The Russian concept of the UN convention "On Ensuring International Information Security" will be discussed in March with China and India. The Security Council and the Foreign Ministry figured out how to establish peace and order in cyberspace The UN Convention on International Security

Recipes 10.09.2019

Recipes

In the first ten days of June 2012, the Third International Meeting of High Representatives in charge of security issues took place in St. Petersburg. It was attended by delegations from 59 countries representing Security Councils, Offices of Presidents and Heads of Government, ministries and departments responsible for the security of their countries, as well as from the UN Office on Drugs and Crime and the International Maritime Organization. Issues of international energy and information security, countering piracy, as well as threats associated with asteroid-comet hazard and space debris (1).

One of the main points was to be the discussion of the draft UN convention "On Ensuring International Information Security" proposed last year by the Russian side. The St. Petersburg meeting was supposed to be the final one before submitting this document to the UN (2).

The essence of the document is to consolidate at the international level a number of concepts - information warfare, information security, information weapons, terrorism in the information space and others, which so far appear exclusively in scientific and scientific journalism works, but have not become categories. international law. The Russian draft Convention clearly spells out the issues of maintaining the sovereignty of the state over its information space, as well as provisions aimed at protecting against “actions in the information space with the aim of undermining the political, economic and social systems another state, psychological manipulation of the population, destabilizing society” (3).

In many ways Russian project The UN Convention on Ensuring International Information Security is a counterbalance to the well-known Budapest Convention (Council of Europe Convention on Cybercrime), which Washington is trying to impose as a document of a “global” nature in matters of cybersecurity.

Russia is categorically not satisfied with at least the 32nd article in the Budapest Convention on "cross-border access", which allows the special services of some countries to penetrate the computer networks of other countries and conduct operations there without the knowledge of national authorities. For a long time the Russian side tried to persuade the Europeans to remove or edit this state-sovereignty-violating provision (4), but the US-backed signatories categorically refuse to make any changes to the document. The logical step for Russia in this case was the refusal to sign the Budapest Convention.

If Moscow believes that it is necessary to talk about the whole range of measures related to the possible illegal (hostile) use of information or information and communication technologies (ICT), then Washington insists that it is enough to limit everything to issues of cyber threats. With the American approach, information and psychological operations are excluded from the sphere of international legal regulation, which, in last years are increasingly carried out precisely through ICTs and, in particular, through social networks. Moreover, the United States, through its representatives in various forums, says that any attempt to bring these issues into the circle of cybersecurity (or information security) problems will be seen as a desire to put pressure on "civil society", threaten "free speech" and "strengthen authoritarian tendencies."

Not only Russia disagrees with this interpretation of the problem. China has long been a reliable ally of the Russian Federation in this matter. There are many who support this approach in the countries of the CIS, Asia, Africa, Latin America. And not all European states are delighted with the ideas embodied in the Budapest Convention: it is no coincidence that only two thirds of the member states of the Council of Europe have signed/ratified this convention.

Russia has done significant work in connection with its proposed draft UN Convention. First submitted to the public in its entirety in 2011 in Yekaterinburg at the Second International Meeting of High Representatives in charge of security issues, it went through a lot of discussions.

March 6-7, 2012 in Russian center science and culture in Delhi, a Russian-Indian scientific seminar "Concept of the Convention on Ensuring International Information Security" was held, dedicated to the discussion of the draft convention. The organizers of the scientific event were the Institute of Information Security Problems of Moscow State University named after M.V. Lomonosov, the Embassy of the Russian Federation in India, the Defense Research and Development Organization of the Ministry of Defense of India (IDSA) with the assistance of the representative office of Rossotrudnichestvo (5). On February 7-8, 2012, at the 14th National Information Security Forum in Moscow, this issue was also on the agenda (6). Non-governmental organizations and business joined the discussion of the document (7). The Russian side is holding bilateral consultations on this issue with its partners.

However, there are occasional surprises here as well. An example is the recent decision of Belarus to apply for accession to the Budapest Convention (8). According to media reports, this happened in violation of agreements with Russia regarding the readiness of Minsk to support the Russian project and without notifying the Russian side. The interlocutors of Kommersant who reported this in Russian diplomatic circles admit that they did not expect "such an unfriendly step" from Minsk.

