All about car tuning

Composition of confidential information. Concept and types of confidential information. Where information confidentiality is needed

The meaning of the definition of “confidentiality” translated from English means trust and is interpreted as the need to prevent leakage (disclosure) of any information. From an etymological point of view, the word “confidential” comes from the Latin confidentia - trust and in modern Russian it means “confidential, not subject to publicity, secret.”

Confidential information can be any information with limited access that is not classified by current legislation as a state secret, since information with limited access is primarily information, data and knowledge known certain circle persons who have for them special value. Restrictions on access to information are established in order to protect the fundamentals constitutional order, morality, health, rights and legitimate interests other persons, ensuring the country's defense and state security.

The basis for legislative consolidation certain types of confidential information in Russian legislation are constituted by the Constitution Russian Federation, it enshrines the right of citizens, organizations and the state to privacy. Based on these provisions of the Constitution of the Russian Federation industry legislation relevant types of information with limited access are highlighted.

Let us note that the founder of a separate information and legal direction, first Soviet, and now Russian jurisprudence became A.B. Vengerov. He identified certain features (properties) of information that are fundamentally significant for the legal mediation of relations regarding information (information relations), including among them, in particular, the certain independence of information in relation to its carrier; opportunity reusable the same information; its inexhaustibility when consumed; the ability to store, aggregate, integrate, accumulate, “compress”, etc.

In accordance with Art. 2 of the Federal Law of July 27, 2006 No. 149-FZ “On information, information technology and on the protection of information" confidential information is documented information and is provided on a tangible medium (paper, electronic), access to which is limited in accordance with the legislation of the Russian Federation. In general this definition should be considered reliable, with the exception of the fact that information with limited access is not always documented, for example, information constituting personal and family secrets, as well as the secrecy of voting and the secret of confession, are not necessarily recorded on a tangible medium.

If information with limited access is recorded on a tangible medium, then the confidentiality of the information is reflected by the stamp installed on the tangible medium of information.

To designate the confidentiality stamp, international and national regulations. Moreover, the requirements of Russian legislation differ from international standards.

So in accordance with international standard ISO 17799 Information Systems Security uses the following symbols:

OT - open information;

CI - confidential information;

SKI is strictly confidential information.

IN Russian legislation The following confidentiality marks are used:

OT - open information;

DVI - for internal use;

CI - confidential information.

Currently, there is no clear and unified classification of types of confidential information, although the current regulations establish over 30 of its varieties. Certain attempts at such a classification have been made by scientists. A. I. Aleksentsev offers the following grounds for dividing information by type of secret:

  • - owners of information (according to certain species they may overlap);
  • - areas (spheres) of activity in which there may be information that constitutes this type secrets;
  • - who is entrusted with the protection of this type of secret (for some types of secrets, a coincidence is also possible here).

Confidential information may be subject to employment contract. The owner of confidential information is always the employer and the employee, and the latter has not only information about himself (personal data), but by virtue of an employment contract can keep production secrets and other secrets.

A condition of the employment contract will be the obligation not to disclose information that meets the criteria of confidentiality (clause 7 of article 2 of the law of July 27, 2006 No. 149-FZ “On information, information technologies and information protection”), and not just secrets protected by law ( public service, commercial, other).

Thus, confidential information can not only be additional, as stated in Article 57 of the Labor Code of the Russian Federation, but also prerequisite employment contract.

A. A. Fatyanov classifies information to be protected according to three criteria: by ownership, by degree of confidentiality (degree of access restriction) and by content.

Depending on ownership, the owners of the protected information may be the authorities state power and the structures they form (state secrets, official secrets, in certain cases commercial and banking secrecy); legal entities (commercial, banking, lawyer, medical, audit secrets, etc.); citizens (individuals) - in relation to personal and family secret, secrets of confession, notarial, lawyer, medical.

According to the degree of confidentiality (degree of access restriction), it is currently possible to classify only information that constitutes state secret.

In accordance with Article 8 of the Federal Law of July 21, 1993 No. 5485-1 “On State Secrets”, only for information constituting a state secret, three degrees of secrecy of information are established, and the secrecy stamps corresponding to these degrees for carriers of the specified information: “special importance”, “ top secret" and "secret".

It is noteworthy that in the United States and in a number of NATO, the secrecy classifications are similar to those established by domestic legislation - “confidential”, “secret”, “top secret”. For other types of secrets, this classification basis has not yet been developed, however, according to Art. 8 of the Federal Law of July 21, 1993 No. 5485-1 “On State Secrets”, the use of these classifications to classify information that is not classified as a state secret is not permitted.

