|
MAIN PAGE
> Back to contents
Security Issues
Reference:
Tsvetkova A.D.
Information about computer handwriting: The challenges of finding a balance between individual liberty and state security
// Security Issues.
2023. № 3.
P. 71-83.
DOI: 10.25136/2409-7543.2023.3.43749 EDN: ZSSKED URL: https://en.nbpublish.com/library_read_article.php?id=43749
Information about computer handwriting: The challenges of finding a balance between individual liberty and state security
Tsvetkova Anna Denisovna
ORCID: 0000-0002-1631-9265
Student of the Institute of Justice, Ural State Law University named after V. F. Yakovlev
620034, Russia, Sverdlovskaya oblast', g. Ekaterinburg, ul. Kolmogorova, 54
|
at@crimlib.info
|
|
 |
Other publications by this author
|
|
|
DOI: 10.25136/2409-7543.2023.3.43749
EDN: ZSSKED
Received:
09-08-2023
Published:
05-10-2023
Abstract:
The present study is devoted to the introduction of biometric identification systems in law enforcement. The author pays special attention to the phenomenon of computer handwriting, examining in detail the constitutional and legal aspects of the use of knowledge about it. For this purpose a wide methodological apparatus is used: comparative-legal method, method of analogy, deduction, method of modelling and others. The Russian practice and potential for further development are compared with the experience of foreign countries both in the regulation of general issues of biometric personal data and in situations of legal regulation of computer handwriting data. The author investigates how to simultaneously solve the problems of detection and investigation of offences in which printed texts act as evidentiary materials, and at the same time preserve human rights to privacy, personal and family secrecy, anonymity on the Internet. It is noted that computer handwriting is a rather young phenomenon for legal science; there is still no in-depth study of it from the perspective of this field of knowledge. This paper is only a beginning in understanding the topic under consideration. It raises basic questions: whether it is permissible to use knowledge about computer handwriting, how it should be protected and where it should be stored, whether it is necessary to limit the existing commercial interest in its use. As a result, the author comes to the following conclusions: it is permissible and necessary to collect information on computer handwriting, as this will reduce infringements on the natural rights of man and citizen. For such collection it is necessary to use a centralised state system in which all the requirements for the security of critical information infrastructure are implemented. However, before such a system is put into operation, it is necessary to support commercial companies in relevant developments and oblige them to provide information about users' computer handwriting at the request of authorised persons.
Keywords:
computer handwriting, keyboard handwriting, biometric personal data, biometrics, dynamic biometric characteristics, computer crimes, typist identification, typed text, constitutional rights, personal privacy
This article is automatically translated.
You can find original text of the article here.
In recent years, information technologies have been penetrating our lives at an increasingly rapid pace. In Russia and abroad, they began to talk about the so-called information rights of citizens: the right to be forgotten, the right to determine their "digital identity", the right to access the Internet, etc. [1, pp. 8-31]. However, any technological development actualizes the problem of achieving a balance between freedom and security: so, on the one hand, many people see computer systems as a means of complete anonymization, creating a fictional identity of a digital profile with the characteristics that the person himself wants to consolidate [2, p. 142]. At the same time, the number of computer crimes is growing every year, especially if we approach their understanding in a broad, criminalistic sense [3, p. 167]. This fact is noted not only by the scientific community: for example, at the Russia-Africa Economic and Humanitarian Forum, held on July 27-28, 2023 in St. Petersburg, it was pointed out that domestic information systems are exposed to cyber attacks more often than it happens in other countries. Accordingly, the state is interested in maximum control of the virtual environment. In particular, while preserving the right of users to anonymity, it wants to develop a mechanism for identifying citizens, deanonymizing their identity if such a need arises. This task is very successfully solved by biometric technologies, which allow, in addition, to increase the level of personal information security by configuring two-factor authentication systems for access to the system [4, p. 49]. It is their research from the perspective of the prospects of introduction into public life that is the subject of this study. Biometric technologies are instrumental solutions for processing biometric personal data of a person [5, p. 242]. In science, the latter are usually divided into static and dynamic (behavioral) [6, p. 2; 7, p. 