It is easy to imagine an even greater surprise of the Europeans. This was not expected from a country whose leader is called “the last dictator of Europe”. It is highly doubtful that the Council of Europe will quickly consider the Belarusian application, and even if it does, it is doubtful that the answer will be positive.

There remains some ambiguity with the position of Ukraine. On the one hand, Kyiv not only signed the Budapest Convention, but also ratified it, and is a member of the Cybercrime Convention Committee. This can be understood in such a way that Ukraine has already assumed the entire package of obligations (even if they do not quite correspond to its national interest) associated with this document. On the other hand, despite the ratification of the convention, its provisions have not been implemented into Ukrainian legislation. This means that a certain vacuum remains - a legislative pause, which can be used. Will Ukraine publicly support the Russian document? In the context of Kyiv's deteriorating relations with Brussels and Washington, official Kyiv is unlikely to dare to tease them in the public arena. However, informal support (including modest opportunities within the UN) is a very real step. Moreover, for Kyiv, the document proposed by the Russian side is really interesting and describes much better the threats that Ukraine faces in modern world. In addition, if the Russian version of the convention is adopted by the United Nations (the reality of this is quite high), Ukraine will most likely want to reconsider its position and be able to more openly support this document.

(1) http://www.scrf.gov.ru/news/720.html

(2) http://www.securitylab.ru/news/425397.php

(3) http://www.scrf.gov.ru/documents/6/112.html

(4) http://www.kommersant.ru/doc/1953059/print

(5) http://www.iisi.msu.ru/news/news54/

(6) http://2012.infoforum.ru/

(7) http://expo-itsecurity.ru/company/aciso/files/12994/

(8) http://www.kommersant.ru/doc/1953059/print

This draft contains only the semantic articles of the Convention that are directly devoted to the issues of ensuring information security. The preamble, final and other provisions of the Convention are not given here.

Section I. Basic concepts and principles.

Article 1. Basic concepts.

For the purposes of this convention, the following concepts are established in the field of information security:

Information is an intangible object that represents information, data, facts, as well as the results of their assessment in the human mind, mediating interactions and communications within human society. Information is also a process of transmitting information, messages, facts.

Information space is a field of activity that includes the production, collection, search, processing, storage and distribution of information, information infrastructure, including computers and information and telecommunication networks, as well as information itself.

Information security is the state of protection of an individual, society, state from information that is harmful or illegal, from information that affects the consciousness of an individual, hindering the sustainable development of an individual, society and the state. Information security is also providing sustainable development the state of security of the information infrastructure, including computers and information and telecommunications infrastructure, and the information they contain.

Information warfare is one of the types of actions affecting information security, which consists in the actions of the state aimed at information in itself, including the dissemination of information that is contrary to the principles and norms of international law and, above all, the UN Charter, and / or to information infrastructure and processing facilities information of another state, including, but not limited to, actions carried out with the aim of disrupting the normal functioning of information systems. cause difficulty in work for authorized users, destruction of banks and databases, carry out illegal penetration into information networks, destruction of information contained in computers and information networks.

Information terrorism - acts, methods and practices that are expressed in the dissemination of information that is contrary to the norms and principles of international law, as well as in disruption of the normal operation of the information infrastructure of the state and society, the destruction of banks and databases, in penetration into information networks, in other use of the capabilities of information and communication networks that constitute a gross disregard for the purposes and principles of the United Nations, designed or calculated to create a climate of fear, panic among the general public, a group of individuals or specific individuals, committed for political purposes, if such acts, methods and practices are likely to cause death or harm person or persons, substantial property damage, civil disorder, or significant economic loss.

Information crimes actions aimed at the dissemination of information prohibited for dissemination

international law and national legislation, as well as the use of the capabilities of information and communication systems, including illegal penetration into information systems, the creation and distribution of viruses, for illegal purposes.

Information weapons are means and methods used to influence and damage information and communication structures, as well as critical infrastructures of the state and society, as well as to provide psychological and ideological impact.

Article 2 Principles

The following basic principles are hereby established:

1. States are obliged to use the information space for peaceful purposes.

2. The activities of states in the information space should promote the free dissemination of information and knowledge in the field of culture and science and their mutual exchange, promote the development of education, social and economic development to improve the quality of life of all peoples and to provide leisure, with due respect for the political and cultural integrity of States.

