Comparison of the Transformation of some Provisions of the Information Legislation of Russia and the EU in the Context of the Cyber Security Conception

Abstract

Introduction. The article discusses the legislative framework in the field of information and cyber security in Russia and the European Union, as well as relevant changes to them. The changes in the legislation of the Russian Federation after the adoption on December 30, 2021 No. 441-FZ “On Amendments to Article 15.3 of the Federal Law “On Information, Information Technologies and Information Protection” and Articles 3 and 5 of the Federal Law “On Amendments to Certain Legislative Acts of the Russian Federation”, as well as Council of Europe Convention 108 for the Protection of Individuals with regard to Automatic Processing of Personal Data (T-PD) of 1981, Protocol amending the Convention for the Protection of Individuals with regard to the Processing of Personal Data, adopted by the Committee of Ministers on its 128th session in Elsinore on 18 May 2018. (Convention 108+), 2021 Guidelines for the Protection of Individuals with regard to the Processing of Personal Data by and for Political Campaigns.Materials and methods. The research materials were compiled by the Federal Law of December 30, 2021 No. 441-FZ “On Amending Article 15.3 of the Federal Law “On Information, Information Technologies and Information Protection” and Articles 3 and 5 of the Federal Law “On Amending Certain Legislative Acts of the Russian Federation ”, Federal Law of July 27, 2006 No. 152 “On Personal Data”, Federal Law “On measures of influence on persons involved in violations of fundamental human rights and freedoms, rights and freedoms of citizens of the Russian Federation” of December 28, 2012 No. 272, Federal Law “On Fundamental Guarantees of Electoral Rights and the Right to Participate in a Referendum of Citizens of the Russian Federation” No. 67-FZ of June 12, 2002, 108 of the Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (T-PD), Convention 108+ and the Guidelines on the Protection of Individuals with regard to the Processing of Personal Data by and for Political Campaigns 2021. The methodological basis of the study was the following general scientific and special methods of cognition of legal phenomena and processes in the field of personal data protection: the method of system-structural analysis; method of synthesis of social and legal phenomena; comparative legal method; formal-logical method.Results of the study. The Russian Federation implements many of the provisions of the Guidelines for the Protection of Individuals with regard to the processing of personal data. However, there are those proposals that are not reflected in Russian laws. In addition, the Guidelines for the Protection of Individuals with regard to the processing of personal data actually allow organizations to transfer data to social networks for advertising, which in Russia can be regarded as a violation of the law.Discussion and conclusion. At the moment, uncertainty remains in connection with the cooperation between Russia and European countries and Russia's withdrawal from the Council of Europe, the ECtHR and the HRC. In the near future, Russia will determine the list of European conventions that no longer meet its national interests, and denounce them. If Convention 108 is not included in this list, then Russia will be able to remain a party to the Convention and, consequently, to related documents. But still, even if the Convention under consideration and related documents are denounced, some of its positive practices can be adapted by Russian legislators and reflected in the Russian Federal Law in a slightly modified form.