Information security in identification in the digital age: information law aspect

 
PIIS013207690006736-1-1
DOI10.31857/S013207690006736-1
Publication type Article
Status Published
Authors
Affiliation: Institute of State and Law of the Russian Academy of Sciences
Address: Russian Federation, Moscow
Journal nameGosudarstvo i pravo
EditionIssue 9
Pages117-130
Abstract

.This article deals with patterns in the development of legislation and the application of the law in identifying parties to relationships by antitrust authorities, courts of general jurisdiction and arbitration courts. It analyzes the content of the interdisciplinary institution of identification through the prism of Information Law and information security. The author makes some proposals for developing subject-specific Russian legislation considering the key task of ensuring information security of electronic communication in the digital economy and considers a new category “identification privacy”.

Keywordsinformation security, Information Law, institution of identification, legislation, case law, digital economy, identifier, personal data, facial identification, environment of trust, identification privacy
AcknowledgmentThe study was supported by the RFBR within the framework of the research project № 18-29-16013 "Research of conceptual approaches to the formation of the system of legal regulation of information security in the conditions of great challenges in the global information society"
Received18.09.2019
Publication date23.09.2019
Number of characters63307
Cite  
100 rub.
When subscribing to an article or issue, the user can download PDF, evaluate the publication or contact the author. Need to register.
Размещенный ниже текст является ознакомительной версией и может не соответствовать печатной
1 The task and issues of identifying parties to relationships appeared a long time ago, with the emergence of large-scale social interactions. Those interactions required a legally valid way of identifying participants when people started to interact remotely. For example, in ancient history ambassadors or messengers would be sent, while in the Middle Ages, when banking relationships arose, promissory notes and related bank branches appeared in various European countries. In all of those cases the subjects and objects were in different locations where they had to be identified.
2 Identification1 is one of the most ubiquitous life situations that have important social and legal meaning. Citizens of the Russian Federation encountered them both during the Soviet era and now, when in entirely different circumstances, from document checks to making transactions, today’s parties to relationships are involved in identification processes. In the “ordinary” world a person regularly participates in one of the forms of identification: self-identification, when strangers present themselves to each other. Later they recognize (identify) them in communication by their physiological features and peculiarities, by their voice and even by their behavior and manners. 1. Without any claim to the truth, the author supposes that the term identification did not exist in antiquity, but the word “idem”, meaning “the same”, can be found in the Latin language (Latin-Russian Dictionary compiled by D.I. Fomitskiy, Feniks. 2001. P. 226), from which the concept of interest later came.
3 In the predigital age, in ordinary circumstances unrelated to accidents and violations of the law, identification was done primarily using identification documents. And initially the circulation of identification documents was directly or indirectly controlled by the state. Later on, non-state entities became involved in issuing them. In this area, the key issues were and continue to be focused on determining whether the documents and signatures used are authentic, and on combating forgery.
4 Everything changed radically with the advent of modern digital technologies. It is the digital age with its new technologies that has affected the overwhelming majority of branches and institutions of law. As the digital age evolves, existing institutions of law are being altered and new ones are being created. In the author’s opinion, the latter also include the institution of identification, which already encompasses legal relationships that have similar objectives and incorporates a large number of accepted legal norms. Without setting the goal in this work of proving the author’s hypothesis that the institution of identification became independent precisely within the Fourth Industrial Revolution and digital transformation of society, the state and economy, it is worth emphasizing that it is currently vital and important to regulate the processes of identifying parties to relationships, primarily individuals.
5 The large-scale adoption of technologies has made it possible to interact remotely with a person who is being identified, and individual users of the Internet and eGovernment services, online bank customers and online shoppers everywhere have appreciated this opportunity and have already become accustomed to the conveniences provided by technologies.
6 All of the above mentioned has spurred the development of statutory regulation of identification relationships in the digital environment. The fundamental feature of the relationships is that identification is done with the subjects and objects being located at a distance from one another. Yet old methods of identification using paperwork, dealing with notaries and even communicating in person can still be used in these legal relationships.
7 For example, one who uses different social networks rarely reflects on the fact that some of the networks’ users have passed away and that their accounts are still available and often even “live” their own lives. The related problem of who inherits and gains access to these accounts appeared quite some time ago but has now become common. In some cases, network owners require that those interested in the account present a death certificate and original notary’s acts. A number of cases result in litigation, and Google “since 2013 has invited the user him or herself to plan blocking or succession”, for which purpose it has developed the special Google Inactive Manager2. 2. See: Uppit, O. How Services and Social Networks Deal with Accounts of Deceased Users. [Online]: O. Uppit. Company Secret, 2018. URL: >>>> (accessed: 20.08.2019) (in Russ.).
8 Notwithstanding that example and many other life situations, in most cases business is now trying to use new technologies (e.g., facial recognition) to eliminate or minimize any in-person or document-based interaction. This is because user convenience is critical. However, the “price” of convenience and related risks could be quite high.
9 For example, quite recently the news agencies reported an outcome of poorly organized identification. According to the Fontanka.ru online publication, there was a road traffic accident in St. Petersburg in August 2019. One of the parties involved was driving a car sharing vehicle, was allegedly a minor and was driving without a driver’s license. The publication reported that he had purchased an account for approximately RUB 3.5003 in order to use the car sharing service’s vehicles. 3. See: Carsharing Driver Responsible for Multi-Car Accident on Ligovskiy Was 16 Years Old. He Bought the Account [Online] // Fontanka.Ru. 2019. URL: >>>> (accessed: 20.08.2019) (in Russ.).