The list of information classified as state secrets was approved by the Decree of the President of the Russian Federation of November 30, 1995. No. 1203 (specified by Decree of the President of the Russian Federation dated February 11, 2006 No. 90). Information constituting state secrets includes:

  • - information in the military field;
  • - information on foreign policy and foreign economic activities;
  • - information in the field of economics, science and technology;
  • - information in the field of intelligence, counterintelligence and operational investigative activities.

In particular, in the fields of economics, science and technology, state secrets include information:

  • - about research, development and design work, technologies of significant defense or economic importance;
  • - about methods and means of protecting classified information;
  • - O government programs and activities in the field of protection of state secrets.

It should be noted that the above classifications are not exhaustive and their development is still to be done by science and legislation. The lack of a clear classification of confidential information and their legal regimes in legislation leads to a significant number of contradictions and gaps.

There is even more uncertainty associated with the legal regime of confidential information than with the regime of classified information. It is believed that the typology of confidential information was established by Decree of the President of the Russian Federation of March 6, 1997 N 188 “On the list of confidential information.” The Decree defines six types of confidential information, which are presented as follows:

  • 1. Information about facts, events and circumstances privacy citizen, allowing identification of his identity (personal data), with the exception of information subject to dissemination in the media mass media in established federal laws cases.
  • 2. Information constituting the secret of investigation and legal proceedings.
  • 3. Official information, access to which is limited by public authorities in accordance with Civil Code and federal laws (official secrets).
  • 4. Information related to professional activity, access to which is limited in accordance with the Constitution and federal laws (medical, notarial, lawyer's secrets, confidentiality of correspondence, telephone conversations, postal items, telegraphic or other messages, and so on).
  • 5. Information related to commercial activities, access to which is limited in accordance with the Civil Code and federal laws (trade secrets).
  • 6. Information about the essence of the invention, utility model or industrial design before the official publication of information about them.

The list of confidential information is supplemented by other regulations: Fundamentals of the legislation of the Russian Federation “On the fundamentals of protecting the health of citizens of the Russian Federation”, laws of the Russian Federation “On psychiatric care and guarantees of the rights of citizens in its provision”, “On the notary”, “On the legal profession”, “On basic guarantees” voting rights citizens of the Russian Federation", "About banks and banking", and tax code RF, Family code RF, etc.

This Decree has accumulated quite a lot of complaints, the main ones being that it classifies the types of confidential information incompletely and incorrectly. In the latter case, for example, they point out that this type of professional secrecy according to this Decree, such as “the secrecy of correspondence... according to Article 23 of the Constitution of the Russian Federation should be the right of every person, and not just a specialist in a certain profession,” also point out the fact that there is no distinction between personal data and privacy, etc. Federal Law No. 149-FZ of July 27, 2006 “On information, information technologies and information protection” also does not solve the identified problem, since it uses only the most general regulatory guidelines, for example: “Federal laws establish the conditions for classifying information as information constituting trade secret, official secrets and other secrets, the obligation to maintain the confidentiality of such information, as well as responsibility for its disclosure" (Part 4 of Article 9).

Let's consider the most significant types of confidential information approved by Decree of the President of the Russian Federation of March 6, 1997 No. 188.

On July 27, 2006, Federal Law of the Russian Federation No. 152-FZ “On Personal Data” came into force. This law regulates relations related to the processing of personal data. Also within the framework of this law, the following definition appeared:

“Confidentiality of personal data is a mandatory requirement for the operator or other person who has gained access to personal data to not allow their distribution without the consent of the subject of personal data or the presence of another legal basis” (Clause 10, Article 3 of Federal Law No. 152-FZ).

The adoption of Federal Law No. 152-FZ of July 27, 2006 is intended to protect confidential information (personal data of the subject), such as: full name, first name, patronymic, year, month, date and place of birth, address, family, social, property status, education, profession, income, other information.

As an example of the confidentiality of information about the subject’s personal data, one can cite the provisions noted in the Letter of the Bank of Russia dated November 28, 2001 No. 137-T “On recommendations for the development credit organizations rules internal control in order to combat legalization (laundering) of proceeds from crime" (composition of personal data for identification individual):

  • - last name, first name, and patronymic (unless otherwise follows from the law or national custom);
  • - Date and place of birth;
  • - place of residence (registration);
  • - place of residence;
  • - information about the identity document (name, series and number, authority that issued the document, date of issue of the document).