3. All states and peoples have the right to carry out activities in the information space and should enjoy the benefits from its implementation. Access to technology in this area should be open to all states without discrimination on terms mutually agreed upon by all parties concerned.

4. Activities in the information space must be carried out in such a way that it is compatible with the sovereign rights of states, including the principle of non-intervention, as well as with the right of everyone to seek, receive and disseminate information and ideas, as recorded in the relevant UN documents.

5. States should strive to limit information security threats.

Section 2. Information wars.

States must refuse to develop and adopt plans and doctrines that provide for the possibility of waging information wars.

It is prohibited for a state to conduct information wars with the aim of influencing another state in order to achieve a dominant position in the information space.

The development, production, accumulation, use, distribution of information weapons, as well as the use of methods of information weapons is prohibited.

Section 3. Cooperation between states in the field of combating information terrorism and information crime

Article 5 Obligation to cooperate

States are obliged to cooperate with each other in the field of combating information terrorism and information crime, including in order to establish uniform legal regimes and grounds for responsibility for committing actions that fall under the definition of information terrorism and information crimes, to provide legal assistance, resolving issues of extradition of criminals.

Article 6 Measures at the national level

In order to unify national laws establishing responsibility for committing information crimes. States Parties, in accordance with this Convention, shall establish in national legislation criminal liability for the commission of the following acts:

1. Theft of information - deliberate, without special authority, the seizure of information located in a computer or information system, while this information should not be available to an unlimited circle of persons.

2. Intervention in an information system or computer - intentional, without special authority, the commission of actions that lead to a violation of the performance of a computer or information system of its functions.

4. Interception of information - deliberate, without special authority, with the help of technical means, the interception of computer information not intended for public distribution, transmitted within the framework of an information system.

5. Creation, use and distribution of malicious programs - deliberate, without special authority, the creation, use and distribution of computer programs specially created or

adapted to perform the actions specified in paragraphs 1-4 of this article.

The actions specified in and. 1-5 of this Article are recognized as information crimes. Participating States should establish penalties for information crimes based on the severity of the crimes committed.

If any of the actions specified in paragraphs 1-5 of this Article are committed for political reasons, in order to create an atmosphere of fear and panic, these actions are recognized as information terrorism. The participating States agree to establish severe punishment for acts recognized as information terrorism.

Information crimes also recognize acts aimed at the production, distribution, transfer or other means of making available information that is prohibited for dissemination by international law or national legislation, namely: war propaganda, incitement to war, propaganda of violence, racial hatred, discrimination, apartheid, genocide , child pornography.

Article 7 Questions of Jurisdiction

Each state has jurisdiction over information crimes committed in its territory. The place of the commission of a crime is the place of the commission of actions that are part of the crime, and if, in order to recognize the act as criminal, the law establishes the obligatory occurrence of negative consequences, the place of occurrence of these consequences.

In the event of a conflict of jurisdiction, the matter shall be resolved through consultations between the States having jurisdiction over the act.

Article 8. Issues of extradition.

States Parties to this Convention shall include the offenses set forth in the Convention for which extradition is possible in their national legislation and in their respective legal aid or extradition treaties.

In the absence of an agreement on legal assistance or an extradition treaty between certain States Parties to this Convention, this Convention may be considered by the said Parties as a legal basis for the provision of legal assistance or for the extradition of criminals.

Section 4 Information Weapons Control

Article 9 Obligations of States

The States Parties to this Convention undertake not to develop, produce, stockpile, use, distribute information weapons, or use information weapons methods.

Article 10 Consultations

The States Parties to this Convention undertake to consult and cooperate with each other in resolving any issues that may arise in relation to the information weapons control regime. Consultations and cooperation pursuant to this article may also be undertaken through the use of appropriate international procedures within the framework of the United Nations and in accordance with this Charter.

Article 11. Legislative measures

The States Parties to this Convention shall adopt such necessary legislation, including criminal legislation, which would prohibit and establish liability for persons carrying out activities related to information weapons prohibited by the Convention in the territory under the jurisdiction or control of a State Party.