35; 8, p. 83]. However, it seems that this approach cannot be fully accepted for use in Russian legal studies. This is due to the fact that Article 11 of Federal Law No. 152-FZ of 27.07.2006 (as amended on 06.02.2023) "On personal data" divides all personal data into biological and physiological. Thus, we will continue to use legally established categories with the caveat that the content of physiological biometric data coincides with dynamic and behavioral data disclosed in most scientific studies on the relevant topic. Among all biometric technologies in Russia, the most common are those that allow identifying a person by the papillary pattern of the fingers, the image of the face and the iris [9]. However, biometrics includes a much more extensive list of identification-significant features [10; 11, p. 14], and the current level of technological development suggests the existence of extensive potential for the development of appropriate biometric technologies. In terms of computer crimes, the processing of information about a person's computer handwriting seems to be the highest priority, since all researchers of this phenomenon note its comparative cheapness and simplicity, since fixing does not require expensive equipment [12, p. 64]. Let us explain that computer handwriting is a physiological biometric characteristic of a person, combining a set of skills and habits of user interaction with manipulator devices when creating text. The most informative in its structure is information about the specifics of the keyboard set: the pressing force [13], the dynamics of input [14, p. 240], the printing speed [15, p. 17], the duration of the interval between presses [16, p. 583], etc. The purpose of this study is to prove the prospects and acceptability from the point of view of compliance with constitutional norms of widespread technology of identification and authentication of users of computer devices based on information about their computer (keyboard) handwriting. To do this, we used both general scientific and special methods. The most significant of all were: the method of analogy (when projecting the legal regimes of already implemented biometric systems to new technologies), deduction (when projecting the general features of biometric data to individual particular examples), comparative legal (when comparing the legislative regulation of biometric data in different countries), system (to harmonize doctrinal and legal approaches), a modeling method (when designing possible scenarios for expanding the number of biometric technologies used to improve state security), etc. Computer handwriting can be considered as personal data [15, p. 17], which, according to paragraph 1 of Part 1 of Article 3 of Federal Law No. 152-FZ of 27.07.2006 "On Personal Data", are defined as "any information relating directly or indirectly to a certain or identifiable individual (subject of personal data)". Moreover, the phenomenon under consideration, which all its researchers primarily talk about, is included in the category of biometric personal data [4, p. 49; 17, p. 583; 18, p. 128], which, as noted in the scientific literature based on Article 11 of the said law, have two features: "infirstly, they characterize the physiological and biological characteristics of a person, on the basis of which it is possible to establish his identity, and, secondly, they are used by the operator of personal data to establish the identity of the subject" [19, p. 116]. At the same time, it is emphasized that biometric personal data can be those information that is directly used for identification, and not only theoretically suitable for it [19, p. 116]. Information about computer handwriting characterizes the physiological peculiarity of a person and makes it possible to identify a specific carrier, and is also used today at a private level to identify the user of a computer device [20-22]. It can be concluded (and this is confirmed by all researchers [10, p. D-116; 23, p. 157; 24, p. 171]) that computer handwriting is a functional biometric characteristic of a person. In this regard, the existence of the phenomenon of computer handwriting creates a significant space for research for the science of constitutional law, giving rise to the following questions: 1) is it permissible from the point of view of the constitutional rights of citizens to collect information about their computer handwriting;
