In the process of application, smart justice based on Internet information technology will collect, analyze, and store massive amounts of data, including a large number of state secrets, commercial secrets, and personal privacy, which is deeply related to national security. The traditional data security risks represented by storage security and the new data security risks represented by computing security are intertwined and integrated, which has become a common challenge for smart judicial data protection. In terms of epistemology, with the overall national security concept as the guiding concept, it should be made clear that maintaining judicial data security is to preserve national security, maintaining judicial data security should be carried out with systematic thinking, and the prevention and resolution of major risks requires adhering to the development of smart justice. In terms of methodology, measures such as improving laws and regulations, cultivating scientific and technological talents in judicial organs, and establishing a data protection linkage mechanism are feasible paths.
I. Formulation of the problem
With the development of Internet technology, emerging technologies such as big data, blockchain, metaverse and cloud computing have played an increasingly active role in social production. In recent years, various online judicial activities, represented by online case filing and online litigation, have been more widely used in practice, and the implementation of judicial interpretations such as the Online Litigation Rules of the People's Courts has further promoted the development of smart justice. Its application can improve the efficiency of judicial personnel internally, and expand the channels for the masses to participate in the judiciary externally, which can not only realize the optimization of judicial management, but also be an important embodiment of the concept of people's justice for the people.
However, today's world is undergoing major changes unseen in a century, and non-traditional security threats such as cyber security and technology security are becoming increasingly serious. Smart justice is built on the basis of Internet technology, and its operation is mainly completed on the Internet, and the generated judicial data will flow and store in the Internet. This includes a large number of state secrets, trade secrets, citizens' personal information, privacy, etc., and the risks they face are self-evident. General Secretary Xi Jinping pointed out that "the connotation and extension of national security on the mainland are richer than at any time in history, the field of time and space is broader than at any time in history, and the internal and external factors are more complex than at any time in history". Therefore, from the perspective of national security, this paper examines the practical risks faced by the data protection of smart justice, and tries to put forward countermeasures for the data protection of smart justice in the future under the guidance of the overall national security concept. It should be noted that the data in this article refers to "the recording of objective things" in the legal concept, because the use of a broader concept can maximize the scope of information recorded, processed and generated in the judicial process into the scope of protection, which is consistent with the concept of the overall national security concept and is also conducive to the full protection of national security.
II. Risks Faced by Smart Judicial Data Protection
At present, the world situation is complex and changeable, the undercurrent behind the political and military games of all parties is surging, traditional security and non-traditional security issues are intertwined, and the economic, cultural, cyber, and scientific and technological fields have become the stage of competition between countries. In the face of security threats, we should think in peace, take precautions, and correctly understand the urgent threats facing the non-traditional security fields of the mainland under the guidance of materialist dialectics. Smart justice is essentially a data-intensive activity that aggregates, processes and transforms a large number of diverse data, "the fluidity and complexity of data-intensive activities not only greatly increase the traditional data security risks, but also trigger new data security risks and challenges", the traditional data security risks lie in the security of storage, and the new data security risks lie in the security of computing, which together constitute the overall security of data protection.
(1) Storage security - overseas cyber attacks and theft
Storage security is the most important traditional risk facing data protection, and overseas cyber attacks are the most important threat to data storage security in mainland China. On the one hand, it destroys the mainland's network infrastructure and related resources through distributed denial-of-service attacks (DDoS) and other cyber attack methods, and on the other hand, it steals mainland Internet information by implanting website backdoors. In 2019, 2020 and the first half of 2021, the China National Internet Emergency Response Center (CNCERT) released a report on the security of the Internet, which found that 91.3%, 96.21% and 97.1% of the active control ends of high-volume DDoS attacks in the mainland were located overseas, respectively, indicating that cyber attacks from abroad seriously threatened the security of the mainland's information network. Hackers who remotely control, read, and modify database data by implanting backdoors in the mainland network system also need to be vigilant, among which 717 mainland government websites (.gov) were invaded in 2019 and 256 in 2020. Although this data has declined due to the gradual improvement of the mainland's Internet security protection capabilities, such behaviors are still an important source of risk for stealing database data. The main body of the use of smart justice is mainly courts, procuratorates and other judicial organs, the websites of these departments belong to government websites, using the website suffix of .gov, although it is impossible to further indicate its proportion in the intrusion of government websites, but it is obvious that the risk of implanting a backdoor always threatens the storage security of smart judicial data.