Article 12 Inspections

Any State Party to this Convention that determines that any other State Party is acting in violation of obligations arising from the provisions of the Convention relating to the control of information weapons may file an application with the Information Security Organization. Such a statement must contain all possible evidence confirming its validity.

If the Information Security Organization recognizes the application as justified, it applies to the UN Security Council with a proposal to conduct an inspection in the state in respect of which the application has been submitted.

The inspection is carried out in the information networks and computers of the inspected state using special

software and hardware, as well as with the participation of relevant

specialists.

Each State Party to this Convention undertakes to cooperate in the conduct of any inspections which may be undertaken by the Security Council.

Section 5. Organization in the field of information security

Article 13. General provisions.

The States Parties to this Convention hereby establish international organization in the field of information security. Members of the Organization are all States Parties to this Convention.

The General Conference is hereby established as organs of the Organization. Council and Secretariat.

Article 14. Goals and objectives

The following main goals and objectives of the Organization are hereby established:

Rendering assistance to cooperation of the states in the field of peaceful use of information space and information technologies for the benefit of the entire international community for the purpose of economic prosperity, social and cultural development of the individual, society, state.

Ensuring cooperation between states in the field of solving information security problems, such as preventing

> information wars, the fight against information crime and

terrorism, information weapons control.

Development and adoption of standards for the safe use of information space and information technology.

Assessment and prevention of newly emerging threats to information security.

Article 15 General Conference

The General Conference is the principal organ of the Organization. The General Conference consists of all members of the Organization. Each member shall have one representative at the Conference, who may be accompanied by alternates and advisers. Each member of the Organization has one vote in the General Conference.

The General Conference meets in regular session at least once t times a year, unless it decides otherwise.

General Conference:

(a) May, within the framework of the Convention, discuss and decide on any matters or matters covered by this Convention, including those relating to the powers and functions of any body under this Convention.

b) Establishes the procedure for the control system to ensure the implementation of this Convention.

c) Adopts standards for the safe use of the information space and information technology

d) Elects the members of the Council and the General Secretary.

e) May remove the Secretary-General from his post if required for the proper functioning of the Organization.

f) Receive and consider reports from the Council and the Secretary General.

g) Organize and consider studies designed to promote the best possible implementation of the objectives of this Convention, without prejudice to the authority of the Secretary-General to independently conduct such studies for submission to the Conference. The General Conference approves the budget of the Organization and determines the scale of assessments of the Member States, taking into account the systems and criteria applied for this purpose by the United Nations. The General Conference shall elect its officers for each session and may establish such subsidiary bodies as it may deem necessary for the performance of its functions.

Decisions of the General Conference shall be taken by a two-thirds majority of the members present and voting, when we are talking on matters relating to the control system, the election or dismissal of the Secretary General, the approval of the budget and related matters. Decisions on other matters, as well as on matters of procedure and in determining matters to be decided by a two-thirds majority, shall be taken by a simple majority of the votes of the members present and voting. The General Conference establishes its Rules of Procedure.

Article 16

The Council consists of 10 Members of the Organization, who are elected by the General Conference, with due regard to equitable geographical distribution.

Council members are elected for a term of four years.

Each member of the Council has one representative.

The Council is organized in such a way that it can function continuously.

The Council, through the Secretary General, shall ensure the correct operation of the system of control in accordance with the provisions of this Convention and the decisions taken by the General Conference.

The Council shall submit to the General Conference an annual report on its work, as well as such special reports as it deems necessary or as the General Conference directs it to draw up.

The Council elects its officers for each session.

Decisions of the Council are taken by a simple majority of votes of its members present and voting.

The Council shall establish its own rules of procedure.

Article 17 Secretariat

The Secretariat includes the Secretary General, who is the highest administrative official Organization, and such personnel as is necessary for the Organization. The Secretary General is elected for a term of four years and may be re-elected for one additional term. In the event that the post of Secretary General becomes vacant, new elections are held to fill the vacancy for the remaining term.

The staff of the Secretariat shall be appointed by the Secretary General in accordance with the rules adopted by the General Conference. The Secretary-General shall ensure the correct functioning of the control system established by this Convention in accordance with the provisions of the Convention and the decisions of the General Conference. The Secretary-General participates ex officio in all meetings of the General Conference and Council and submits to both organizations an annual report on the activities of the Organization, as well as any

special reports at the request of the General Conference or the Council, or at its own discretion.