Another example is personal data provided for by the Federal Law of November 15, 1997 No. 143-FZ: “Information that has become known to the employee of the registration authority civil status in connection with state registration civil status act."

One of the contradictions regarding the protection of a subject’s personal data is clearly illustrated by banking practice. For example, when opening savings deposit in the name of another person, the depositor must provide the bank with personal data of this person; when applying for a loan at a bank or retail outlets, a photocopy of a document containing personal data (mainly passports) is required; When drawing up a salary project agreement for employees of an enterprise, the bank is obliged to notify each employee of the enterprise about the start of processing of his personal data and obtain consent before issuing a card, etc. All this significantly complicates the work of banks, the procedure for processing information and transferring it to a third party. Also, it becomes impossible to exchange information about a client between branches of the same bank. The branch cannot send anywhere information about this citizen or information about his current affairs without obtaining appropriate permission from the client. It is necessary to take into account that the client has the right not to consent to the transfer of his personal data to third parties. In this case, the citizen has the opportunity to hide information that negatively characterizes him.

The problem is related to the attitude of regulators to personal data as independent object legal protection along with state secrets, commercial secrets, professional secrets, etc. And there are reasons for this, since in Art. 9 of the Federal Law of July 27, 2006 N 149-FZ "On information, information technologies and information protection" provisions on personal data are included in the article, which lists the types of information with limited access (state, commercial, official, professional secrets). This creates confusion, since the requirement for confidentiality of personal data is not absolute. Open personal data is also processed and must be protected, for example, on official websites of government authorities, professional encyclopedias, etc.

The next type of information with limited access - official secret - is the most difficult in terms of defining its concept and legal regime because this kind of mystery is in different time various contents were and are now included.

The definition of official secret is given in Decree of the President of the Russian Federation of March 6, 1997 No. 188 “On approval of the List of Confidential Information”, according to which official secret is official information, access to which is limited by public authorities in accordance with the Civil Code of the Russian Federation and federal laws. It is worth noting, in connection with the repeal of Art. 139 of the Civil Code of the Russian Federation, this definition has lost any legal basis.

IN current legislation The concept of official secret is not clearly defined. Most scientists are inclined to be of the opinion that official secrets include information about physical and legal entities ah, which become known to various officials by the nature of their official activities, however, due to their special character cannot be distributed freely. Because of this, official secrets include investigative secrets, medical secrets, tax secrets, attorney-client secrets, etc.

To indicate official information of a confidential nature, in addition to the term “official secret”, a number of others are used, primarily “official information”.

For a long time, the only source in which the legal definition of official information was enshrined was Article 31 of the Federal Law of April 22, 1996 No. 39-FZ “On the Market” valuable papers": "Federal law understands as official information any information that is not publicly available about the issuer and the issue-grade securities issued by it, which puts persons in possession by virtue of their official position...”.

It should be noted that, firstly, this definition is not universal and is applied only within the framework of the relevant legal institute. Secondly, the law directly establishes that proprietary information constitutes information with limited access. Thirdly, in connection with the adoption on July 27, 2010 of Federal Law No. 224-FZ “On combating the misuse of insider information and market manipulation and on introducing amendments to certain legislative acts of the Russian Federation”, Article 31. Federal Law No. 39-FZ of April 22, 1996 “On the Securities Market” became invalid in January 2011. The term “official information” was replaced by the term “insider information”.

The concept of "official information" is also reflected in legislative acts-- dedicated to state and municipal service, where it is used quite often, but its content is not disclosed in them. Thus, in the Federal Law of July 27, 2004 No. 79-FZ “On the State Civil Service of the Russian Federation”, Article 15 and Article 7 of the Federal Law of July 21, 1997 No. 114-FZ “On Service in customs authorities Russian Federation" establishes the obligation to comply with the procedure for working with official information: "not to disclose information constituting state or other secrets protected by federal law, as well as information that has become known to him in connection with the execution of job responsibilities, including information relating to the private life and health of citizens or affecting their honor and dignity,” and “a customs officer does not have the right to: use material, technical and information support, financial resources, other state property, as well as official information." According to Article 17 of the Federal Law of July 27, 2004 No. 79-FZ "On the State Civil Service of the Russian Federation" and Article 7.1 of the Federal Law of July 21, 1997 No. 114-FZ "On Service in customs authorities of the Russian Federation" establishes a ban for state and municipal employees: "to disclose or use for purposes unrelated to civil service, information classified in accordance with federal law as confidential information, or proprietary information that became known to him in connection with the performance of official duties.”

