LEGAL APPROACHES TO ENSURING INFORMATION SECURITY IN
UZBEKISTAN
Saidova Nigina Sirojiddin qizi Master,
Faculty of International Law University of
World Economy and Diplomacy E-mail:
Sdvangn21 @gmail.com
Annotation.
This article is about information security and its legal
approaches to the territory of Uzbekistan. Also, the article covers the legal
documents within the framework of information security and the legal
documents in them aimed at cybercrime and the opinions on compliance
with international standards.
Key words:
Information security, cybercrime, international
standards, world community, legislation, legal approaches, citizen
information, control system, Information Security Policy.
Nowadays, it is possible to observe the development of the
exchange of information at the highest level during the period of
globalization. In the dissemination of this information, information security
is considered important, which means that the confidential and necessary
information of a certain committee or society is not disseminated, and the
prevention of cybercrimes has become an important task of the present
era. Information security represents the protection of the political image of
the state. With the help of information, the achievements and successes of
the state are communicated to the world community, which alleviates and
strengthens existing problems.[1]Information security in the political
process is one of the most important issues today.
Information security is the practice of preventing unauthorized
access, use, disclosure, disruption, alteration, exploration, recording, or
483
484
destruction of information. This universal concept applies regardless of the
form of data. The main goal of information security is to protect the
confidentiality, integrity and availability of information in a balanced way,
taking into account the appropriateness of the application and without any
harm to the organization's activities.[4] This is achieved primarily through a
multi-step risk management process that identifies fixed assets and
intangible assets, threat sources, vulnerabilities, potential impacts and
existing risk management opportunities. This process is carried out in
conjunction with an assessment of the effectiveness of the risk
management plan.
Opinions on information security must be relevant to the interests of
the day. Because today the whole world community is constantly living with
the paradigms of the information society based on the introduction of new
information technologies in politics. In the Republic of Uzbekistan, the
Internet covers a wide range of people and connects the country to the
world information space[2]. Information technology has turned information
into a driving force that has played a decisive role in the development of
the modern world. The latest media can have both negative and positive
consequences. How important it is to use them for national interests.
Essentially, modern mass media develop in the interests of great powers.
Information security means the protection of important data base, the main
measure to be implemented is first of all the legal procedure, although the
measures taken based on it are considered effective. Information security
is compared with the peace and well-being of society, so it is natural that
there are serious directions in this regard.
A systematic approach to the description of information security
suggests distinguishing the following components of information
security:[3]
485
Each component of information security is discussed in detail in this
section above.
The following legal norms of the Constitution of the Republic of
Uzbekistan constitute the legal basis of the first direction of legal provision of
information security. Article 29of the Constitution of the Republic of
Uzbekistan:“Everyone has the right to freedom of thought, speech and belief.
Everyone has the right to seek, receive and disseminate the information they
want, except for information directed against the current constitutional system
and other restrictions established by law.” Article 67of the Constitution of the
Republic of Uzbekistan:“The media is free and operates according to the law.
They are responsible for the correctness of the information. Censorship is not
allowed.” Responsibility for disseminating low-quality information and
violating the procedure for disseminating information is provided for in the
Criminal Code of the Republic of Uzbekistan. These are: slander (Article
139), insult (Article 140), propaganda of war (Article 150), inciting national,
racial or religious enmity (Article 156), constitutional violation of the Republic
of Uzbekistan incitement to attack the system (Article 159), violation of
information regulations (Article 174), unlawful collection of information, its
disclosure or use (Article 191), preparation or distribution of pornographic
regulatory and
scientific basis.
The structure and
tasks of the
departments that
nsure IT security.
Organiza
• Organizational,
technical and
regulatory
measures and
methods
_______________
information
486
material (Article 130 Article), discrediting a competitor (Article 192),
intentionally concealing or distorting information about environmental
pollution (Article 194).[6]
Cyber security measures are implemented in Uzbekistan on the basis
of international standards, including the Law of The Republic of Uzbekistan
on Cyber Security Article 4 outlines the main principles of ensuring Cyber
Security:
•
Legality;
•
The priority of protecting the interests of the individual, society
and the state in cyberspace;
•
Unified approach to cyber security regulation;
•
The priority of the participation of local manufacturers in the
creation of a cyber security system;
•
Openness of the Republic of Uzbekistan to international
cooperation in ensuring cyber security.[7]
It is necessary to pay attention to the fact that protection against the
influence of low-quality information is mainly defined in the legal documents
on mass media and the norms of the Criminal Code of the Republic of
Uzbekistan. The legal basis of the second direction of information security is
the following:
• Citizen information (personal information), except for information
that must be distributed in mass media in the cases established by law;
• Information that constitutes the secrets of the investigation and
hearing of the case in court;
• Information about the service, the use of which is limited by the state
authorities in accordance with the Civil Code and laws of the Republic of
Uzbekistan (medical, notary, lawyer secrets, correspondence, telephone
conversations, postal shipments, telegraphic messages or other messages,
487
etc.);
• In accordance with the Civil Code and laws of the Republic of
Uzbekistan, the use of which is limited by state authorities, related to
commercial activities (trade secrets);
• Information about the essence of the discovery, utility model or
production sample, until the information about them is officially announced.