2) how should the data on a person's computer handwriting be protected [25, p. 165]; 3) where should information about computer handwriting be stored; 4) should commercial organizations be restricted that are "also interested in collecting and processing personal data in order to create new business models, personalize the goods and services provided, maximize the effective use of innovative technologies in competition, protect their own interests in dispute resolution" [26, p. 74] (in particular, information about computer handwriting of users is taken as a basis for the development of more convenient, ergonomic keyboards, which creates a competitive advantage in the market of computer components), and how it is possible to implement this restriction, etc. However, despite the rather long history of research devoted to the phenomenon under consideration, which began in the 1970s [10, p. D-116-D–122], the vast majority of works still do not go beyond the computer-technical field of knowledge. Legal studies, if any, ignore, with rare exceptions, aspects of the legal implementation of systems for fixing indicators of computer handwriting (as an exception, the works of I. Z. Fedorov [27] can be called, whereas, for example, E. I. Voigel, also touching on the topic of computer handwriting, do not analyze the issue of obtaining information about it from the legal points of view [28, p. 105]). The solution of the above issues is the subject area of public and public law sciences – and work in this direction is necessary to create a legally justified opportunity to expand the scope of biometric technologies. In this paper, we will try to lay the foundation for further research in this direction by briefly answering the problematic questions posed. At the same time, we note that they represent only the initial link, but do not exhaust the full depth of this topic. 1. The first question seems to be the most difficult, since it is located not so much within the framework of science as in the sphere of philosophy, stating the eternal dilemma: freedom or security. At the beginning of this article, we have already pointed out this contradiction when considering the use of biometric technologies, now we emphasize the following. In our opinion, constitutional human rights will be more respected if the state begins to centrally collect information about the computer handwriting of persons operating in the virtual space. You can draw an analogy with passport control at airports: security personnel see everything that a passenger is going to take with him to the departure area, but this allows you to prevent terrorist attacks, saving the lives of civilians. The same is true with information about computer handwriting: the information system will receive information about the characteristics of the text typed on a computer device that individualize the performer, but this will allow time to identify extremists, pedophiles and other intruders who distribute illegal information via the Internet [29, pp. 575-576]. In addition, it is necessary to take into account that such volumes of information will obviously not be processed by a person, since his resources are not enough for this [30, p. 5; 31, p. 23]. All basic operations for collection, accumulation, storage, distribution will be carried out automatically, whereas a person – an authorized representative of the state – will be able to access this information only in a situation of necessity in which processing of personal data of a subject is allowed without his consent (paragraphs 2-11 of Part 1 of Article 6 of Federal Law No. 152-FZ of 27.07.2006 "About personal data"). 2. The need to protect information about a person's computer handwriting is associated not only with its attribution to personal data, which should be protected in principle, but also with an increased risk to privacy and secrecy caused by the specifics of the technology for obtaining information about computer handwriting. Special programs, hardware and software devices or embedded modules of the operating system (hereinafter, collectively, systems that capture the indicators of computer handwriting, we will, assuming a certain degree of conditionality, call keyloggers) record and store information about each key pressed with timestamps [32, p. 48]. Thus, information about computer handwriting turns out to be directly related to the specific text being typed. In addition, individual keyloggers also track visited sites, running programs [33]. Constant centralized collection, which will be discussed in more detail later, on the one hand, increases the risk of leakage of this information due to illegal actions of intruders, and on the other hand, makes this information fully accessible to the state. In this regard, some authors propose to encode information about computer handwriting so that the system loses contact with the typed text and, through artificial intellectual processing, offers a person only an impersonal output with information about the identity of the person who typed the compared texts, without demonstrating the introductory ones on the basis of which the decision was made [34, p. 55]. However, it seems that the use of such technological solutions is acceptable only for the "home" use of computer handwriting when implemented in access control systems. That is, with such depersonalization, it is impossible to access data on computer handwriting to solve, for example, the tasks of solving and investigating crimes, where it is necessary to identify the person who printed this or that text. Therefore, in our opinion, it will be promising to solve the problem by using legal rather than technological mechanisms. However, this does not exclude the need to comply with all security rules required to protect the critical information infrastructure of the Russian Federation [35, p. 16].