With the strengthening of Internet combat forces in various countries in recent years, systematic and professional Internet attack activities from abroad have become more frequent and active, and the threat to mainland data storage has become increasingly urgent. Japan has established a cyber self-defense force since 2014, positioned it as a high-level force in 2017, and positioned cyberspace as a fifth battlefield in the National Defense Program Outline in 2018. The establishment of the National CyberForce (NCF) in November 2020 further illustrates the UK's increased aggressiveness towards cyber warfare, with some commentators arguing that "in essence, the NCF is an integration of the UK's long-standing cyber warfare forces". Coincidentally, a report released by China's National Computer Virus Emergency Response Center on the cyber attack on Northwestern Polytechnical University this year pointed out that the source of the attack was the "Specific Intrusion Operations Office" under the US National Security Agency, which used 41 cyber attack weapons to try to steal core technical data such as the university's network configuration data.
Due to the role and status of judicial organs in the process of resolving disputes, they store a large amount of social data, which includes not only the personal information of the parties concerned, but also all kinds of administrative, commercial and trade information involved in the case, and so on. In the past, judicial activities were carried out in the form of paper case files, the risk of information leakage is small, and even if the scope of harm caused by leakage is relatively limited, it is easy to control. Now using the smart judicial system, a large amount of judicial data needs to be turned, analyzed and stored on the Internet, and the depth and breadth of its potential risks are no longer the same as the era of paper justice.
(2) Computing security - the potential risk of algorithmic black box
The algorithmic black box is a theory borrowed from cybernetics, which refers to the factual state of the calculation result when the specific calculation process of the algorithm cannot be known to the public. "The privacy of the algorithmic logic and source code and its inability to be transformed into visibility technology and disclose it to the parties" is the fundamental reason for the emergence of algorithmic black boxes. As the technical origin of the development of smart justice, the core data of judicial artificial intelligence algorithms is mostly held by third-party technical service contractors, and most of them are not transparent to the public due to trade secrets and intellectual property rights, which is essentially the existence of an algorithm black box. "As of August 2021, more than 3,200 courts at all levels across the country have achieved strategic cooperation with technology companies, accounting for 90.5% of the total number of courts in the country. More than half of the courts that have implemented information outsourcing have implemented outsourcing cooperation with a number of technology companies...... Large companies are the main strategic partners, and many small and medium-sized companies are also involved in the construction. "On the one hand, the current situation of diversified partners in smart justice will promote competition and optimize algorithm models, but on the other hand, it will further cause difficulties in understanding algorithms, exacerbate the emergence of black boxes, make the phenomenon of data islands more serious, and cause the contradiction of two laws that are not conducive to the unification of judicial adjudication standards.
On the one hand, computational security is the security of the algorithm itself, and "algorithm risk in the intelligent era begins with the algorithm itself" specifically refers to the independence of the algorithm model and the confidentiality of the source code of the model ontology. The generation and improvement of an algorithm is highly dependent on big data, from the moment of its birth, it condenses the information crystallization of countless data, and the algorithm as an emerging independent system of human-computer interaction and the traditional pure technology has a difference, and its technical concept may have subversive changes to the logic of the future social operation. As far as smart justice is concerned, the current judicial algorithm is not only a tool for document management, but also plays the role of assisting the subject in decision-making in litigation activities, affecting people's value judgment and choice to a considerable extent, and the prevalence of the black box phenomenon makes this process more uncertain and risky. Therefore, whether it is the basis of the logic of digital social behavior or as a scientific and technological achievement with intellectual property rights, the design and maintenance of the security of the algorithm ontology are worthy of attention, and the algorithm model of smart justice should be in their own hands.
Another aspect of computational security is the security of the computational results. In the scenario where the early warning system for the analysis of similar cases and judgments is used, the judicial artificial intelligence algorithm provides judges with the analysis of judgments of similar cases in the past, explains the various procedural elements of historical judgment cases, and helps or guides judges' adjudication activities. If the fitting process of the algorithm encounters data pollution or artificial tampering with the fitting model, but the judicial authorities cannot detect it in time due to the existence of the algorithm's black box, then the calculation results of the deduction will inevitably cause the value bias of the adjudication, and the consequence may be that the technology breaks through the boundary between artificial intelligence technology and judicial attributes, resulting in the spatial risk point of external human intervention in the judiciary.
