Law "On Information". Interesting moments
The work of any "IT specialist" is inextricably linked with the processing of information. However, if you try to ask the same “any IT specialist” for his knowledge of information legislation, the result will most likely be sad. In copyright, this same spherical IT specialist in a vacuum will understand much better. It can be assumed that this lack of interest is due to several reasons.
First, the main “informational” law “On Information, Information Technologies and Protection of Information” is of a declarative nature; it does not establish any responsibility for violations. Since for the majority of non-lawyers the “law” is the “Criminal Code”, it is clear that no one will read it. Secondly, it is written in a rather incomprehensible language, so that even the one who will still be reading, quite possibly, will not master it to the end. In general, this law, although it is fundamental in regulating legal relations connected with information, is rarely read by a few.
Now we will try to conduct our “spherical IT-man in a vacuum” through an “informational” law, highlighting in it the most important.
')
The first question, the answer to which we will find out - what exactly is this “ information ”. Despite the seeming simplicity, the answer to it will not be obvious. This concept is defined in the law (Art. 2) as “information (messages, data) regardless of the form in which they are represented”. Our abstract IT specialist who is used to dividing computer information into “ programs ” and “ data ” will probably be very surprised to find that the law means “information” as “information”. Yes, that is how it is. However, there was also a place for programs in the law. True, indirectly, by introducing into the law the concept of "information technologies": " information technologies are processes, methods of searching, collecting, storing, processing, providing, disseminating information and ways of implementing such processes and methods."
So our “informational” law extends not only to information, but also to how it is processed: “ application of information technologies ” is clearly indicated in its first article as one of the areas of regulation. These “technologies” can include not only software, but generally everything, with the help of which these methods are provided, for example, organizational measures, service rules for processing information, and the like. If you keep this division in mind, reading and understanding the law becomes much easier. In addition, you can notice some pretty important things that are usually skipped. For example, in the third article of the law, describing the basic principles of legal regulation of relations in the information sphere, the last, eighth paragraph goes like this: “the inadmissibility of establishing by regulatory legal acts of any advantages of using certain information technologies over others, if only the obligatory use of certain information technologies for the creation and operation of state information systems is not established by federal laws ".
If you remember that the “technology” includes software, then you can come to the conclusion that in this paragraph it is simply forbidden to require the use of any programs in the subordinate regulatory acts. Such requirements should be contained only in the laws. Many now probably remembered those programs that require the use of various government agencies to exchange data with them. Often the quality of them does not stand up to any criticism: they were written explicitly on the copper money by some hungry students or developers, especially close to the state. In addition, sometimes they are required to pay for them. But the main thing is not this: the requirement to use such software is almost always contained not in the laws, but in resolutions, orders and other bylaws, many of which were passed before the law “On information ...” entered into force. It seems that no one is going to change them.
There is an opposite approach, when the regulatory document describes the data format, and the user is given the right to decide for himself what to process them - the main thing is that these data correspond to the format description. Recently, XML is increasingly being used for this purpose. Of course, this practice can only be welcomed: it is not only more convenient for the end user, but also not against the law. As for the already existing “programs for the delivery of data” and those regulations that require their use, the fight against them promises to drag on. To clear these Augean stables may take a dozen years ...
Another of the most common mistakes that are made when discussing legislation on information is the confusion between “ informational ” and “ copyright ” legal relationships. One of the not-so-harming consequences of this confusion was the massive use in the copyright infringement cases of the “computer” articles of the Criminal Code, which impose responsibility for “unauthorized access to information” ( article 272 ). Let's talk about why this is wrong, as well as about how copyrighted works differ from “information” in general, which are understood as “information”.
Copyright and information law regulate different relationships, they have a completely different subject of regulation. The same file can be considered as a “work”, protected by copyright, and as “information”. Those actions that violate copyright may well be allowed by the law "On Information ...", and vice versa. In the same way, completely different laws can be applied to one person acting in different roles, for violation of which completely different responsibilities are provided. And that in the case of a computer file the same principle applies - this is what they constantly forget about.