3. One of the legal mechanisms that we indicated in the previous paragraph may be the detailed regulation of the issues of fixing and using information about computer handwriting. To begin with, you can add a mention of it in Article 3 of Federal Law No. 152-FZ of 27.07.2006 "On Personal Data", revealing along with the rest of the basic concepts. Expanding the scope of its application may require making appropriate additions to other regulatory legal acts, the existing indication of the existence of computer handwriting exclusively in GOST standards will soon be insufficient [36, p. 123]. At the same time, we consider it appropriate in some matters to refer to the experience of other states, where, in particular, there is a separate regulation of relations related to the turnover of biometric personal data, as well as at the legislative level, this status is assigned to computer handwriting (see, for example, individual US states, in particular California, China, the European Union, etc.) [32; 19, pp. 97-116]. In addition, it is possible at the legislative level to establish an obligation for all software developers to implement keyloggers into their computer devices and provide information about the computer handwriting of users at the request of state representatives. However, a scenario in which there will be an obligation for everyone to install a licensed state keylogger configured to transmit information in real time to the state database seems to be a higher priority. The latter can be either a fully autonomous system or a dedicated unit in a Single biometric System. We believe that this would make it easier to solve the tasks of identifying the executor of the printed text in the framework of activities for the disclosure and investigation of crimes. At the same time, increased requirements for the security of state databases are more likely to guarantee the safety of information about the computer handwriting of individuals in a centralized federal system. Let's make a reservation that we do not consider it right to consider in the context of legal regulation the issues of using computer handwriting in order to ensure personal information security – the most developed sphere of its use, as evidenced by scientific research and practical developments [37, p. 191], since, in our opinion, the absolute legitimization of public relations can lead to stagnation of development, and it is not required in those areas that normally function without a legal framework. However, this does not mean that those aspects of the use of computer handwriting that are of the greatest interest to specialists in the field of computer technology cannot be borrowed by the legal sphere. For example, detailing the general issues of using computer handwriting to ensure information security allows us to talk about the adaptability of the described models of access control to certain systems, individual information in various special fields of activity. For example, there is an urgent need to develop new access control systems for automated systems of the internal affairs bodies of the Russian Federation, mainly in order to ensure the security of the critical information infrastructure of the state [38, p. 22], which, however, should be considered within the framework of information law. 4. As for commercial persons, at the present stage, no prohibitive measures should be introduced, however, an obligation should be provided for companies that select information about computer handwriting, an obligation to warn users about it and obtain their consent, for example, according to the model introduced for Cookies [39]. It even seems, on the contrary, very useful that commercial companies today record information about computer handwriting, since before the launch of the state system it is the only source of obtaining free samples of computer handwriting, without which it is difficult to conduct identification expert studies. In addition, such activity of companies, similar to the personal use of keyloggers, contributes to progress in this area, allows us to talk about the relevance, relevance and development of technology. Thus, we have presented possible answers to the stated problematic questions in the field of using information about the computer handwriting of users. However, they cannot be considered exhaustive and the urgent need for further study of this topic by various research teams should be recognized. In the legal environment, computer handwriting is a fairly young phenomenon, which, in this regard, requires a comprehensive study. We believe that information about him in the conditions of accelerating digitalization can become indispensable for the detection and investigation of crimes, taking the place of information about the traditional handwritten handwriting of a person whose expert research has historically been very widespread [40, p. 197; 41, p. 4]. However, in order for such use to become possible, it is necessary to create a centralized state system (or allocate a block in the existing one) for the widespread collection of information about computer handwriting. Since a person will be able to access data on printing speed, input dynamics, pressing force, time interval between keystrokes, etc., only by being an authorized person and in situations where this information is necessary to solve state tasks, and increased security requirements are imposed on state databases, we can talk about that the most important rights of citizens to the inviolability of their private life and the preservation of personal secrets will be respected. We fully share the position of I. Y. Ostapovich and A.V. Nechkin, who believe that "new problems caused by the peculiarities of the implementation of these values on the Internet require the development of the most effective mechanisms for their protection in the new conditions of implementation, and not a complete rejection of them under the pretext of their protection" [29, p. 566]. We believe that when implementing the model described by us for the widespread collection of computer handwriting indicators, it will be quite possible to maintain this balance between freedom and security, but this requires a deep and detailed study of all the possibilities and potential risks. The research was carried out at the expense of the grant of the Russian Science Foundation No. 23-78-10011, https://rscf.ru/project/23-78-10011 /
References
1. Salikov, M. S., Nesmeyanova, S. E., Kolobaeva, N. E., Kuznetsova, S. S., & Mochalov, A. N. (2020). Right to access to the Internet, anonymity and identification of users (constitutional and legal problems). Ed. by M. S. Salikov. Ekaterinburg: Publishing house UMC UPI.