In turn, in the Decree of the Government of the Russian Federation of November 3, 1994 No. 1233 “On approval of the Regulations on the procedure for handling official information of limited distribution in federal bodies executive power“The concept of “official information” is reflected in the list of information that cannot be classified as official information of limited distribution:

  • - acts of legislation establishing legal status state bodies, organizations, public associations, as well as the rights, freedoms and responsibilities of citizens, the procedure for their implementation;
  • - information about emergency situations, hazardous natural phenomena and processes, environmental, hydrometeorological, hydrogeological, demographic, sanitary-epidemiological and other information necessary to ensure safe existence settlements, citizens and the population in general, as well as production facilities;
  • - description of the structure of the executive body, its functions, directions and forms of activity, as well as its address;
  • - the procedure for considering and resolving applications, as well as appeals from citizens and legal entities;
  • - decisions on applications and appeals of citizens and legal entities considered in the prescribed manner;
  • - information on budget execution and the use of other government resources, on the state of the economy and the needs of the population;
  • - documents accumulated in open collections of libraries and archives, information systems organizations necessary for the implementation of the rights, freedoms and responsibilities of citizens.

Thus, we can conclude that official information is confidential official information about the activities of government bodies, access to which is limited by federal laws or due to the performance of official duties, as well as information received by government bodies from individuals and legal entities that has actual value due to their unknownness to third parties and access to which is limited in accordance with federal laws.

Currently, more and more attention is being paid to another type of information with limited access - trade secrets.

The concept of “trade secret” translated from English “commercial” means a list of information about the activities of a company or enterprise that is not subject to disclosure due to possible losses, lost profits and other negative consequences.

In Russian legislation, the definition of a trade secret is specified in Article 3 of the Federal Law of July 29, 2004 No. 98-FZ “On Trade Secrets”, the concept of “trade secret” is a regime of confidentiality of information that allows its owner, under existing or possible circumstances, to increase income and avoid unjustified expenses, maintain a position in the market for goods, works, services or obtain other commercial benefits.

Information constituting a trade secret is understood as scientific, technical, technological, production, financial, economic or other information (including those constituting production secrets - know-how), which has actual or potential commercial value due to its unknownness to third parties, to which there is no free access to legally and in respect of which the owner of such information has introduced a trade secret regime.

The carriers of commercial information are the heads of enterprises or organizations, as well as other employees admitted to trade secrets. In this case, information constituting a trade secret of an enterprise or organization in accordance with Article 4 of July 29, 2004 No. 98-FZ, is developed and approved by the head of the enterprise or organization taking into account the requirements of the Decree of the Government of the Russian Federation of December 5, 1991 No. 35 “On the transfer of information, which cannot constitute a trade secret."

Russian legislation does not contain comprehensive information related to the concept of “trade secret,” but the literature provides approximate lists of information related to commercial information

Thus, E. Soloviev offers the following indicative list of information constituting a trade secret:

  • - information about production capabilities enterprises;
  • - Labour Organization;
  • - personnel and production structure;
  • - information on draft annual and long-term export-import plans for foreign economic activity;
  • - investment programs;
  • - property status of the enterprise;
  • - budget;
  • - methods of studying the sales market;
  • - circle of clients;
  • - information about foreign partners;
  • - price structure;
  • - terms of transactions;
  • - special conditions contracts;
  • - information about a detailed explanation of the subject of licenses when buying and selling them;
  • - results scientific research and design developments;
  • - technical projects;
  • - object design;
  • - inventions, know-how, industrial and technical designs;
  • - information related to technological information;
  • - methods of production.

V.A. Gerasimenko, D.V. Pavlov, A.A. Shiversky cite the following sample list information classified as a trade secret:

  • 1. Strategic information:
    • - production development plans, including the use of new technologies, discoveries, etc.;
    • - reasons hindering the development of the enterprise, difficulties and possible ways to overcome them, etc.
  • 2. Technological and scientific-technical information underlying the enterprise’s production of competitive products; development of technologies and new types of products taking into account market needs, etc.
  • 3. Business information:
    • - about trading and business partners, clients, intermediaries, suppliers, etc.;
    • - on the terms of contracts, agreements, agreements, etc.;
    • - about the state of the enterprise’s credit and financial system;
    • - marketing information.

