Информационные технологии интеллектуальной поддержки принятия решений, Информационные технологии интеллектуальной поддержки принятия решений 2018

Размер шрифта: 
Legal regulation of privacy data protection
V. I. Vasilyev, V. V. Sagitova

Изменена: 2019-11-02

Аннотация


The problem of privacy data (PD) protection with account of their specifics is considered. The state-of-art of legal regulation in the field of PD protection in different countries is analyzed. The requirements to PD protection established by law and normative documents of Federal Service for Technical and Export Control (FSTEC) and Federal Security Service (FSS) of Russia are considered. The main changes of legislation in the field of PD protection are analyzed.

Ключевые слова


data protection; privacy protection; security policy

Литература


1.            On privacy data: The Russian Federation Federal Law, dated of July 27, 2006 № 152-FL (with changes from 29.07.2017) [Electronic resource] URL: http://ivo.garant.ru/#/document/12148567:0 (the date of visit 14.09.2017). (In Russian).

2.            Infowatch analytical center reference on privacy data leaks which citizens voluntary provide to organizations [Electronic resource] URL: https://www.infowatch.ru/analytics/leaks_monitoring/18095 (the date of visit 14.09.2017). (In Russian).

3.            Privacy Act of 1974:  United States Federal Law, dated of December 31, 1974 [Electronic resource] URL: https://www.justice.gov/opcl/file/844481 (the date of visit 14.09.2017). (In English).

4.            Privacy Protection Act of 1980:  United States Federal Law [Electronic resource] URL: https://www.justice.gov/usam/criminal-resource-manual-661-privacy-protection-act-1980 (the date of visit 14.09.2017). (In English).

5.            Convention for the protection of individuals with regard to automatic processing of privacy data: Europe Council Convention, dated of January 28, 1981 [Electronic resource] URL: http://www.conventions.ru/view_eng.php?id=1097 (the date of visit 14.09.2017). (In English).

6.            Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG): Germany Federal Law, dated of January 14, 2003 [Electronic resource] URL:http://www.gesetze-im-internet.de/englisch_bdsg (the date of visit 14.09.2017). (In English).

7.            Information Technology, Data Files and Civil Liberty: France Federal Law, dated of January  6, 1978 (with changes from 17.03.2014)  [Electronic resource] URL:https://www.cnil.fr/sites/default/files/typo/document/Act78-17VA.pdf (the date of visit 14.09.2017). (In English).

8.            Privacy Act 1988:  Australian Law [Electronic resource] URL: https://www.oaic.gov.au/privacy-law/privacy-act/(the date of visit 14.09.2017). (In English).

9.            On approval of the regulations on the peculiarities privacy data processing, carried out without the use of automation facilities : The Russian Federation Government Decree № 687// Rossiyskaya gazeta, 2008. (In Russian).

10.          On the approval of requirements for material carriers of biometric privacy data and technologies for storing such data outside privacy data information systems : The Russian Federation Government Decree № 512// Rossiyskaya gazeta, 2008. (In Russian).

11.          On confirmation of requirements to privacy data protection under their processing in privacy data information systems : The Russian Federation Government Decree № 1119// Rossiyskaya gazeta, 2012. (In Russian).

12.          On approval of the list of measures to ensure the fulfillment of the duties provided for by the Federal Law "On privacy data" and regulatory acts adopted in accordance with it, operators that are state or municipal bodies” : The Russian Federation Government Decree № 211// Rossiyskaya gazeta, 2012. (In Russian).

13.          The methods to define actual security threat to privacy data when the data is processed in privacy data information systems [Electronic resource] : Method. document : [stated by FSTEC of Russia February 14, 2008] URL: http://fstec.ru (the date of visit 14.09.2017). (In Russian).

14.          The basic model of privacy data security threats that appear when privacy data are processed in information systems [Electronic resource]. : Method. document : [stated by FSTEC of Russia 2008] URL: http://www.zki.infosec.ru (the date of visit 14.09.2017). (In Russian).

15.          On approval of the composition and content of organizational and technical measures to ensure the security of privacy data during their processing in the information system of privacy data : [stated by FSTEC of Russia February 18, 2013] URL: http://fstec.ru/normotvorcheskaya/akty/53-prikazy/691 (the date of visit 14.09.2017). (In Russian).

16.          On approval of the composition and content of organizational and technical measures to ensure privacy data protection when processing them in privacy data information systems using the cryptographic information security necessary to fulfill the requirements set by the Russian Federation government for personal data protection  for each of the protection levels : [stated by FSS of Russia July 10, 2014] URL: http://base.garant.ru/70727118/ (the date of visit 14.09.2017). (In Russian).

17.          Code of the Russian Federation on administrative offenses (with changes from 29.07.2017) [Electronic resource] URL: http://koapkodeksrf.ru/ (the date of visit 14.09.2017). (In Russian).

 

18.          Information security providing of Banking System Organizations of the Russian Federation : STO BR IBBS-1.0-2014, dated of May 17, 2014 [Electronic resource] URL: http://www.cbr.ru/credit/Gubzi_docs/st-10-14.pdf (the date of visit 14.09.2017). (In Russian).

19.          Doctrine of information security of the Russian Federation : The Russian Federation Doctrine, dated of December 5, 2016 [Electronic resource] URL: https://rg.ru/2016/12/06/doktrina-infobezobasnost-site-dok.html (the date of visit 14.09.2017). (In Russian)