2. Ivanov, V. V., Zuev, D. I. (2022). Digital twins digital personality: concept, correlation, significance in the process of committing cybercrime and in law in general In Legal State: Theory and Practice, 4, 138–144. doi:10.33184/pravgos-2022.4.19
3. Rossinskaya, E. R. (2021). About the subject and content of the doctrine of information-computer criminalistic models of computer crimes In Actual problems of criminalistics and forensic expertise: Proceedings of the International Scientific and Practical Conference, Irkutsk, 12 March 2021. Irkutsk: East-Siberian Institute of the Ministry of Internal Affairs of the Russian Federation, 167-171.
4. Uimin, A. G. G., & Morozov, I. M. (2022). Comparative analysis of continuous online authentication tools and anomaly detection systems for continuous user identity verification In T-Comm: Telecommunications and Transport, 16, 5, 48–55. DOI:10.36724/2072-8735-2022-16-5-48-55.
5. Alenizi, A., Al-Karaw, & Kh. A. (2023). Effective Biometric Technology Used with Big Data In Proceedings of Seventh International Congress on Information and Communication Technology, pp. 239–250. DOI:10.1007/978-981-19-2394-4_22
6. Syed Idrus, S. Z. (2014). Soft Biometrics for Keystroke Dynamics. Computer Vision and Pattern Recognition. Universit´e de Caen Basse-Normandie.
7. Skuratov, S. V. (2010). Using keyboard handwriting for authentication in computer information systems In Information Technology Security, 17, 2, 35–38.
8. Lozhnikov, P. S., & Sulavko, A. Е. (2017). Application of quadratic form networks for subject recognition based on dynamic biometric images In Dynamics of systems, mechanisms and machines, 5, 4, 77–84. doi:10.25206/2310-9793-2017-5-4-77-84
9. Art_Andrei13 (2022). World biometrics market: main trends In Hubr. Digital Rights Centre company blog [Electronic resource]. Retrieved from https:Inhabr.com/ru/companies/digitalrightscenter/articles/670126/
10. Forsen, G., Nelson, M., & Staron, R. Jr. (1977). Personal attributes authentication techniques. Technical Report RADC-TR-77-333. Rome: Air Development Centre.
11. Akkaeva, H. A. (2014). Problems of using modern biometric technologies in information retrieval systems of citizens' registration In Historical, philosophical, political and legal sciences, culturology and art history. Issues of theory and practice, 4-1(42), 13–16.
12. Rastorguev, S. P. (1993). Programme methods of information protection in computers and networks, Moscow: Publishing House of the Agency «Yachtsman».
13. Lu, H.-R., Wang, W.-Y. (2006). Biologic verification based on pressure sensor keyboards and classifier fusion techniques In IEEE Transactions on Consumer Electronics, 52(3), 1057–1063.
14. Chevychelov, I. N., & Kalutsky, I. V. (2015). Training of software authentication system based on keyboard handwriting In Modern Instrumental Systems, Information Technologies and Innovations: Collection of scientific papers of the XII-th International Scientific and Practical Conference in 4 volumes, Kursk, 19-20 March 2015. Editor-in-Chief: Gorokhov A. A. Volume 4. Kursk: Closed Joint Stock Company «Universitetskaya kniga», 240–242.
15. Sapiyev, A. Z. (2021). Computer handwriting as a way to identify users in the network In Vestnik of Vologda State University. Series: Technical Sciences, 4(14), 17–19.
16. Abzalov, A. R., Zhiganov, A. V., & Samigullina, R. R. (2020) Authentication of users by keyboard handwriting when using automatic proctoring systems In National interests: priorities and security, 16, 3(384), 582–596. doi:10.24891/ni.16.3.582
17. Tarasova, L. V. (2020). Possibilities of signature as a biometric method of authentication In Technologies of the XXI century in jurisprudence: Proceedings of the Second International Scientific and Practical Conference, Ekaterinburg, 22 May 2020. Edited by D. V. Bakhteev. Ekaterinburg: Federal State Budgetary Educational Institution of Higher Education «Ural State Law University», 583–589.