A positive element of the formulation of the content of a trade secret given by V.A. Gerasimenko, D.V. Pavlov, A. A. Shiversky and E. Ya. Solovyov, is that they tried to highlight the main areas entrepreneurial activity, which may contain information constituting a trade secret.

Based on the foregoing, we can conclude that the current legislation does not in any way limit the subject nature of information constituting a trade secret. Trade secrets include confidential information in the following areas: production and economic; commercial; managerial; scientific and technical; financial, the main thing is that this information has commercial value due to its unknownness to third parties.

The remaining types of secrets are most often indicated, their volumes intersect, one secret overlaps another. This situation is extremely negative for law enforcement practice. Problems with determining the range of information related to a specific type of secret exist even in relation to the most “developed” legislative secrets (such as state secrets and “know-how”), which is often confirmed by judicial practice.

Therefore, when deciding whether to classify specific information as protected, you must be guided by certain criteria, i.e. signs, in the presence of which information can be classified as protected.

The general basis for classifying information as protected is the value of the information, since it is the value of the information that dictates the need to protect it. Therefore, the criteria for classifying information as protected are essentially criteria for determining its value.

Attribution criteria open information to the protected one:

  • - need for information legal support activities of the enterprise. This refers to documented information regulating the status of the enterprise, the rights, duties and responsibilities of its employees;
  • - the need for information for production activities (this applies to information related to research, design, engineering, technological, trading and other areas of production activities);
  • - the need for information for management activities, this includes information required for making management decisions, as well as for organizing production activities and ensuring its functioning;
  • - the need for information for financial activities;
  • - the need for information to ensure the functioning of the social sphere;
  • - the need for information as an evidentiary source in case of conflict situations;
  • - the importance of information as a historical source that reveals the directions and features of the enterprise’s activities.

These criteria necessitate the protection of public information from loss.

The above criteria for classifying open information as protected raise the need for protection against loss of confidential information.

However, the main determining criterion for classifying information as confidential and protecting it from leakage is the possibility of obtaining benefits from the use of information due to its unknownness to third parties.

This criterion has two components: Unknown information to third parties. Gaining benefits from the use of information (gaining benefits, preventing political, economic or moral damage). These two components are interconnected and interdependent, on the one hand, the unknown of information to third parties in itself means nothing if it does not provide advantages to the one who protects it, on the other hand, advantages can only be obtained due to such obscurity.

In the absence of the above criteria, there is no basis for transferring information to the protected category. But the presence of these criteria does not mean that information in all cases, without exception, should be classified as protected. The criteria are only objective indicators of the possibility of classifying information as protected.

To realize this possibility, the following conditions are actually necessary:

  • 1. If the information is not legally available to the public, i.e. does not contain information that is prohibited from being classified as confidential. Lists of such information are contained in regulations RF.
  • 2. If available technical capabilities to protect storage media. It's about about objects that are almost impossible to hide from technical means detection and fixation, especially satellite ones.
  • 3. If the costs of protecting information do not exceed the quantitative and qualitative indicators of the benefits obtained from protecting it.

Thus, the legal and methodological basis for developing lists of protected information are: criteria for classifying information as protected; conditions for classifying information as protected; the concept of the corresponding type of secret (their characteristics and indicators); specifics of the enterprise (for trade secrets, which for some is a trade secret, for others - advertising information).

Confidential information in any area is carefully protected by law. Therefore, the duty of employees who have access to it is to protect the data and not allow it to be made public. There are various responsibilities for the disclosure of confidential information. A person can even be convicted under an article from the Criminal Code if he has committed a serious violation. Therefore, it is in the interests of the workers themselves that, through their fault, information does not leak to third parties.

What is confidential information

Confidential information is personal information with limited access. There are different types of such data, but all of them are protected by law. Employees who have access to them are obliged to maintain secrecy and not allow publicity. Moreover, they themselves should not disclose such information even within the family circle.

Types of confidential information:

  1. Personal data of an individual. These include everything related to events and facts of private life.
  2. Official secret. Only government employees holding a specific position have access to it. This may include tax secrets, information about adoption, etc.
  3. Professional secret. It is protected by the Constitution of Russia, and a limited number of people performing their professional duties know about it.
  4. Personal files of those convicted of crimes.
  5. Trade secret. This information must be stored in order to protect the legal entity from competition, or to obtain benefits.
  6. Information about court decisions and their execution within production.
  7. The secrecy of investigation and legal proceedings. This may include information about victims and witnesses who need assistance. state protection. Information about judges and law enforcement officials is also kept secret.