State authorities and organizations responsible for the formation and use of
information resources that must be protected, as well as offices and
organizations that develop and use information systems and information
technologies for the formation and use of restricted information resources in
their activities They follow the laws of the Republic of Uzbekistan.
The implementation of the requirements for the protection of
information in non-state structures and the control of the use of special
software and technical protection tools, as well as ensuring the
implementation of organizational measures for the protection of information
systems that process information with limited access are carried out by state
authorities. Control is carried out in accordance with the procedure
established by the Government of the Republic of Uzbekistan. Organizations
that process information that is considered state property and use is
restricted establish special services that ensure information protection.
The owner of information resources or persons authorized by him
have the right to control the fulfillment of the requirements for the protection
of information, to prohibit or suspend the processing of information in case of
non-fulfillment of these requirements. The owner or possessor of the
documented information has the right to apply to the state authorities for an
assessment of the correct fulfillment of the norms and requirements for the
protection of their information in the information systems. The relevant bodies
are determined by the government of the Republic of Uzbekistan. These
bodies are subject to conditions of confidentiality of information and
488
investigation results. The law "On Information" defines the rights and
obligations of subjects in the field of information protection.[5] The owner of
documents, sets of documents and information systems or persons
authorized by him shall provide information to the user at the time, place and
instructions of the responsible officials, as well as the order of necessary
procedures. The owner of information resources or persons authorized by
him shall protect information that has the right to control the fulfillment of the
requirements, to prohibit or suspend the processing of information in case of
non-fulfillment of these requirements. The owner or possessor of the
documented information has the right to apply to the state authorities for an
assessment of the correct fulfillment of the norms and requirements for the
protection of their information in the information systems. The relevant bodies
are determined by the government of the Republic of Uzbekistan. These
bodies are subject to conditions of confidentiality of information and
investigation results. The law "On Information" defines the rights and
obligations of subjects in the field of information protection.[5] The owner of
documents, sets of documents and information systems or the persons
authorized by him shall define the order of providing information to the user
and the necessary procedures, specifying the time and place of providing
information to the user and the responsible officials, and shall ensure the
conditions for the use of information by users. The owner of documents, sets
of documents and information systems ensures the level of information
protection in accordance with the laws of the Republic of Uzbekistan. The
risk associated with the use of non-certified information systems and means
of providing them is borne by the owner of these systems and means. The
risk associated with the use of information obtained from an uncertified
system is borne by the user of the information[5]. The owner of documents
sets of documents and information systems may request an analysis of the
annuality of measures to protect their information resources and systems, as
well as turn to organizations that carry out certification of information systems
489
and information resources protection tools for advice.
Legal methods of ensuring information security include regulatory and
legal documents, ensuring information security on relations in the field of
regulation and strengthening and informational and procedural regulatory
documents, etc.
Creating a legal framework for information security in Uzbekistan is
more important than ever. Because, it can provide regional information
security structures. On the other hand, the use of organizational, technical
and economic methods to ensure information security in Uzbekistan consists
of:
•
creation and improvement of the information security system;
•
establishing a system and means of processing biased
information, preventing the growth of national thinking and unstable ideas in
the mind;
•
considering information protection tools, license for activities in
the field of state secrets protection, compliance of information protection
methods and tools.[8]
In conclusion, information security is one of the important tasks of
every country, which is regulated on the basis of relevant legal documents;
measures are implemented on the basis of international standards. As
information security means the security of the country, it is natural that regular
actions should be taken. Implementation of information protection
requirements in structures and control of the use of special software and
technical protection means, as well as ensuring the implementation of
organizational measures for the protection of information systems are carried
out by state bodies. Control is carried out in accordance with the procedure
established by the Government.
490
REFRENCES:
1. Alimov B., Ijtimoiy tarmoqlar va ularning mamlakat imijini
shakllantirishdagi o‘rni//Hurriyat, 2014 yil, 30 iyul, №31 - 887p
2. Buranov L.,
Internet madaniyat tushunchasi va uning
ahamiyati//Hurriyat, 2014 yil, 22 oktabr, №43 -899p.
3. Domarev V. V. "Security of information technology. Sistemnyy
podkhod" (ru) (deadlink). www.security.ukrnet.net. May 10, 2013 K.: OOO
TID Dia Soft, 2004. - 992 p.
4. https://uz.wikipedia.org/wiki/Axborot_xavfsizligi
5. https://www.coursehero.com/file/pemba2n/Axborot-xavfsizligini-
huquqiy-taminlashning-birinchi-yonalishining-huquqiy/
6. O‘zbekiston
Respublikasining
Qonuni
"Kiber
xavfsizlik
To'g'risida" 15.04.2022 yildagi O‘RQ-764-son
7. O’zbekiston Respublikasi Konstitutsiyasi.1992 (2023)
8. Q‘zbekiston Respublikasi Prezidentining 2021 yil 29 apreldagi
PQ-5097-sonli qarori.
9. Исраилова, Зарина. "Обзор развития избирательного
законодательства Республики Узбекистан." in Library 22.4 (2022): 1127-
1130.