The bill on cooperation in the field of information security between Iran and Russia was approved in the parliament. This approval has caused many concerns
According to the Iran digital economy annotation, The bill on cooperation in the field of information security between Iran and Russia was approved in the parliament. The approval of this bill has resulted in many concerns such as non-compliance with the confidentiality of information, which legal advisors have also confirmed many of these concerns. They believe that this bill has ambiguities and these ambiguities can create problems in the future.
A bill in 9 articles and an appendix with the aim of “combating the aforementioned threats and strengthening information security, fighting crimes committed in the use of information and communication technologies, technical and technological assistance and international cooperation” is one step closer to implementation.
The review of the cooperation agreement in the field of information security between the government of the Islamic Republic of Iran and the government of the Russian Federation, which was announced last week, has been placed on the agenda of the parliament, but following the news of the approval of this bill, a wave of concerns arose about its consequences in various aspects.
For example, as it appears from the text of the memorandum, its special focus is on the “Internet” issue, which has worried many experts about the possibility of the emergence of the “digital colonization” phenomenon.
From China to Russia, the story is the same
This type of contracts has been a precedent before the memorandum of understanding between Iran and Russia. For example, when Iran became a full member of the Shanghai Cooperation Organization in 2021, one of the obligations of the Iranian government to become a member was to join the “Cooperation Agreement in the Field of Ensuring International Information Security between the Member States of the Shanghai Cooperation Organization”, which Iran was obliged to do at the beginning of 2023 become a member of it.
On the other hand, Iran has other agreements with Russia; Including the “Law on the Agreement on Scientific and Technological Cooperation between the Government of the Islamic Republic of Iran and the Government of the Russian Federation” and the “Law on the Agreement between the Government of the Islamic Republic of Iran and the Government of the Russian Federation for Assistance in Civil and Criminal Cases”. It is worth noting that previous agreements could have enumerated the goals and the information security agreement could easily fulfill them.
The point is that some legal experts believe that the order and headings of the information security agreement with Russia are exactly taken from the Shanghai Information Security Agreement, but its content is more like a bad, incoherent and in some cases incorrect adaptation of this document. Here, the question that arises is that despite the fact that Russia is a member of the Shanghai Cooperation Organization, what is the need to conclude a separate agreement with Russia?
Fear of Russian domination
In accordance with Article 9, 152 and 153 of the Constitution, the government is responsible for maintaining the comprehensive independence of Iran, and any agreement that results in the domination of a foreign country, even in cultural fields, is prohibited. But the worrying thing about the recent agreement between Iran and Russia is the generality and vagueness of its literature; In addition, the parliament does not supervise the agreements made under this contract.
In this regard, “Saina Motamedi”, a legal expert, told: “The biggest problem with the general document is its vagueness.” It seems that not much time was spent in preparing its text and the document was prepared far from any precision required for law writing. It is also more like a poor translation of the Shanghai document, some of its provisions may be suitable for the text of a non-binding memorandum, but it is not suitable at all as a draft text of the law.
Internet rights activist Hamid Bidi pointed out the problems of this agreement in the content layer in his note in Ham mihan newspaper and wrote: “In this agreement, political, cultural, moral and social information that leads to instability is discussed several times. The political situation of these countries has been mentioned. In the text of the bill, the release of this information is considered harmful and this bill has proposed solutions to deal with their release.
According to the current approach of Internet governance in two countries, the most important example of this issue can be considered more advanced technologies for filtering or listening. If we look at the mentioned keywords and the spirit governing the text of the agreement, we will notice the literature related to the Cold War period; In such a way that they are trying to create an independent network for themselves under the Eastern Bloc to confront the Western Bloc network.”
In line with the vagueness of the text and the uncertainty of the limits of authority, “Mohammadreza Nouri Qazaljeh”, the representative of the people of Bostan abad, expressed his concern in the 11th parliament and said: “Given that the information of a country means the security of that country, why should we give authority that is known No, what is the limit? Therefore, it must be said that the lack of clarity of its border is a fundamental problem of this agreement, and these problems should be taken into serious consideration and resolved.”