This information is confidential and will not be disclosed. It is necessary to maintain the confidentiality of such information in order to protect the interests of individuals and legal entities. Non-disclosure is necessary because publicity can lead to serious consequences. For example, to the bankruptcy of a company, the public condemnation of a person, the danger that has arisen for witnesses and victims. If an employee allows information to be disseminated, then he has the right to be punished depending on the severity of the violation.

Non-disclosure agreement

To allow an employee access to classified data, you will need to sign a non-disclosure agreement. Because on the basis of this document it will be possible to be held accountable if the employee does not comply with his obligations regarding the safety of data. There is no specific template for the agreement, but all must be present important points, such as the responsibilities of the parties and liability for disclosure.

But you also need to understand that without it you cannot access classified information. In any case, it is worth discussing the current situation personally with your superiors in order to resolve the issue with the contract.

How to prove the disclosure of personal information

Punishment, for example, a fine under a non-disclosure agreement, will be imposed only if the fact of violation can be confirmed. Any evidence will do for this. As a rule, it is not difficult to obtain them if it is possible to identify an unscrupulous employee.

However, first you need to confirm the fact that there really was secret data, and a specific person had access to it. To do this, you need to use documents, for example, a non-disclosure agreement. Evidence will be required in any case, even for disciplinary action

. Moreover, they will be needed for the trial, because to bring someone to justice under the article, compelling reasons and evidence are required.

What responsibilities are provided?

The employee must know what information will be classified and what will be publicly available. Therefore, he cannot make confidential data public simply because he was not aware of the restricted access to it. In most cases, employees deliberately disclose information that will be protected. This is done for personal reasons or for selfish purposes.

The punishment depends on the nature of the violation. Let's consider the types depending on the responsibility to which the guilty person can be held.

  1. What may be the punishment:
  2. Disciplinary punishment. He is appointed by the management of the organization after an internal review and investigation. The employee may be reprimanded, reprimanded, or even fired. The specific solution depends on the situation.
  3. Administrative responsibility. It can occur when personal data is disclosed, as well as when the protection of information, in addition to state secrets, is violated. A guilty person may receive a fine of up to 10,000 rubles. Criminal liability. The elements of crimes are quite diverse and are defined in. If the violation is criminal in nature, then they may even be deprived of their freedom.
  4. Civil liability. The victim may recover moral damages.

In Ukraine, approximately the same rules apply regarding punishment for disclosing classified information. Liability can only be avoided in certain cases.

When there is no punishment

Only the person who has been officially admitted to confidential data has the right to punish. If an employee accidentally learns secret information without access to it, he cannot be convicted of disclosing it. Let's say a letter containing official secrets was sent to a third party by mistake. And he, having learned the information, began to discuss it in his circle or with other people. In this case, he cannot be held accountable, because, according to the law, he did not violate anything.

1. Concept of confidential information. The current legislation does not have a unified concept of confidential information, as well as a clear definition of its structural composition. According to Art. 2 of the Law on Information and Art. 2 of the Law on Participation in International Information Exchange, documented information is recognized as confidential, access to which is limited in accordance with the legislation of the Russian Federation.

2. Types of confidential information. By Decree of the President of the Russian Federation dated March 6, 1997 List approved confidential information. This list includes:

1) information about facts, events and circumstances of a citizen’s private life, allowing his identity to be identified (personal data), with the exception of information subject to dissemination in the media in cases established by federal laws

2) information constituting the secret of investigation and legal proceedings, as well as information about protected persons and measures of state protection carried out in accordance with the Federal Law “On State Protection of Victims, Witnesses and Other Participants in Criminal Proceedings” and other regulations legal acts RF

3) official information, access to which is limited by government bodies in accordance with the Civil Code of the Russian Federation and federal laws (official secrets)

4) information related to professional activities, access to which is limited in accordance with the Constitution of the Russian Federation and federal laws (medical, notarial, attorney-client confidentiality, confidentiality of correspondence, telephone conversations, postal items, telegraphic or other messages, etc.)

