian diplomatic circles admit that they did not expect "such an unfriendly step" from Minsk.

It is easy to imagine an even greater surprise of the Europeans. This was not expected from a country whose leader is called “the last dictator of Europe”. It is highly doubtful that the Council of Europe will quickly consider the Belarusian application, and even if it does, it is doubtful that the answer will be positive.

There remains some ambiguity with the position of Ukraine. On the one hand, Kyiv not only signed the Budapest Convention, but also ratified it and is a member of the Cybercrime Convention Committee. This can be understood in such a way that Ukraine has already assumed the entire package of obligations (even if they do not quite correspond to its national interests) related to this document. On the other hand, despite the ratification of the convention, its provisions have not been implemented into Ukrainian legislation. This means that there remains a certain vacuum (legislative pause), which can be fully exploited. Will Ukraine publicly support the Russian document? In the context of Kyiv's deteriorating relations with Brussels and Washington, official Kyiv is unlikely to dare to tease them in the public arena. However, informal support (including modest opportunities within the UN) is a very real step. Moreover, for Kyiv, the document proposed by the Russian side is really interesting and describes much better the threats that Ukraine faces in modern world. In addition, if the Russian version of the convention is adopted by the United Nations (the reality of this is quite high), Ukraine will most likely want to reconsider its position and be able to support this document more openly.

(1) http://www.scrf.gov.ru/news/720.html

(2) http://www.securitylab.ru/news/425397.php

(3) http://www.scrf.gov.ru/documents/6/112.html

(4) http://www.kommersant.ru/doc/1953059/print

(5) http://www.iisi.msu.ru/news/news54/

(6) http://2012.infoforum.ru/

(7) http://expo-itsecurity.ru/company/aciso/files/12994/

(8) http://www.kommersant.ru/doc/1953059/print

If you notice a mistake in the text, highlight it and press Ctrl+Enter to send the information to the editor.