Number of purchasers: 2, views: 620

Readers community rating: votes 0

1. Administrative Code – Acquisition of Surveillance Technology [Online] // The Committee on Information Technology. 2019. URL: https://sfgov.legistar.com/View.ashx?M=F&ID=7206781&GUID=38D37061-4D87-4A94-9AB3-CB113656159A (accessed: 20.08.2019).

2. An Information Note Prepared Based on the Results of Summarizing the Case Law of the Intellectual Property Court as a Court of First Instance and Cassation, Taking into Account the Practice of the Supreme Court of the Russian Federation on Some Issues that Arise when Evaluating Evidence Containing Information Posted on the Internet [Online]: Resolution of the Presidium of the Intellectual Property Court No. SP-23/24 of 14 September 2017. – Available at “ConsultantPlus” legal database (accessed: 20 Aug. 2019). Resolution of the Intellectual Property Court of 3 October 2016 in case No. À40-138017/2013 [Online]. – Available at “ConsultantPlus” legal database (accessed: 20.08.2019).

3. Arkhipov, V.V. Cybersport Law: Myth or Reality? // Law. 2018. No. 5. P. 80–92 (in Russ.).

4. Digital Future of Public Administration by Results / Ye. I. Dobrolyubova, V.N. Yuzhakov, A.A. Efremov, etc. Moscow, 2019. P. 69 (in Russ.).

5. Arkhipov, V.V. Virtual Law: Main Problems of the New Direction of Legal Research // University News. Jurisprudence. 2013. No. 2 (307). P. 103, 106 (in Russ.).

6. Bachilo, I.L, Andryushchenko, Ye. A., Antopol’skiy, A.A., et al. The Concept of the Information Code of the Russian Federation / Bachilo, I.L., ed. Moscow, 2014. P. 105 (in Russ.).

7. Carsharing Driver Responsible for Multi-Car Accident on Ligovskiy Was 16 Years Old. He Bought the Account [Online] // Fontanka.Ru. 2019. URL: https://m.fontanka.ru/2019/08/15/019/ (accessed: 20.08.2019) (in Russ.).

8. Decision of the Leninskiy District Court of the City of Tyumen of 10 November 2015 in case No. 2-9870/2015 [Online]. – Available at “ConsultantPlus” legal database (accessed: 20.08.2019); Judicial proceedings and court decisions [Online] // Leninskiy District Court of the City of Tyumen. 2015. URL: https://leninsky--tum.sudrf.ru/modules.php?name=sud_delo&srv_num=1&name_op=doc&number=3473596&delo_id=1540005&new=0&text_number=1 (accessed: 20.08.2019).

9. “Digital Economy of the Russian Federation” program approved by Order of the RF Government No. 1632-r of 28 July 2017. – [Online]. – Available at “ConsultantPlus” legal database (Accessed: 20.08.2019). Note: the document was repealed on 12 February 2019 in connection with the publication of Order of the RF Government No. 195-r of 12 February 2019.