5) information related to commercial activities, access to which is limited in accordance with the Civil Code of the Russian Federation and federal laws (trade secret)

6) information about the essence of the invention, utility model or industrial design before the official publication of information about them

3. Basic methods legal regulation confidential information. The main methods of legal regulation of confidential information are:

1) establishing the concept of confidential information (for example, according to the Law, a trade secret is the confidentiality of information that allows its owner, under existing or possible circumstances, to increase income, avoid unjustified expenses, maintain a position in the market for goods, works, services or obtain other commercial benefits)

2) establishing information that constitutes confidential information (for example, according to Article 857 of the Civil Code, the bank guarantees the secrecy of the bank account and bank deposit, account transactions and customer information)

3) establishing information that cannot constitute confidential information (for example, the Decree of the Government of the Russian Federation dated November 3, 1994 defines a list of information that cannot be classified as official information of limited distribution, in particular, acts of legislation, information about emergency situations, a description of the structure of the executive authority, its functions, directions and forms of activity, as well as its address, the procedure for considering and resolving applications, as well as appeals from citizens and legal entities)

4) establishing a procedure for providing confidential information to government bodies (for example, according to the Law, the owner of information constituting a trade secret, at the motivated request of a government body, other government body, body local government provides them with free of charge information constituting a trade secret. A reasoned request must be signed by an authorized person official, contain an indication of the purpose and legal basis requests for information constituting a trade secret, and the deadline for providing this information, unless otherwise established by federal laws. If the owner of information constituting a trade secret refuses to provide it to a government agency or other government agency, local government bodies have the right to request this information in judicial procedure)

5) establishing a ban on actions that could lead to a violation of the regime of confidential information (for example, according to the Law on Advocacy, a lawyer cannot be summoned and questioned as a witness about the circumstances that became known to him in connection with an appeal to him for legal assistance or in connection with its provision)

In accordance with the decree of the President of the Russian Federation in 1997 . № 188

Types: 1) Personal Information (Information about facts, events and circumstances of a citizen’s daily life, allowing his identity to be identified, with the exception of information subject to dissemination in the media in cases established by federal laws)

2) Service secret (Federation and federal laws. Official information, access to which is limited by government authorities in accordance with the Russian Civil Code)

3) Professional secret (Information related to professional activities, access to which is limited in accordance with the Constitution of the Russian Federation and federal laws (medical, notarial, lawyer's secret, confidentiality of correspondence, telephone conversations, postal items, telegraphic and other messages, and so on).

4) Mystery consequences And legal proceedings

5) a commercial secret (Information related to commercial activities, access to which is limited in accordance with the Civil Code of the Russian Federation and federal laws)

6) Information about essence of the invention (Information about the essence of the invention, utility model or industrial design before the official publication of information about them).

8. Protection of personal data (PD)

Article 3. Basic Concepts, used in this Federal Law

Personal data (PD)- any information , relating to determined or determined on the basis of such information physical street (personal data subject), including his last name, first name, patronymic, year, month, date and place of birth, address, family, social, property status, education, profession, income, other information.

Compound personal data (to identify an individual):

    surname , Name , and surname (unless otherwise follows from the law or national custom);

    date And Place of Birth ;

    place residence (registration);

    place stay ;

    information about document , identification (name, series and number, authority issuing the document, date of issue of the document).

(Letter of the Bank of Russia dated November 28, 2001 No. 137-T “On recommendations for the development of internal control rules by credit institutions in order to combat the legalization (laundering) of proceeds from crime”).

    intelligence , who have become known to the civil registry office employee in connection with the state registration of a civil status act.

1. Treatment personal data should be carried out on the basis principles:

1) legality of purposes And processing methods PD and integrity;

2) compliance with the purposes of processing personal data goals , in advance certain And declared when collecting personal data, as well as the authority of the operator;

3) volume compliance and the nature of the processed PD , processing methods personal data processing purposes PD;

4) reliability PD, their sufficiency for the purposes of processing, the inadmissibility of processing personal data that is excessive in relation to the purposes stated when collecting personal data;

5) inadmissibility of association created for incompatible purposes DB ISPD.

2. Storage PD is carried out in a form that makes it possible to identify the subject of personal data, no longer than required by the purposes of their processing, and they are subject to destruction upon achieving the purposes of processing or in the event of the loss of the need to achieve them.

Article 6. PD processing conditions

1. PD processing can be carried out operator with the consent of the subjects personal data, except in cases provided for by part 2 of this article.