Pdahotnoy D.G., M. Itd-io MSU. 1992. from 16

4 SUwormr Redo “Crime as the Growing international security threat: The United Nations and Effective Countermeasures Against Transnational Economic and Computer Crime” tt UNAFEl Annual Report for 1998 ond Resource Material Scries No vv l-uchu Tokyo Japan. March 2000p 120

'A/55P4O. from 4

1 Winn Schwartau. Information Warfare: Chaw on the Electronic Superhighway - p i 3 (1994)

1 Dr Andrew Rathmell "Infonnation warfare: Implications for Arms Control" H Bulletin of Arms Control n. April 29, 1998 pp.8-14

The proper functioning of the Internet has become a vital function for any state, its population and economy. This is stated in the Concept of the UN Convention on the Safe Internet, which was developed by the Ministry of Telecom and Mass Communications (Minkomsvyaz) of the Russian Federation. TASS explains why this project was needed, what goals it pursues and what problems it proposes to deal with.

What is this concept?

This is a project whose goal is to create a full-fledged, legally significant international agreement on the safe functioning and development of the Internet. The document also talks about the fact that the Internet and digital technologies in general are becoming the infrastructure basis for. “More and more industries and households are switching to certain digitalized processes, so it is important for us to ensure the stable development of the Internet,” TASS Minister of Telecom and Mass Communications Nikolai Nikiforov. “It is important for us to make sure that it functions reliably so that no one can him a certain influence."

Unlike the UN Charter, conventions are not binding on the members of the organization. This or that country can both ratify this or that treaty, and not to do it. Nevertheless, the emergence of a global convention governing the development of the Internet is a major task. “We believe that the digital economy is impossible without trusting relationships in the information space, and they cannot be ensured without these approaches being agreed and approved on the basis of international law, right in the UN,” Nikiforov noted.

Do similar international documents already exist in the world?

Yes. In 2011, the UN adopted a resolution based on an authoritative report by UN Special Representative Frank La Rue, which states that the distribution of information on the Internet should be as free as possible, except in cases where there may be copyright infringement associated with cyberattacks to seize data. The document states that the Internet has become an indispensable tool for the realization of human rights, the fight against inequality and the development of progress.

In 2013, the UN General Assembly approved a resolution on the protection of personal data on the Internet, and three years later adopted an expanded resolution on the right to freedom of expression on the Internet. World Organization called on all countries to "review their procedures, practices and laws regarding the interception of correspondence, as well as their measures for the interception and collection of personal information, including the practice of mass surveillance, in order to protect the right to privacy." The resolution also "unreservedly condemned" blocking or other measures that violate free access to the Internet.

However, these documents did not solve all the problems, and the problem of regulating the Internet space still remains open. In mid-September 2017, the Secretary General of the world organization António Guterres, the emergence of unregulated segments on the Internet is one of the seven most serious challenges for humanity.

Has Russia proposed other projects to regulate the Internet?

Yes. In 2011, Russia submitted to the UN a draft convention on ensuring international information security. It dealt with the prevention of military conflicts in cyberspace, the fight against cyberterrorism and cyber fraud. However, a number of countries accepted it with hostility - the United States and EU members considered that Russia was trying to secure the principle of complete control of individual states over their national segments of the Internet. Subsequently, many of the provisions of the 2011 project were included in the documents adopted at the level of the CSTO, the CIS and the SCO, but Russia's initiative did not receive wide international support.

At the end of May 2017, Russia also published the draft UN Convention on Cooperation in the Field of Combating Information Crime. This document was conceived as an alternative to the 2001 Budapest Computer Crime Convention, which was signed by all Council of Europe countries except Russia. The draft contains the basic principles on which the fight against cybercrime should be built, while the Concept of the UN Convention on the Safe Internet is a more comprehensive document.

What are the objectives of the UN Safer Internet Convention Concept?

— Promoting the further development of the Internet.

— Improving the security of the network and guaranteeing the rights and freedoms of its users.

— Establishment of an equitable international cooperation in Internet governance.

— Promoting the adoption and strengthening of measures aimed at more effective and efficient Internet governance.

What does the concept offer?

