Regulation of main law areas by models of information security of enterprises in Ukraine

Regulation of main law areas by models of information security of enterprises in Ukraine

Ключевые слова

Аннотация научной статьи по СМИ (медиа) и массовым коммуникациям, автор научной работы — Lysenko Serhiі Oleksiyovych

The article examines approaches to the regulation of the major law areas by models of information security of enterprises in Ukraine, outlines individual components of information security of the enterprise, analyses information legislation in the field of enterprise activity.

UDC 340:659.4.327.88 (477)

UDC 340:659.4.327.88 (477)

Serhii Oleksiyovych Lysenko,

PhD in Law, Associate professor, Associate professor of the Department of Security Management and Law Enforcement and AntiCorruption Activities, Interregional Academy of Personnel Management, Ukraine, 03039, Kyiv, Str. Frometivska, 2, (044) 490 95 00, e-mail: [email protected]

ORCID: 0000-0002- 7050-5536

Abstract. The article examines approaches to the regulation of the major law areas by models of information security of enterprises in Ukraine, outlines individual components of information security of the enterprise, analyses information legislation in the field of enterprise activity.

Keywords: information law, information security, information security system, information relations, legal security, enterprise security, information security models.


Target setting. Information security of enterprises as part of information law in Ukraine, is a set of legal norms that regulate social relations in the field of information safety, building and use of information resources, establishment and operation of information systems in order to secure the information needs of citizens, businesses, state and society [1].

Analysis of recent research and publications. Among the scientists who deal with this subject, it is advisable to outline the following: I. Behyshev, L. Zadorozhna, M. Koval, B. Bryzhko, V. Tsymbalyuk, D. Dovhal, B. Kor-mich, G. Vinogradov, V. Zarosylo, E. Skoolysh, A. Maruschak, G. Kalyu-zhny V. Lipkan A. Podolyaka, N. Ban-chuk A. Movchan, I. Aristova and others.

At the same time, some issues of information security remain unsolved.

The purpose of the article is to study approaches to the basic regulation of branches of law by models of information security of enterprise in Ukraine.

The statement of basic materials. Since information is the subject of interaction in several spheres of law, the specific rules of information law contain provisions of both civil, financial and business law that govern civil, financial and business relationships.

So, given the complex nature of information security in general, we can conclude that it is the subject of social relations that arise, change and stop when information security is secured in the information sector as a result of information processes.

That information processes are the principal in defining which specific branch of law should be used during certain relations. But in our days, goes on the systematization of rules in diffe-

rent areas of law that are drafted to regulate information relations. The same is referred to the enterprise information security.

Some scientists consider information security as an institution of information law. They believe that the category "institute of law" serves as communication of standards of specific areas of law with real relationships, implemented in certain areas due to the methods and forms of influence on the behavior of participants of relations. In this, Institute of Information Security refers to the general legal institutions of information law [2].

Other experts consider law in the field of information security a subsec-tor of information law, which is set of legal rules that regulate public relations for the protection of national interests, vital interests of the individual, society and state in a balanced way, in the information sphere from internal and external threats. Accordingly, the subject here is information security, and the object is public relations related to its provision [3].

This viewpoint leads to the conclusion that legislation in the field of information security ensuring is the sub-sphere of information legislation that includes various legal institutions [4]. The legislation in the field of information security and are used restrictively-prohibitive methods. This is typical of the legal norms contained in the administrative and criminal law [5].

A number of regulations which form the legal ensuring of information security, develop legal mechanisms that regulate social relations associated with other fields of law, including such basic areas as constitutional, civil, ad-

ministrative and criminal law. The assignment of these rules to the information law separates them from the basic spheres, that creates difficulties for development first of all of the information law because it involves the subject of relationships that are not directly related to the information [6].

It is logical to think that the legal provision of the information security is based on the totality of institutions and norms of information, constitutional, civil, administrative and criminal law that regulate relations in the sphere of countering threats for facilities in the information sector. [7]

Taking this view as a basis, we propose to consider the individual components of information security of enterprises to fully understand the pattern of research.

Constitutional and legal component of information security companies is stipulated by the necessity to guarantee the implementation of information constitutional rights and freedoms of citizens, employees who have were further developed in other legislations. At the same time, the necessary to determine the rights and obligations of legal entities and foreigners for free flow of information and intellectual property, which is already rotating in Ukraine [10].

Civil-legal component of the enterprises information security is due to the fact that most of the information rights and freedoms is implemented in the civil turnover of information. This are property rights and ownership right of information resources in the information field. Now is the time to develop contractual information sphere, that will allow foreign investors and professionals to freely and legally

provide information about technology and inventions for national producers. Friendly and modern civil component will encourage the development of national science and maintain intellectual potential in our country [10].

Administrative and legal component of information security of enterprises is due to the necessity of government management of information processes of formation and use of state information resources, their use by entities, the creation and use of state information systems and their software and hardware tools for information security. A similar sense acquires the need for administrative regulation of information relations in enterprises of any form of ownership. Information security of enterprises is also a system that must be managed and build relationships. The regulation of relations between the company management, owners and subjects of information security should be regulated by certain standards that may be fixed in certain laws and enterprise regulations [11].

Criminal legal component of information security of enterprises is preconditioned by the need to counteract to illegal encroachment in the information sector in enterprises of different ownership forms. Granting certain rights and obligations in the sphere of information should be compensated by corresponding deterrent levers. Abuse, embezzlement, illegal use of the information etc., which is an intangible object, must be deterred by creating a number of responsibilities. Responsibility for infringements in the information sector should range from disciplinary and civil to administrative and criminal. This criminal liability may occur for the same actions

as in the penal and administrative cases, but depending on the severity of arisen consequences and losses [11].

Information-legal activities of any enterprise that is carried out in the information relations process is aimed at collecting and processing the information, its evaluation, decision making, creating software etc. In this activity are resolved goals and objectives of legal regulation, and in case of breach of information legislation, are taken measures of administrative and criminal nature [8]. In this case, information legislation is represented by international treaties ratified by the Verkhovna Rada of Ukraine. A great part of rather important and modern treaties are not implemented in Ukraine. Some are reflected in national laws, but changed and distorted in the process of editing, so they cannot stimulate the development of certain information relations in Ukraine. Therefore, the goal is to bring all the achievements of the modern world in this area into line with national legislation.

It should be emphasized that the mentioned legislation framework does not quite correspond to the general legal approach. Information legislation was not declared as an independent branch, but just as part of administrative law. Although there are several small law branches directly connected to the information circulation, but are not part of it, such as patent law or media legislation. On the other hand, information security has always been regarded as a part of national security. Thus, the law on information security due to its specificity is already a legislation branch dealing with information safety, and can combine the rules

contained in the regulations of other branches of law [9].

As part of international cooperation, information security is used in international agreements and decisions ratified in Ukraine. Due to the fact that the main feature of information security is its complex and international nature, the source of information law can be divided into: international legal regulations; Constitution of Ukraine; regulations that are part of information law, and regulations of other branches of law [3].

Conclusions. After analyzing the normative system of information security and applicable law, we can state that the vast majority of legal sources for the information security of enterprises are the regulations of different areas of law. Therefore, to protect their information the enterprises of Ukraine need to systematize all norms in this area. Alternatively, a specific scheme for the use of existing rules on which will be created corporate standards. One of the possible solutions could be the introduction of some models of information security of enterprises, that will combine certain administrative procedures of election law.