18. Grishin, I. Yu., Timirgaleeva, R. R., & Mironov, M. V. (2017). Method of biometric identification of the learner in e-education systems In Modern information technologies and IT-education: Collection of scientific papers of the II International Scientific Conference and XII International Scientific and Practical Conference, Moscow, 24-26 November 2017. Edited by V. A. Sukhomlin. Moscow: Laboratory of Open Information Technologies of the Faculty of VMK of Lomonosov Moscow State University, 127–132.
19. Salikov, M. S., Nesmeyanova, S. E., Kolobaeva, N. E., Kuznetsova, S. S., & Mochalov, A. N. (2022). State regulation of the Internet and human rights. Edited by Dr. of Law, Professor M. S. Salikov. Ekaterinburg: UM UPI Publishing House.
20. Mashtanov, P. N., & Martynyuk, M. V. (2021). Review of current issues of biometric identification based on the features of keyboard handwriting In Information systems and technologies ist-2021: Proceedings of the XXVII International Scientific and Technical Conference. Nizhny Novgorod State Technical University named after R. E. Alekseev. R. E. Alekseev Nizhny Novgorod, 23-24 April 2021. Nizhny Novgorod: R. E. Alekseev Nizhny Novgorod State Technical University. R. E. Alekseev, 527–531.
21. Pashchenko, D. V., & Balzannikova, E. A. (2020) Continuous user identification by keyboard handwriting using a representation based on the state context In XXI century: results of the past and problems of the present plus, 9, 3 (51), 74–79. doi:10.46548/21vek-2020-0952-0012
22. Solomatin, M. S., & Mitrofanov, D. V. (2020). Use of biometric authentication methods in automated control systems using keyboard handwriting In Proc. of MAI [online scientific edition], 114. Retrieved from https:Intrudymai.ru/published.php?ID=119013. DOI: 10.34759/trd-2020-114-18
23. Dovgal, V. A. (2016). Review of performance characteristics of data sets used to ensure information security based on keyboard handwriting. In Bulletin of Adygeya State University. Series 4: Natural-mathematical and technical sciences, 4(191), 157–163.
24. Turutina, E. E. (2021). Analysis of the methods of electronic and biometric authentication in access control systems In Vestnik NCBZhD, 2(48), 168–175.
25. Zhukov, M. N. (2021). The validity of the use of biometric data in forensic science: History of the issue and problems of legal protection of personal data In International Research Journal, 12-4(114), 164–167.
26. Fundamentals of the theory of electronic evidence: a monograph (2019). Ed. by S. V. Zuev, Doctor of Jurisprudence. Moscow: Yurlitinform.
27. Fedorov, I. Z. (2019). To the question of establishing the executor of electronic text by keyboard handwriting in the detection and investigation of crimes In Bulletin of Barnaul Legal Institute of the Ministry of Internal Affairs of Russia, 2(37), 113–116.
28. Foigel, E. I. (2023). Modern trends and prospects for the development of criminalistic teaching on the personality of participants in criminal proceedings In Academic Law Journal, 24, 1(91), 101–108. doi:10.17150/1819-0928.2023.24(1).101-108
29. Ostapovich, I. Y., & Nechkin, A. V. (2022). Realisation, and protection of human rights in the Internet: problems of correlation and In Vestnik of St. Petersburg University. Law, 13, 2, 565–580. doi:10.21638/spbu14.2022.217
30. Bakhteev, D. V. (2020). Artificial intelligence in investigative activity: tasks and problems In Russian investigator, 9, 3–6. doi:10.18572/1812-3783-2020-9-3-6
31. Bessonov, A. A. (2019). Some promising directions of further development of Russian criminalistics In Academic Thought, 3(8), 22–27.