Indeed, the law itself “On Information ...” ( Part 2 of Article 1 ) states the following: “The provisions of this Federal Law do not apply to relationships arising from the legal protection of intellectual property and similar means of individualization.” in the fourth part of the Civil Code ( article 1259, paragraph 6 ) states that copyright is not protected by the "reports on events and facts that have purely informational character (daily news, television programs, motion schedule tra Sportna funds, etc.). " Thus, the legislator has explicitly separated the information from the "copyrighted" content. In order for a work to fall under copyright protection, it must exist in some kind of “objective form”. Simply put, to be written, played, drawn, and so on: what you have invented and just keep in your head is not protected by copyright. And it is on the form of the work that this protection applies.
If two people create two different works in which they describe the same facts, neither of them will violate the rights of the other: the reports of the facts can be retold completely unsolicited. Violation will begin only when someone takes someone else's work and begins to process it, retaining the elements of the form (excerpts, or some other parts that can be identified). But the legislation on information applies specifically to its content. This is another important point that must be considered when dealing with both the law “On Information ...” and the fourth part of the Civil Code.
As has already been said, the practice of bringing to criminal responsibility for “piracy” with the simultaneous qualification of actions of a “pirate” under articles of the Criminal Code, providing for liability for unlawful access to information ( article 272 ), has now spread. If so-called “cracks,” that is, programs designed to circumvent copyright protection, are used, then article 273 , implying responsibility for creating and using “computer malware”, can also be imputed. At the same time, “malicious” refers to any programs “capable of harming” someone, although the article itself includes only those that are capable of “unauthorized destruction, blocking, modifying or copying information, disrupting the operation of a computer, computer system”.
Some particularly clever investigators manage to prosecute under article 273 for files with serial numbers. There was even the wording “information harmful for the copyright holder” - this is about “serials”. According to this logic, any change in a work (most often a program) that is not authorized by the copyright holder is not only a violation of copyright, but also “unauthorized access to information”. Meanwhile, the responsibility for the "crack" by law can only be civil, it is provided for in Articles 1299 and 1301 of the Civil Code. Article 272 of the Criminal Code provides for liability for “unlawful access to computer-protected information, that is, information on computer media, in an electronic computer, a computer system, or their network, if this act resulted in the destruction, blocking, modification or copying of information, violation of the computer, computer system or their network. " We will talk about what “access to information” is.
The Law “On Information ...” in the second article defines “information holder” - this is “a person who independently created information or received the right to authorize or restrict access to information determined on some grounds on the basis of a law or contract”. As we see, there can be more than one such “owners”. At the same time, in criminal cases in which articles 272 and 273 are unlawfully applied, the investigation replaces the “holder of information” with the “holder of rights”, that is, the holder of exclusive rights to the work. After that, all actions with this work that are not authorized by the copyright holder are declared “unauthorized”. But, as already mentioned, information legislation does not apply to “intellectual property”. Therefore, even if the "pirate" illegally copied the program, it violated only copyright, but not information law. It will be possible to talk about a crime under Article 272 of the Criminal Code only when our “pirate” starts hacking someone’s computer to copy.
There is one more role in the law “On Information ...”, which is “the operator of an information system ”, which is understood as “a citizen or a legal entity engaged in the operation of an information system, including the processing of information contained in its databases ". If you keep in mind the division into "information" and "information technology", you can notice how it continues in this distribution of roles: "owner" controls the information itself, and "system operator" - its processing, including the use of " information technologies". The division is logical and, most importantly, understandable to our "abstract IT specialist". The thirteenth article of the law “On Information ...” states who is “by default” considered to be an “operator”: “Unless otherwise established by federal laws, the operator of the information system is the owner of the technical information used for processing the information contained in the databases. legally uses such databases, or a person with whom this owner has concluded an agreement on the operation of an information system. ” Simply put, the owner of a computer or other device (that is, the "information system") is legally the "operator" of this "system", and can process all the information that has got into this device. To limit any actions with such information to the operator can only its owner, and if he did not, then all those actions that the "operator" performs on its own computer will be absolutely legitimate.
At the same time, in practice, when “hanging” articles 272 and 273 for copyright infringement, the investigation proceeds from the fact that any actions with information that are not authorized by its owner are considered illegal. This is one of the basic principles of copyright: in a license agreement for the use of a work, all rights that are transferred under such a contract must be explicitly indicated, and those rights that are not indicated are considered not transferred. However, in the information legislation there is no such principle. In accordance with the law, the information owner can only restrict “access” to it, which is understood as “the possibility of obtaining information and using it”. As soon as the user took advantage of this opportunity - everything, “access” ended, the processing of information began. And the penalties for the “unlawful treatment” of the Criminal Code do not provide ...