The agreement between Iran and Russia is a way to prevent cyber attacks
“Reza Ayazi”, a technology law researcher, considers this agreement to be a big event in the discussion of cyber security in the world. About this agreement, he told: “With this agreement, Iran is Russia’s partner (assisting each other) in cyberspace.”
According to him, the founder of these approvals is Russia, and Iran stands next to this country as a partner. Iazi stated that the purpose of such an agreement is to launch a coalition against American actions and said: “Imagine that all countries form a convention in which cyber attacks will no longer take place. Currently, Russia and Iran are friends and Russian users feel comfortable. “An attack against Iran will not be carried out, or if it occurs, it will be detectable.”
Ayazi has a different point of view about this agreement and is very optimistic about it. He believes that the level of influence of this agreement should not be reduced to the discussion of internal issues and normal users of social networks, rather, in this memorandum, data exchange is a way to track crime and investigate attacks.
Referring to the data exchange discussed in this agreement, this technology law researcher stated: “It is supposed that if attacks are carried out from inside Russia against Iran, specific IP addresses and authentication of people can be requested from this country.”
Emphasizing that the participation of Iran and Russia in this field is a good thing, Ayazi said: “The supervisor of this agreement is the Supreme Council of Cyberspace and the National Center of Cyberspace, and the negotiations have been carried out with this center as a focus since last year.”
Nevertheless, Ayazi does not deny the concerns raised regarding this agreement: “One of the concerns surrounding this agreement is the interpretability of some of its articles. For example, one of the threats mentioned in this article is the dissemination of harmful information for socio-political systems and the spiritual, moral and cultural environment of governments; A threat that seems interpretable and a lot of information can be categorized under this threat.
The importance and problems of translation in the text of the memorandum
Regarding the examples of ambiguities in the text of the memorandum, Motamedi told: “In Article 1, which is about definitions, many important words such as the words “information”, “internal information security” and “information space” used in the document do not have a clear definition.
Most importantly, ambiguity is the word information. In this way, it is not clear what kind of information is meant in this text; The question is whether the information in the virtual or online space, the personal information of people, the information related to public and government data or all of these information, are the purpose of this memorandum? As a result, the most basic principle, which is the subject of this agreement, has a lot of ambiguity.
In this regard, it should be said that in many important cases, provisions have not been foreseen. For example, what is the duty of the personal information of people that is provided to the Russian government? Is it allowed to transfer, store and process data and information of Iranian nationals outside of Iran? Another point is that the terms defined in the text, such as the term “information security”, have vague, vague, irrelevant definitions and even serious writing errors. These cases are examples of incorrect, incomplete and clumsy translations of the Shanghai document.”
Motamedi believes that if we compare the text of this memorandum with the Shanghai document, we will realize that many problems are caused by incomplete adaptation. What is replaced in this text is also not without problems. In this regard, he told: “Some of the clauses that have replaced the main provisions of Shanghai, such as the clause of “engaging in actions that violate sovereignty and territorial integrity”, are not directly related to the field of information. In the “major threats in the field of information security” all, except one, are measures against national security and not necessarily measures against information security.
Finally, this legal expert pointed out that the framework of cooperation in this agreement is not clear: “The decision-making power to determine the details and side agreements has been entrusted to the institutions related to the intelligence field of the two countries, and the Parliament and the Guardian Council will not have supervision in these cases.”
But finally, the point that worries many people is the issue of security in this bill. Referring to this concern, Motamedi emphasized: “The issue of confidentiality is the non-disclosure or misuse of information by the government of the parties, for which no executive guarantee is provided; Therefore, the text of this bill is more similar to the format of the memorandum than to the law.”
No Comment! Be the first one.