To achieve the above goals, the concept proposes the following general principles international cooperation in Internet governance:

— Internet governance should be an open democratic process based on generally recognized principles and norms of international law, focused on the needs of people, protecting their rights and freedoms, including ensuring personal information security.

- This process should not be subject to any unilateral political restrictions or commercial interests.

— Internet Governance aims to:

Harmonization of national and international norms and standards, to ensure coordinated interaction of all levels of government, taking into account the right of each state to manage the national segment of the Internet;

Equal distribution of the powers of one state to control Internet governance systems among all states and, if necessary, other subjects of international law;

Creation of international legal and organizational framework Internet governance;

Ensuring the security, integrity, stability and resilience of the Internet.

How is this concept going?

At the end of July 2017, the project was for consideration at a meeting of the Ministers of Communications and Telecommunications of the BRICS countries (Brazil, Russia, India, China and South Africa). To all appearances, the document was taken into account: many of its provisions were reflected in the Xiamen Declaration, adopted at the end of the "five" summit in early September. In particular, the BRICS leaders spoke in favor of the equal participation of states in Internet governance and called for more inclusive structures that manage and regulate the main Internet resources.

The BRICS leaders also reiterated the central role of the UN in developing universally recognized norms for the responsible behavior of states in the use of information and communication technologies in order to ensure a peaceful, secure, open, cooperative, stable, orderly, accessible and equitable environment. Earlier, Neil Walsh, Head of the UN Office for Cybercrime, told TASS that the World Organization is contributing to the discussion that Russia is leading on its draft convention.

Russia has figured out how to put a reliable barrier to the Internet revolutions spreading around the world. Kommersant has at its disposal a draft UN convention "On Ensuring International Information Security" prepared by the Security Council and the Russian Foreign Ministry. The document, which Russia expects to adopt as early as 2012, bans the use of the Internet for military purposes and to overthrow regimes in other countries, but at the same time leaves the authorities complete freedom of action within the national segments of the network. Experts are convinced that Moscow's main goal is to eliminate the threat posed by the growing US cyber warfare capabilities.

Digital counterrevolution

The document, which came to Kommersant's disposal, was presented for the first time at a closed meeting of heads of special services and law enforcement agencies of 52 countries, which ended yesterday in Yekaterinburg, organized by the Russian Security Council. The main topic of the forum was global information security, and the highlight of the program was the draft UN convention on its protection prepared by the hosts. The 18-page document is the result of many years of work by experts from the Security Council and the Ministry of Foreign Affairs of the Russian Federation, as well as the Institute for Information Security Problems of Moscow State University.

Moscow has long advocated the need to adopt a set of international rules of conduct in cyberspace (see Kommersant of April 29). According to the FSB, Russian law enforcement We constantly have to deal with cyber attacks: only the websites of the President of the Russian Federation, the State Duma and the Federation Council are subjected to up to 10 thousand attacks daily. Russian business, especially banking, also suffers from hackers.

The main threats against which the document promoted by Russia is aimed are listed in detail in its fourth article. Among them are “the use of information technologies for hostile actions and acts of aggression”, “undermining the political, economic and social systems” of one state by another, “manipulating flows in the information space of other states in order to distort the psychological and spiritual environment of society”, as well as “massive psychological indoctrination of the population to destabilize society and the state". Moscow considers such actions constituent parts"information war" and demands to recognize them as a crime against international peace and security.

According to Kommersant's interlocutors in Russian government structures, Moscow is concerned about these threats for a reason. The fact is that in some countries cybertroops are being actively created to conduct combat operations on the Internet. In October 2010, the US Cyber Command (US Cyber Command) with a staff of more than 1,000 people was fully operational. The UK, China, Israel and India have special cyber units. Russia, as Kommersant was told back in July by Ilya Rogachev, head of the Russian Foreign Ministry's Department for New Challenges and Threats, lags far behind foreign players in terms of investment in technology and personnel to fight in cyberspace. In addition to the militarization of cyberspace, Moscow fears the use of the Internet and cellular communication to mobilize people and coordinate mass anti-government protests.

The rules that should help Russia fight these threats are detailed in the convention's key fifth article. "States will be guided by the principle of the indivisibility of security and will not strengthen their security to the detriment of the security of others," the document says. "Not a single state will attempt to achieve dominance in the information space over other states."