First, the main “informational” law “On Information, Information Technologies and Protection of Information” is of a declarative nature; it does not establish any responsibility for violations. Since for the majority of non-lawyers the “law” is the “Criminal Code”, it is clear that no one will read it. Secondly, it is written in a rather incomprehensible language, so that even the one who will still be reading, quite possibly, will not master it to the end. In general, this law, although it is fundamental in regulating legal relations connected with information, is rarely read by a few.
Now we will try to conduct our “spherical IT-man in a vacuum” through an “informational” law, highlighting in it the most important.
')
Program and data
The first question, the answer to which we will find out - what exactly is this “ information ”. Despite the seeming simplicity, the answer to it will not be obvious. This concept is defined in the law (Art. 2) as “information (messages, data) regardless of the form in which they are represented”. Our abstract IT specialist who is used to dividing computer information into “ programs ” and “ data ” will probably be very surprised to find that the law means “information” as “information”. Yes, that is how it is. However, there was also a place for programs in the law. True, indirectly, by introducing into the law the concept of "information technologies": " information technologies are processes, methods of searching, collecting, storing, processing, providing, disseminating information and ways of implementing such processes and methods."
So our “informational” law extends not only to information, but also to how it is processed: “ application of information technologies ” is clearly indicated in its first article as one of the areas of regulation. These “technologies” can include not only software, but generally everything, with the help of which these methods are provided, for example, organizational measures, service rules for processing information, and the like. If you keep this division in mind, reading and understanding the law becomes much easier. In addition, you can notice some pretty important things that are usually skipped. For example, in the third article of the law, describing the basic principles of legal regulation of relations in the information sphere, the last, eighth paragraph goes like this: “the inadmissibility of establishing by regulatory legal acts of any advantages of using certain information technologies over others, if only the obligatory use of certain information technologies for the creation and operation of state information systems is not established by federal laws ".
If you remember that the “technology” includes software, then you can come to the conclusion that in this paragraph it is simply forbidden to require the use of any programs in the subordinate regulatory acts. Such requirements should be contained only in the laws. Many now probably remembered those programs that require the use of various government agencies to exchange data with them. Often the quality of them does not stand up to any criticism: they were written explicitly on the copper money by some hungry students or developers, especially close to the state. In addition, sometimes they are required to pay for them. But the main thing is not this: the requirement to use such software is almost always contained not in the laws, but in resolutions, orders and other bylaws, many of which were passed before the law “On information ...” entered into force. It seems that no one is going to change them.
There is an opposite approach, when the regulatory document describes the data format, and the user is given the right to decide for himself what to process them - the main thing is that these data correspond to the format description. Recently, XML is increasingly being used for this purpose. Of course, this practice can only be welcomed: it is not only more convenient for the end user, but also not against the law. As for the already existing “programs for the delivery of data” and those regulations that require their use, the fight against them promises to drag on. To clear these Augean stables may take a dozen years ...
Form and content
Another of the most common mistakes that are made when discussing legislation on information is the confusion between “ informational ” and “ copyright ” legal relationships. One of the not-so-harming consequences of this confusion was the massive use in the copyright infringement cases of the “computer” articles of the Criminal Code, which impose responsibility for “unauthorized access to information” ( article 272 ). Let's talk about why this is wrong, as well as about how copyrighted works differ from “information” in general, which are understood as “information”.
Copyright and information law regulate different relationships, they have a completely different subject of regulation. The same file can be considered as a “work”, protected by copyright, and as “information”. Those actions that violate copyright may well be allowed by the law "On Information ...", and vice versa. In the same way, completely different laws can be applied to one person acting in different roles, for violation of which completely different responsibilities are provided. And that in the case of a computer file the same principle applies - this is what they constantly forget about.
Indeed, the law itself “On Information ...” ( Part 2 of Article 1 ) states the following: “The provisions of this Federal Law do not apply to relationships arising from the legal protection of intellectual property and similar means of individualization.” in the fourth part of the Civil Code ( article 1259, paragraph 6 ) states that copyright is not protected by the "reports on events and facts that have purely informational character (daily news, television programs, motion schedule tra Sportna funds, etc.). " Thus, the legislator has explicitly separated the information from the "copyrighted" content. In order for a work to fall under copyright protection, it must exist in some kind of “objective form”. Simply put, to be written, played, drawn, and so on: what you have invented and just keep in your head is not protected by copyright. And it is on the form of the work that this protection applies.