32. Kryzhevich, L. S. (2021). Methods for determining the user's personality on the basis of individual features of computer handwriting In Vestnik VSU. Series: System analysis and information technologies, 3, 47–58. doi:10.17308/sait.2021.3/3735
33. Keyboard spy keylogger (keylogger) on the guard of enterprise cybersecurity (2020). In Bitcop [Electronic resource]. Retrieved from https:Inbitcop.ru/monitoring/keyloggers
34. Monrose, F., & Rubin, A. (1997). Authentication via Keystroke Dynamics In Proceedings of the Fourth ACM Conference on Computer and Communication Security, Apr 1, 1997. Zurich, Switzerland, 48–56.
35. Stepenko, V. E., & Bogdanovskaya, A. D. (2020). Biometric personal data In Eurasian Union of Scientists, 4-10(73), 15–19.
36. Poluyanova, E. V. (2020). Normative regulation of legal relations related to biometric personal data in the Russian Federation In Bulletin of Vladimir Law Institute, 3(56), 122–126.
37. Fedotov, N. N. (2007). Forenzika – computer forensics. Moscow: Yuridichesky Mir.
38. Batskikh, A. V., Drovnikova, I. G., & Zarubin, V. S. (2022). Basic aspects of modification of subsystems of information access control in automated systems of internal affairs bodies on the basis of research of keyboard handwriting of users In Vestnik Voronezh Institute of the Ministry of Internal Affairs of Russia, 4, 21–32.
39. Wenxin, Y., Xingshu, Ch., Yi, Zh. [et al] (2023). HTTP Cookie Covert Channel Detection Based on Session Flow Interaction Features In Security and Communication Networks, 10, 1–16. doi:10.1155/2023/1348393
40. Savkin, A. A. (2021). Forensic handwriting examination: the importance and problems of its production. In Criminal policy at the present stage: Proceedings of the International Scientific and Practical Conference held in the framework of the II Baikal Legal Forum, Irkutsk, 23–25 September 2021,. Irkutsk: Baikal State University, 194–199.
41. Barkova, T. V. (2021). Ways to increase the reliability of expert conclusion using modern technologies. In Application of modern technologies in jurisprudence: topical issues of theory and practice: Proceedings of the International Scientific and Practical Conference, Krasnoyarsk, 21 May 2021, Krasnoyarsk: Krasnoyarsk State Agrarian University, 3–6.
Peer Review
Peer reviewers' evaluations remain confidential and are not disclosed to the public. Only external reviews, authorized for publication by the article's author(s), are made public. Typically, these final reviews are conducted after the manuscript's revision. Adhering to our double-blind review policy, the reviewer's identity is kept confidential.
The list of publisher reviewers can be found here.
A REVIEW of an article on the topic "Information about computer handwriting: problems of finding a balance between individual freedom and state security". The subject of the study. The article proposed for review is devoted to topical issues of the use of personal data used in online resources in order to ensure the security of the state. As the author himself points out in his article, "This task is very successfully solved by biometric technologies, which allow, in addition, to increase the level of personal information security by configuring two-factor authentication systems for access to the system [4, p. 49]. It is their research from the perspective of the prospects of introduction into public life that is the subject of this study." The specific subject of the study was the norms of legislation, opinions on doctrines, and empirical data. Research methodology. The purpose of the study is stated directly in the article: "The purpose of this study is to prove the prospects and acceptability from the point of view of compliance with constitutional norms of widespread technology for identifying and authenticating users of computer devices based on information about their computer (keyboard) handwriting." The methodological basis is also indicated: "both general scientific and special methods were involved. The most significant of all were: the method of analogy (when projecting the legal regimes of already implemented biometric systems onto new technologies), deduction (when projecting the general features of biometric data onto individual particular examples), comparative law (when comparing the legislative regulation of biometric data in different countries), systemic (to harmonize doctrinal and legal approaches), a modeling method (when designing possible scenarios for expanding the number of biometric technologies used to improve state security), etc.". In particular, the author uses a set of general scientific methods of cognition: analysis, synthesis, analogy, deduction, induction, and others. In particular, the methods of analysis and synthesis made it possible to summarize and share the conclusions of various scientific approaches to the proposed topic, as well as to draw specific conclusions from empirical data. The most important role was played by special legal methods. In particular, the author actively applied the formal legal method, which made it possible to analyze and interpret the norms of current legislation (first of all, the norms of the legislation of the