2. Agreement subject of personal data, provided for in part 1 of this article, not required in the next cases:

1) PD processing is carried out based on Federal Law , establishing its purpose, the conditions for obtaining personal data and the range of subjects whose personal data is subject to processing, as well as defining the powers of the operator;

2) PD processing is carried out for the purpose of fulfilling the contract , one of parties which is subjectPD ;

3) PD processing is carried out for statistical or other scientific purposes subject to mandatory depersonalization of personal data;

4) PD processing is necessary to protect life , health or other vital interests of the subject of the PD if obtaining the consent of the subject of personal data is impossible;

5) PD processing is necessary for mail delivery shipments by postal service organizations, for the implementation of communications operator settlements with users of communication services for the rendered communication services, as well as for consideration of claims of users of communication services;

6) PD processing is carried out for the purposes of professional activities of a journalist or for the purposes of scientific, literary or other creative activity, provided that the rights and freedoms of the subject of the personal data are not violated;

7) processing of PD subject to publication in in accordance with the Federal Law , including PD persons holding government positions, positions in the state civil service, PD candidates for elected state or municipal positions.

3. Features of processing special categories of personal data, as well as biometric personal data, are established accordingly Articles 10 and 11 of this Federal Law.

4. In case ifoperator based on the contract instructs processing of PD to another person, an essential condition of the agreement is duty to provide by the specified person privacy PD security data during their processing.

Article 7. ConfidentialityPD

1. Operators and third parties gaining access to personal data, confidentiality must be ensured such data, except for the cases provided for in Part 2 of this article.

2. Provision privacy PD not required:

1) in case depersonalization PD;

2) regarding publicly available PD.

Article 8. Publicly available sourcesPD

1. For the purpose of information support, publicly accessible PD sources (including directories, address books) may be created. To public sources PDS written consent of the subject PD may include his last name, first name, patronymic, year and place of birth, address, subscriber number, information about profession and other personal data provided by the subject of personal data.

2. Information about the subject of personal data can be Anytime excluded from publicly available sources of personal data as required subject of personal data or by decision of a court or other authorized government bodies.

Confidential informationin any of its forms and types is carefully protected by law from unauthorized access to it by unauthorized persons. Therefore, the consequences of disclosing such information are more than serious - even criminal liability, which is also expressed in imprisonment. For more information about what confidentiality is and the consequences of violating it, read this article.

Information Confidentiality: What does it mean?

Article 5 of the Law “On Information, Information Technologies and Information Protection” dated July 27, 2006 No. 149-FZ divides any information at the disposal of citizens, government agencies and legal entities into publicly available and data with limited or prohibited access.

The latter may include information constituting state secrets or confidential information.

Important: access to any information objects may be limited or prohibited solely in accordance with federal law.

Types of confidential information

All types of information, the safety of which is protected at the legislative level, are listed in the list of the same name, approved by Decree of the President of Russia dated March 6, 1997 No. 188. Thus, in accordance with the document, the category of confidential information includes:


Important: there are no official or professional secrets equivalent concepts- access to the first can only be separate categories state and municipal employees, while the second can be used by persons not in the civil service. We are talking about information constituting medical or lawyer's secret, the secret of confession, correspondence, telegraphic and mail messages etc.

Don't know your rights?

Responsibility for disclosure of confidential information

For the disclosure of confidential information, the laws of the Russian Federation provide for 3 types of liability:

  • disciplinary;
  • administrative;
  • criminal

Disciplinary liability ranges from a verbal reprimand to dismissal and is applied solely based on the results of an internal audit, during which the employee’s involvement in the leak of information, as well as his guilt in this, must be established.

Download the order form

Administrative punishment occurs for the disclosure of any type of confidential information and, according to Article 13.14 of the Code of Administrative Offenses of the Russian Federation, is a fine in the amount of 500 to 1,000 rubles for ordinary citizens and from 4,000 to 5,000 rubles for employees vested with organizational and administrative powers, that is officials.

Criminal legislation refers to liability for violation of the confidentiality regime more selectively - it is applied subject to the disclosure of commercial, banking or tax secrecy. Moreover, the collection of such information, according to Article 183 of the Criminal Code of the Russian Federation, must be carried out in obviously illegal ways - through bribery, threats, theft of documents, etc.

The punishment depends on the circumstances of the crime and its consequences - from a fine of up to 500,000 rubles to 7 years in prison.

Article 183 is not the only norm of the Criminal Code of the Russian Federation providing for liability for the disclosure of confidential information. For example, the disclosure of information about a company, resulting in a fall in the value of its shares (insider information), falls under Article 185.6 of the Criminal Code of the Russian Federation and threatens the culprit with considerable fines - from 300,000 to 1,000,000 rubles, as well as a ban on holding certain positions for 4 years .

In addition, in parallel with any type of punishment, the issue of bringing the person who leaked information with limited access to civil liability may be considered. We are talking about the obligation to compensate for harm caused as a result of disclosure of information, both material and moral.