If two people create two different works in which they describe the same facts, neither of them will violate the rights of the other: the reports of the facts can be retold completely unsolicited. Violation will begin only when someone takes someone else's work and begins to process it, retaining the elements of the form (excerpts, or some other parts that can be identified). But the legislation on information applies specifically to its content. This is another important point that must be considered when dealing with both the law “On Information ...” and the fourth part of the Civil Code.
Access and handling
As has already been said, the practice of bringing to criminal responsibility for “piracy” with the simultaneous qualification of actions of a “pirate” under articles of the Criminal Code, providing for liability for unlawful access to information ( article 272 ), has now spread. If so-called “cracks,” that is, programs designed to circumvent copyright protection, are used, then article 273 , implying responsibility for creating and using “computer malware”, can also be imputed. At the same time, “malicious” refers to any programs “capable of harming” someone, although the article itself includes only those that are capable of “unauthorized destruction, blocking, modifying or copying information, disrupting the operation of a computer, computer system”.
Some particularly clever investigators manage to prosecute under article 273 for files with serial numbers. There was even the wording “information harmful for the copyright holder” - this is about “serials”. According to this logic, any change in a work (most often a program) that is not authorized by the copyright holder is not only a violation of copyright, but also “unauthorized access to information”. Meanwhile, the responsibility for the "crack" by law can only be civil, it is provided for in Articles 1299 and 1301 of the Civil Code. Article 272 of the Criminal Code provides for liability for “unlawful access to computer-protected information, that is, information on computer media, in an electronic computer, a computer system, or their network, if this act resulted in the destruction, blocking, modification or copying of information, violation of the computer, computer system or their network. " We will talk about what “access to information” is.
The Law “On Information ...” in the second article defines “information holder” - this is “a person who independently created information or received the right to authorize or restrict access to information determined on some grounds on the basis of a law or contract”. As we see, there can be more than one such “owners”. At the same time, in criminal cases in which articles 272 and 273 are unlawfully applied, the investigation replaces the “holder of information” with the “holder of rights”, that is, the holder of exclusive rights to the work. After that, all actions with this work that are not authorized by the copyright holder are declared “unauthorized”. But, as already mentioned, information legislation does not apply to “intellectual property”. Therefore, even if the "pirate" illegally copied the program, it violated only copyright, but not information law. It will be possible to talk about a crime under Article 272 of the Criminal Code only when our “pirate” starts hacking someone’s computer to copy.
There is one more role in the law “On Information ...”, which is “the operator of an information system ”, which is understood as “a citizen or a legal entity engaged in the operation of an information system, including the processing of information contained in its databases ". If you keep in mind the division into "information" and "information technology", you can notice how it continues in this distribution of roles: "owner" controls the information itself, and "system operator" - its processing, including the use of " information technologies". The division is logical and, most importantly, understandable to our "abstract IT specialist". The thirteenth article of the law “On Information ...” states who is “by default” considered to be an “operator”: “Unless otherwise established by federal laws, the operator of the information system is the owner of the technical information used for processing the information contained in the databases. legally uses such databases, or a person with whom this owner has concluded an agreement on the operation of an information system. ” Simply put, the owner of a computer or other device (that is, the "information system") is legally the "operator" of this "system", and can process all the information that has got into this device. To limit any actions with such information to the operator can only its owner, and if he did not, then all those actions that the "operator" performs on its own computer will be absolutely legitimate.
At the same time, in practice, when “hanging” articles 272 and 273 for copyright infringement, the investigation proceeds from the fact that any actions with information that are not authorized by its owner are considered illegal. This is one of the basic principles of copyright: in a license agreement for the use of a work, all rights that are transferred under such a contract must be explicitly indicated, and those rights that are not indicated are considered not transferred. However, in the information legislation there is no such principle. In accordance with the law, the information owner can only restrict “access” to it, which is understood as “the possibility of obtaining information and using it”. As soon as the user took advantage of this opportunity - everything, “access” ended, the processing of information began. And the penalties for the “unlawful treatment” of the Criminal Code do not provide ...
Source: https://habr.com/ru/post/108578/
All Articles