10. Isayeva, N.V. Legal Identity (a Legal Theory Study): Doctor of Legal Sciences Dissertation. 12.00.01 / Nina Valentinovna Isayeva. ? Moscow, 2014 (in Russ.).

11. Naumov, V.B. Negative Patterns of the Formation of the Conceptual Apparatus in the Field of Internet Regulation and Identification // Information Law. 2018. No. 1. P. 32 - 39 (in Russ.).

12. Patient Identification Errors [Online] // The Health Technology Assessment Information Service (HTAIS). 2016. URL: https://www.ecri.org/Resources/HIT/Patient%20ID/Patient_Identification_Evidence_Based_Literature_final.pdf (accessed: 20.08.2019).

13. Naumov, V.B. Scientific Approaches to the Classification of Types of Legal Identification in Information Law Relations // Proceedings of the Institute of State and Law of the Russian Academy of Sciences. 2016. No. 3. P. 104?115 (in Russ.).

14. Naumov, V.B., Braginets, A. Yu. Information Law Aspects of the Remote Identification of Subjects in Financial Services // Information Law. 2016. No. 1. P. 13?19 (in Russ.).

15. Naumov, V.B., Neznamov, A.V. // The Model Convention on Robotics and Artificial Intelligence: Approaches to Identification and Security Issues. In the collection: Dynamics of Information Security Institutions. Legal Challenges. Collection of Research Papers. T.A. Polyakova, V.B. Naumov and E.V. Talapina, ed. 2018. P. 136 (in Russ.).

16. Polyakova, T.A. Digitization and Synergy of Legal Support for Information Security // Information Law. 2019. No. 2. P. 3 (in Russ.).

17. Registered with the Ministry of Justice of Russia on 4 July 2018, No. 51532) [Online]: Order of the Russian Communications Ministry No. 321 of 25 June 2018. – Available at “ConsultantPlus” legal database (accessed: 20.08.2019).

18. Resolution of the 15th Arbitration Court of Appeal of 29 September 2017 and Resolution of the Arbitration Court of the North-Caucasus Circuit of 12 January 2018 No. F08-10440/2017 in case No. À32-28069/2016 [Online]. – Available at “ConsultantPlus” legal database (accessed: 20.08.2019).

19. Resolution of the Arbitration Court of the Urals Circuit of 13 February 2018 in case No. A60-23408/2015 [Online]. – Available at “ConsultantPlus” legal database (accessed: 20.08.2019).

20. Ruling of the Primorsk Kray Court of 5 April 2016 in case No. 33-3158/2016 [Online]. E-filing of procedural documents. (2017). [Online] // Primorsk Kray Court. 2017. URL: https://kraevoy--prm.sudrf.ru/modules.php?name=sud_delo&srv_num=1&name_op=doc&number=8983579&delo_id=5&new=5&text_number=1 (accessed: 20.08.2019).

21. Savel’yev, D.A. On Creating and Using Text of the Russian Federation Corpus of Legal Acts as an Open Dataset // Law. Journal of the Higher School of Economics. 2018. No. 1. P. 26 - 44 (in Russ.). Information about the technology of this project, RusLawOD. URL: https://github.com/irlcode/RusLawOD/

22. State Duma Finds Conflict with the Constitution in Klishas’ New Draft Law [Online] // Interfax. 2019. URL: https://www.interfax.ru/russia/670148 (accessed: 20.08.2019).

23. The Artificial Intelligence Video Interview Act [Online] // General Assembly. 2019. URL: https://legiscan.com/IL/bill/HB2557/2019 (accessed: 20.08.2019).

24. The Commercial Facial Recognition Privacy Act [Online] // Congress. 2019. URL: https://www.congress.gov/bill/116th-congress/senate-bill/847 (accessed: 20.08.2019).

25. Uppit, O. How Services and Social Networks Deal with Accounts of Deceased Users. [Online]: O. Uppit. Company Secret, 2018. URL: https://secretmag.ru/trends/whatsup/kak-servisy-i-socseti-obkhodyatsya-s-akkauntami-umershikh-polzovatelei.htm (accessed: 20.08.2019) (in Russ.).

26. Yarkov, V.V., Rents, I.G. The Validity of the Principles of Notaries in the 21st Century: New Challenges // Law. 2019. No. 7. P. 42 (in Russ.).

Система Orphus

Loading...
Up