Thus, Moscow wants to enshrine in the new convention the same principle of the indivisibility of security, which it tried to fix in the European Security Treaty proposed by President Medvedev. This will allow the Russian Federation to obtain legal guarantees of non-aggression. According to Kommersant's interlocutors close to the development of the document, that is why Moscow decided to immediately prepare it in the form of a UN convention that has legal force and priority over national legislation.

To do this, the concept contains a number of provisions that are designed to protect Russia and other countries from a cyber attack or from outside assistance to the local opposition in organizing a twitter revolution. The sixth article of the convention obliges states "to refrain from developing and adopting plans that can provoke an increase in threats in the information space", "not to use information and communication technologies to interfere in matters within the internal competence of another state" and, finally, "to refrain from slanderous statements offensive or hostile propaganda for intervention or interference in the internal affairs of other states".

At the same time, Russia is seeking to enshrine in the convention the principle of non-interference in each other's information space. "Each state has the right to establish sovereign norms and manage its information space in accordance with national laws," the draft notes. And although the document states that states must protect freedom of speech on the Internet and "have no right to restrict citizens' access to the information space," the text makes an important reservation: governments can impose restrictions "in order to protect national and public security." And the degree of threat emanating, for example, from calls to gather on a certain day in a certain area, each country is free to understand in its own way.

Revolutionaries in civilian clothes

According to Kommersant's information, Moscow hopes that the convention will be adopted as early as next year. However, as Kommersant's interlocutors in the Russian Foreign Ministry and the Security Council admit, difficulties may arise with this, since the key points of the Russian treaty directly contradict the policy of the most powerful cyberpower now - the United States.

Washington is actively developing digital diplomacy, the hidden part of which is precisely the measures to destabilize authoritarian regimes with the help of Internet technologies (see Kommersant of September 15). Americans do not recognize the existence of "national internets" and do not believe that measures to break the censorship barriers of other countries are interference in their internal affairs. The United States includes access to the Internet in a set of universal human rights, which cannot be limited under any pretext. The provisions of the White House cyberdoctrine adopted in May, which leaves the United States the right to develop offensive cybertechnologies and respond to cyberattacks by all available means, including nuclear weapons, are also contrary to the proposals of the Russian Federation.

"To convince Western countries accepting the Russian proposals will not be easy. It is unlikely that a document in this form will be adopted at the UN site, - believes Chief Editor Fyodor Lukyanov of Russia in Global Affairs magazine. “But in any case, the Russian initiative will show that Moscow is a source of ideas for an alternative world order, and therefore the convention will be favorably received by countries like China.”

However, Beijing may also not like certain provisions of the convention, primarily the mechanisms for investigating cybercrime. The Convention invites states to cooperate with each other in the investigation of cyber attacks and, in some cases, to allow foreign investigators to access relevant systems on their territory.

Kommersant's interlocutors in the Russian Foreign Ministry are sure that it will be easier to negotiate with the Chinese than with the Americans, but they do not leave hope to convince the latter. According to a Kommersant source in the Foreign Ministry, now the United States and a number of European countries are already preparing their response to the Russian initiative - they want to expand the Council of Europe's 2001 Budapest Convention on Cybercrime by November. Russia did not join this treaty, which was ratified by 31 countries (another 16 signed but did not ratify it), because it is not satisfied with the right of the special services of some countries written in the document to penetrate into the cyberspace of other countries and conduct operations there without putting local authorities to the notoriety.

"The coming months will be extremely tense. The question is who will be able to convince more countries of the advantages of their project - us or them," sums up Kommersant's interlocutor in the Russian Foreign Ministry. "We fired first, but the main work is just beginning." Following the meeting in Yekaterinburg, Nikolai Patrushev expressed hope that the final document for submission to the UN could be developed by the next meeting. According to Kommersant's information, it will take place in St. Petersburg or Moscow.

Elena Chernenko, Alexander Gabuev

"20435"

In the first ten days of June 2012, the Third International Meeting of High Representatives in charge of security issues took place in St. Petersburg. It was attended by delegations from 59 countries representing security councils, offices of presidents and heads of government, ministries and departments responsible for the security of their countries, as well as from the UN Office on Drugs and Crime and the International Maritime Organization. Issues of international energy and information security, countering piracy, as well as threats associated with asteroid-comet hazard and space debris were discussed (1).