Russian Federation). For example, the following conclusion of the author: "One of the legal mechanisms that we pointed out in the previous paragraph may be the detailed regulation of the issues of recording and using information about computer handwriting. To begin with, you can add a mention of it in Article 3 of Federal Law No. 152-FZ dated 07/27/2006 "On Personal Data", revealing along with the rest of the basic concepts. Expanding the scope of its application may require making appropriate additions to other regulatory legal acts, the existing indication of the existence of computer handwriting exclusively in GOST standards will soon be insufficient." Thus, the methodology chosen by the author is fully adequate to the purpose of the study, allows you to study all aspects of the topic in its entirety. Relevance. The relevance of the stated issues is beyond doubt. There are both theoretical and practical aspects of the significance of the proposed topic. From the point of view of theory, the topic of using the so-called "digital footprint" in order to ensure the security of the state is complex and ambiguous. There are both legal and ethical aspects to this problem. It is difficult to argue with the author that "the state is interested in maximum control of the virtual environment. In particular, while preserving the right of users to anonymity, it wants to develop a mechanism for identifying citizens, deanonymizing their identity in case of such a need." At the same time, the question remains whether the rights and legitimate interests of the individual himself will not be limited in this case. Thus, scientific research in the proposed field should only be welcomed. Scientific novelty. The scientific novelty of the proposed article is beyond doubt. Firstly, it is expressed in the author's specific conclusions. Among them, for example, is the following conclusion: "In the legal environment, computer handwriting is a fairly young phenomenon, which, therefore, requires comprehensive study. We believe that information about him in the context of accelerating digitalization can become indispensable for the detection and investigation of crimes, taking the place of information about the traditional handwritten handwriting of a person whose expert research has historically been very widespread. However, in order for such use to become possible, it is necessary to create a centralized state system (or allocate a block in the existing one) for the widespread collection of information about computer handwriting." These and other theoretical conclusions can be used in further scientific research. Secondly, the author offers conceptual ideas on the formation of legislation in the declared area, which can be useful in law-making activities, as well as for specialists in this branch of law. Thus, the materials of the article may be of particular interest to the scientific community in terms of contributing to the development of science. Style, structure, content. The subject of the article corresponds to the specialization of the journal "Security Issues", as it is devoted to legal problems related to the definition of the problem of using the "digital footprint" of an individual in order to ensure the security of the state. The content of the article fully corresponds to the title, since the author has considered the stated problems, and has generally achieved the purpose of the study. The quality of the presentation of the study and its results should be recognized as fully positive. The subject, objectives, methodology and main results of the study follow directly from the text of the article. The design of the work generally meets the requirements for this kind of work. No significant violations of these requirements were found. Bibliography. The quality of the literature used should be highly appreciated. The author actively uses the literature presented by authors from Russia and abroad (Salikov M.S., Nesmeyanova S.E., Kolobaeva N.E., Kuznetsova S.S., Mochalov A.N. Wenxin Y., Xingshu Ch., Yi Zh. and others). Thus, the works of the above authors correspond to the research topic, have a sign of sufficiency, and contribute to the disclosure of various aspects of the topic. Appeal to opponents. The author conducted a serious analysis of the current state of the problem under study. All quotes from scientists are accompanied by author's comments. That is, the author shows different points of view on the problem and tries to argue for a more correct one in his opinion. Conclusions, the interest of the readership. The conclusions are fully logical, as they are obtained using a generally accepted methodology. The article may be of interest to the readership in terms of the presence of the author's systematic positions in it with regard to the prospects for the widespread dissemination of technology for identifying and authenticating users of computer devices based on information about their computer (keyboard) handwriting. Based on the above, summing up all the positive and negative sides of the article, "I recommend publishing"
Link to this article
You can simply select and copy link from below text field.
|
|
