UDC 004.056
The article examines the legal and technical aspects of personal and environmental data protection in digital forest management platforms. The article analyzes the Russian legislation on personal data and openness of environmental information, as well as international requirements. Technical risks are described in detail: leaks, attacks on infrastructure, threats to drones and sensors. Special attention is paid to practical approaches to protection: data classification, dual-circuit architecture, cryptography, filtering of environmental information. It is concluded that there is a need to balance confidentiality and transparency.
cybersecurity, forest management, personal data, environmental information, digital platforms, data protection
1. O personal'nyh dannyh: federal'nyy zakon ot 27.07.2006 № 152-FZ (red. ot 14.07.2022) // Sobranie zakonodatel'stva RF. – 2006. – № 31 (1 ch.). – St. 3451.
2. Ob utverzhdenii trebovaniy k zaschite personal'nyh dannyh pri ih obrabotke v informacionnyh sistemah personal'nyh dannyh: postanovlenie Pravitel'stva RF ot 01.11.2012 № 1119 (red. ot 13.07.2022) // Sobranie zakonodatel'stva RF. – 2012. – № 45. – St. 6257.
3. Ob ohrane okruzhayuschey sredy: federal'nyy zakon ot 10.01.2002 № 7-FZ (red. ot 30.12.2021) // Sobranie zakonodatel'stva RF. – 2002. – № 2. – St. 133.
4. Ob utverzhdenii Sostava i soderzhaniya organizacionnyh i tehnicheskih mer po obespecheniyu bezopasnosti personal'nyh dannyh pri ih obrabotke v informacionnyh sistemah personal'nyh dannyh: prikaz FSTEK Rossii ot 18.02.2013 № 21 // Byulleten' normativnyh aktov federal'nyh organov ispolnitel'noy vlasti. – 2013. – № 34 (opublikovan 26.08.2013).
5. Ob uchete drevesiny i o sdelkah s ney: federal'nyy zakon ot 28.12.2013 № 415-FZ (red. ot 11.06.2021) // Sobranie zakonodatel'stva RF. – 2013. – № 52 (Chast' I). – St. 6964.
6. O bezopasnosti kriticheskoy informacionnoy infrastruktury Rossiyskoy Federacii: federal'nyy zakon ot 26.07.2017 № 187-FZ (red. ot 04.11.2022) // Sobranie zakonodatel'stva RF. – 2017. – № 31 (Chast' I). – St. 4746.
7. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) // Official Journal of the European Union. – 2016. – L 119. – P. 1–88.
8. OGC GeoXACML 3.0 Standard. Open Geospatial Consortium, 2017. – 121 p.
9. Best practices for publishing sensitive species data / Global Biodiversity Information Facility. – 2019. – 18 p.
10. ISO/IEC 27001:2022 Information security, cybersecurity and privacy protection — Information security management systems — Requirements. – 2022. – 21 vip.
11. ISO/IEC 27701:2019 Security techniques — Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management — Requirements and guidelines. – 2019. – 70 p.