One of the main points was to be the discussion of the project proposed last year by the Russian side UN Convention "On Ensuring International Information Security". Convention on International Information Security. The St. Petersburg meeting was supposed to be the final one before submitting this document to the UN for consideration (2).

The essence of the document is the consolidation at the international level of a number of concepts - information warfare, information security, information weapons, terrorism in the information space and others, which so far appear exclusively in scientific and scientific-journalistic works, but have not become categories of international law. The Russian draft Convention clearly spells out the issues of maintaining the sovereignty of the state over its information space, as well as provisions aimed at protection against “actions in the information space with the aim of undermining the political, economic and social systems of another state, psychological indoctrination of the population, destabilizing society” (3) .

In many ways, the Russian draft of the UN Convention "On Ensuring International Information Security" is a counterbalance to the well-known Budapest Convention (Council of Europe Convention on Cybercrime), which Washington is trying to impose as a document of a "global" nature in matters of cybersecurity.

Russia is categorically not satisfied with at least the 32nd article in the Budapest Convention on "cross-border access", which allows the special services of some countries to penetrate the computer networks of other countries and conduct operations there without the knowledge of national authorities. For a long time, the Russian side tried to persuade the Europeans to remove or amend this sovereignty-violating provision (4), but the US-backed signatories categorically refuse to make any changes to the document. The logical step for Russia in this case was the refusal to sign the Budapest Convention.

If Moscow believes that it is necessary to talk about the whole range of measures related to the possible illegal (hostile) use of information or information and communication technologies (ICT), then Washington insists that it is enough to limit everything to issues of cyber threats. With the American approach, information and psychological operations are excluded from the sphere of international legal regulation, which in recent years have been increasingly carried out precisely through ICT and, in particular, through social networks. Moreover, the United States, through its representatives in various forums, says that any attempt to bring these issues into the circle of cybersecurity (or information security) problems will be seen as a desire to put pressure on "civil society", threaten "free speech" and "strengthen authoritarian tendencies."

Not only Russia disagrees with this interpretation of the problem. China has long been a reliable ally of the Russian Federation in this matter. There are many who support this approach in the countries of the CIS, Asia, Africa, and Latin America. And not all European states are delighted with the ideas embodied in the Budapest Convention: it is no coincidence that only two thirds of the member states of the Council of Europe have signed/ratified this convention.

On March 6-7, 2012, the Russian-Indian scientific seminar "Concept of the Convention on Ensuring International Information Security" was held at the Russian Center for Science and Culture in Delhi, dedicated to the discussion of the draft convention. The organizers of the scientific event were the Institute of Information Security Problems of Moscow State University named after M.V. Lomonosov, the Embassy of the Russian Federation in India, the Defense Research and Development Organization of the Ministry of Defense of India (IDSA) with the assistance of the representative office of Rossotrudnichestvo (5). On February 7-8, 2012, at the 14th National Information Security Forum in Moscow, this issue was also on the agenda (6). Non-governmental organizations and business joined the discussion of the document (7). The Russian side is holding bilateral consultations on this issue with its partners.

There remains some ambiguity with the position of Ukraine. On the one hand, Kyiv has not only signed the Budapest Convention, but also ratified it and is a member of the Cybercrime Convention Committee. This can be understood in such a way that Ukraine has already assumed the entire package of obligations (even if they do not quite correspond to its national interests) related to this document. On the other hand, despite the ratification of the convention, its provisions have not been implemented into Ukrainian legislation. This means that there remains a certain vacuum (legislative pause), which can be fully exploited. Will Ukraine publicly support the Russian document? In the context of Kyiv's deteriorating relations with Brussels and Washington, official Kyiv is unlikely to dare to tease them in the public arena. However, informal support (including modest opportunities within the UN) is a very real step. Moreover, for Kyiv, the document proposed by the Russian side is really interesting and describes much better the threats that Ukraine faces in the modern world. In addition, if the Russian version of the convention is adopted by the United Nations (the reality of this is quite high), Ukraine will most likely want to reconsider its position and be able to support this document more openly.