Digital sovereignty and the security of citizens: legal models

6 September 2024

Digital sovereignty and the security of citizens: legal models

For any state, the protection of personal data is becoming central to ensuring digital sovereignty. In order to achieve this, it is vital to develop a comprehensive set of tools to counter cyber fraud. At the same time, internet regulation should aim to drive positive change and improve cybersecurity skills among the public at large. Taking such steps will help protect personal data and ensure digital sovereignty for individuals, businesspeople, and the state alike. That was the conclusion reached at a session entitled Digital Sovereignty and the Security of Citizens: Legal Models, which took place as part of the Eastern Economic Forum (EEF).

KEY CONCLUSIONS

All the prerequisites are in place for Russia to attain digital sovereignty in the near future

“We must move from a protective and prohibitive regulatory framework to one that stimulates or innovates. <…> A regulatory system has already been established in Russia with regard to digital platforms and what we call the data economy. There is antimonopoly regulation, and protection of consumer and user rights, which also applies to users of digital platforms. There are specific regulations that directly concern the innovative platforms, ecosystems, and solutions available online. Importantly, companies operating in Russia are increasingly developing self-regulation practices,” Sergey Plugotarenko, General Director, Digital Economy.

“Sovereignty is about independence, the ability to manage one’s property in the traditional sense. In the context of our discussion, it means being able to manage one’s data. <...> There has been much discussion today concerning data leaks. Since 2020, we have been strictly monitoring all leaks that appear in private channels and the public domain. To date, we know of more than 1,000 sources that collectively hold more than 3 billion records on our citizens. <...> Sberbank’s current level of efficiency stands at 99.8%. That means that out of 100 attempts at fraud, we stop 99.8,” Sergey Lebed, Vice President of Cyber Security, Sberbank.

Russia has a fast-growing data economy

“Today, the data economy is worth close to RUB 320 billion, and by the end of 2024, the effect of data use in traditional economic sectors will reach RUB 1.6 trillion. The data economy creates hundreds of thousands of jobs, and its growth is accelerating. Our task is to increase levels of growth while not forgetting about users,” Sergey Plugotarenko, General Director, Digital Economy.

“We are seeing a response from the public. Over the past two years, we have collected tens of millions of biometric samples. All data is securely stored under state management. <…> In fact, our approach is unique in terms of how the system is centralized, while at the same time there are no obligations or mandatory submission requirements [regarding biometric data – ed.] for the public. For them, it is a right, a choice, freedom. <…> Biometric data is one of the most regulated categories of personal data,” Vladislav Povolotsky, General Director, Center for Biometric Technologies.

PROBLEMS

A regulatory framework which is struggling to keep pace with new developments

“Technological leadership is impossible without identifying the areas where the country, companies, and specialists possess leadership skills. Technologies are developing very quickly, and regulations must be adjusted just as rapidly. Today, regulation is clearly lagging behind – everyone acknowledges this. <...> Regulation is failing to keep pace with new developments. In order to become technological leaders, we need to find a balance between the two,” Sergey Plugotarenko, General Director, Digital Economy.

Complexities surrounding security in the IT sector

“The unprotectedness of personal information [is a problem – ed.] at all levels. It enables them [cyber-criminals, cyber-fraudsters, and cyber-terrorists to use this information – ed.] to commit crimes on such a scale,” Maria Zakharova, Director, Department of Information and the Press, Ministry of Foreign Affairs of the Russian Federation.

“From 2022 to August 2024, more than 1.5 million IT crimes were committed. <…> The financial impact of these crimes increased from 91 billion in 2022 to 156 billion in 2023. The figure for the first seven months of 2024 is RUB 91 billion. So, over the past three years, a total of more than RUB 350 billion has been stolen and transferred abroad. <…> Can funds which have been transferred abroad affect the sovereignty and security of the country? Can crimes committed from abroad affect the security and sovereignty of our citizens? The answer is probably yes,” Danil Filippov, Deputy Head of the Investigation Department, Ministry of Internal Affairs of the Russian Federation.

SOLUTIONS

Increasing efforts at the governmental level to develop the digital domain

“Technologies are progressing at pace. They are developing faster than many would like. <…> Therefore, it is crucial to develop new data protection tools and to support them with a regulatory framework. We also need to assess levels of protection on a continuous basis,” Sergey Plugotarenko, General Director, Digital Economy.

“We have the Demography national project. Let’s create a similar national project focusing on cyber hygiene. For example, Sberbank makes information videos – something that we are doing as well,” Dmitriy Miklukho, Senior Vice President, Director of the Department of Information Security, Promsvyazbank.

Raising public awareness of new approaches to digital security

“We have started engaging more with the younger generation, going into universities, and developing specific courses on financial literacy. Basically, we have financial hygiene, and there should also be hygiene in how we handle personal data. We understand that during the digital boom, it is crucial to teach both the younger generation and adults to adhere to digital hygiene practices,” Vladislav Povolotsky, General Director, Center for Biometric Technologies.

“As I see it, the most important thing is to ensure the public are familiar with the new reality, the new rules of online behaviour, and how to operate in the online domain. <…> In China, this is precisely the path they have followed: educating the population about the new rules of life in our modern world,” Danil Filippov, Deputy Head of the Investigation Department, Ministry of Internal Affairs of the Russian Federation.

“We should not just talk about security, but also about data integrity. <…> We need to streamline the terminology. That is true of digital sovereignty, informatization, and artificial intelligence. <…> We need a glossary, a vocabulary, and teaching at universities and workshops based on unified data,” Maria Zakharova, Director, Department of Information and the Press, Ministry of Foreign Affairs of the Russian Federation.

*This is a translation of material that was originally generated in Russian using artificial intelligence.

For more information, visit the Roscongress Foundation’s Information and Analytical System at roscongress.org/en

Digital sovereignty and the security of citizens: legal models

Read more