Information Security and the Application of Cloud Services by State Bodies

  • Ludmila Tereshchenko Institute of Legislation and Comparative Law under the Government of the Russian Federation
DOI: https://doi.org/10.17323/2072-8166.2014.1.129.139
Keywords: cloud technologies, state government bodies, cloud service provider, transborder data transmission, limitations in using cloud services, information security

Abstract

The paper studies the issues related to applying cloud technologies in state administration. Though cloud technologies are not in active use in this country, the tendency of widening its application is evident. Program documents have been adopted to envisage national platforms of cloud services. Currently, cloud services of foreign providers are being used, which raises issues related to information security and the possibility to apply them by state and municipal bodies. The current legislation is being analyzed in the view of the current limitations in the use of cloud technologies in state administration. The author concludes that the current legislation does not impose any direct bans against the possibility of applying cloud technologies but the bans and restrictions may be related to a certain kind of information: state secret, confidential information, types of secrets, obligation of parties to obtain a written permission of the other party to transfer the information to a third party. Hence, prohibition of cloud services of Russian state and municipal organs, other organizations involving state and local authorities may affect the character of the processed information and the legal regime set for it. Applying cloud technologies is justified by a number of contracts with various degrees of control over the processed and stored in the clouds information, which influences the decision on applying clouds. One of the causes why cloud calculations may be restricted in use relates primarily to transferring some functions to a clouds provider and thus loss of control over own data. The user does not always have enough and reliable information to assess the security of the cloud technologies used by the provider, guarantees to keep this information and ensure the control over maintaining this regime of information.

Author Biography

Ludmila Tereshchenko, Institute of Legislation and Comparative Law under the Government of the Russian Federation

Deputy Head of the Department of Administrative Legislation and Process, Institute of Legislation and Comparative Law under the Government of the Russian Federation, Doctor of Juridical Sciences, Honoured Lawyer of the Russian Federation. E-mail: adm2@izak.ru

References

Ukaz Prezidenta Rossiyskoy Federatsii ot 17.03.2008 № 351 «O merakh po obespecheniyu informatsionnoy bezopasnosti Rossiyskoy Federatsii pri ispol'zovanii informatsionno-telekommunikatsionnykh setey mezhdunarodnogo informatsionnogo obmena». SZ RF, 24.03.2008, N 12, st. 1110.

Postanovlenie Pravitel'stva RF ot 20.08.2013 g. № 719 «O gosudarstvennoy informatsionnoy sisteme gosudarstvennogo nadzora v sfere obrazovaniya» «Sobranie zakonodatel'stva RF», 26.08.2013, N 34, st. 4448.

Postanovlenie Pravitel'stva RF ot 09.08.2013 G. № 681 «O Gosudarstvennom Ekologicheskom Monitoringe (Gosudarstvennom Monitoringe Okruzhayushchey Sredy) i Gosudarstvennom Fonde Dannykh Gosudarstvennogo Ekologicheskogo Monitoringa (Gosudarstvennogo Monitoringa Okruzhayushchey Sredy)». «Sobranie zakonodatel'stva RF», 19.08.2013, N 33, st. 4383.

Postanovlenie Pravitel'stva RF ot 10.07.2013 g. № 583 «Ob obespechenii dostupa k obshchedostupnoy informatsii o deyatel'nosti gosudarstvennykh organov i organov mestnogo samoupravleniya v informatsionno-telekommunikatsionnoy seti Internet v forme otkrytykh dannykh». SZ RF, 29.07.2013, N 30 (chast' II), st. 4107.

Postanovlenie Pravitel'stva RF3 ot 02.09.2010 № 671 «O poryadke formirovaniya gosudarstvennogo zadaniya v otnoshenii federal'nykh gosudarstvennykh uchrezhdeniy i finansovogo obespecheniya vypolneniya gosudarstvennogo zadaniya» «Sobranie zakonodatel'stva RF», 13.09.2010, N 37, st. 4686.

Postanovlenie Pravitel'stva RF ot 04.02.2013 № 80 «Ob utverzhdenii Polozheniya o poryadke dostupa k informatsii, soderzhashcheysya v gosudarstvennoy informatsionnoy sisteme toplivno-energeticheskogo kompleksa». «Sobranie zakonodatel'stva RF», 11.02.2013, N 6, st. 560.

Rasporyazhenie Pravitel'stva Rossiyskoy Federatsii № 1815-r «O gosudarstvennoy programme Rossiyskoy Federatsii «Informatsionnoe obshchestvo» (2011-2020 gody) SZ RF. 2010. № 46. St. 6026.

Rasporyazhenie Pravitel'stva Rossiyskoy Federatsii ot 20 oktyabrya 2010 g. № 1815-r «O gosudarstvennoy programme Rossiyskoy Federatsii «Informatsionnoe obshchestvo (2011-2020 gody)» SZ RF. 2010. № 46. St. 6026.

Kontseptsiya sozdaniya edinoy informatsionnoy sistemy v sfere zdravookhraneniya i programmakh modernizatsii zdravookhraneniya na 2011-2012 gody, utverzhdena prikazom Minzdravsotsrazvitiya ot 28 aprelya 2011 g. № 364. Byulleten' trudovogo i sotsial'nogo zakonodatel'stva RF. 2011. № 7.

Published
2014-02-14
How to Cite
TereshchenkoL. (2014). Information Security and the Application of Cloud Services by State Bodies. Law. Journal of the Higher School of Economics, (1), 129-139. https://doi.org/10.17323/2072-8166.2014.1.129.139
Issue
No 1 (2014)
Section
Russian Law: Condition, Perspectives, Commentaries

Copyright (c) 2014 Law Journal of the Higher School of Economics

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Crossref
Scopus
Google Scholar
Europe PMC