III. The Enlightenment of the Overall National Security Concept to Smart Judicial Data Protection
The construction of smart justice in mainland China enables data to flow in the whole process of justice, and smart case filing, smart trial, smart execution and smart document management are profound and all-round changes from "paper field litigation" to "digital intelligent litigation". For a country, the judiciary is the bottom line of economic development order, the guarantee for resolving social disputes, and the cornerstone of safeguarding national security. It is precisely because of the important role of the judiciary in a country that judicial reform should be incorporated into the vision of national security and carried out and promoted under the guidance of the overall national security concept.
(1) Maintaining the security of judicial data is preserving national security
Maintaining the security of judicial data is safeguarding national security. On the one hand, as a part of the legal superstructure, judicial security is closely related to political security, and political security is an important part of traditional national security; on the other hand, smart justice is a judicial modernization model based on the Internet and scientific and technological technology, and network security and scientific and technological security are important parts of non-traditional security, so maintaining the data security of smart justice is the due meaning of the overall national security concept.
Specifically, take the adjudication process of a civil justice case as an example. The judges of the case filing division conduct a formal review of the complaint submitted by the parties on the smart case filing system, and the cases that meet the conditions for case filing are assigned to the presiding judge of the trial business division through the case management system, and the presiding judge conducts adjudication activities such as reading the case file, holding court hearings, collegial deliberations, and making judgment documents. The identity information of the parties, the basic facts of the case, and the evidence submitted to prove the facts required for adjudicating the case will all be circulated in the smart justice system. If it is a criminal case, the relevant file information will also be retained in the smart police system of the public security organ and the smart procuratorial system of the procuratorate. According to the 2021 National Court Statistics Bulletin released by the Supreme People's Court, in 2021 alone, the national court system accepted more than 31.5 million cases.
With the changes in the national security situation, traditional security and non-traditional security are increasingly intertwined and integrated. The above arguments show that the mainland is facing the current situation of the interweaving of traditional data security and new data security issues in the micro field of smart judicial data protection, which is consistent with the proposition in the macro field of overall national security, so it is natural legitimacy and rationality to use the overall national security concept as a theoretical benchmark to guide smart judicial data protection. It can be considered that the security of judicial big data is profoundly related to the overall stability of the country, the stability of economic development, and the stability of social order, and the protection of judicial data security is to maintain national security.
(2) Use systematic thinking to protect data on smart justice
The overall national security concept is a comprehensive and systematic high-level non-traditional national security concept, and the overall national security concept tells us that in order to scientifically and reasonably protect the data collected, analyzed, and stored in the process of realizing smart justice, systematic and systematic thinking should be used. Marxist materialist dialectics reveals that the relationship between the system and the elements is a dynamic relationship between the whole and the parts, and the development of the system is inseparable from the development of the elements, each of which has irreplaceable value in the system, and the development of the elements is also inseparable from the support of the system. Therefore, in this dynamic process, the essence of deepening the understanding of smart judicial data protection issues is to carry out data protection work through systematic thinking and look at the problem from a comprehensive and connected perspective.
Looking at the problem from a comprehensive perspective is to understand and grasp the overall situation of the system. It is necessary to consider each element of smart judicial data, tailor-made according to its attributes, judicial rules and other factors, not only to formulate a targeted data protection plan, but also to consider the systematization of their interconnection, so as to achieve the effect that one plus one is greater than two. In particular, the top-level design of data protection should comprehensively consider factors such as existing laws and regulations, resources, technical capabilities, and differences in the level of electronic digital infrastructure between different regions on the basis of full research, and formulate a more comprehensive and systematic Chinese plan for smart judicial data protection.
Looking at the problem from the perspective of connection, the development of smart justice is a vivid process. It includes the cloud court for online litigation, intelligent recognition of trial records, electronic management of documents and files, analysis and early warning of similar cases and judgments, and mobile micro-courts that provide online case filing and online evidence preservation. For example, the data protection of online litigation should focus on the security of the cloud litigation process, that is, the signal interruption caused by malicious interception of trial information or attack on the cloud platform in the process of online trial should ensure the stability and reliability of the entire online litigation process; Litigation involving crimes endangering national security and military-related litigation may contain a large number of state secrets. Although the focus is different due to different links, different factors should be linked in the process of establishing a data protection mechanism, and the technical characteristics and requirements of each link should be fully considered, rather than being biased.
(3) To prevent and resolve major risks, it is necessary to adhere to the development of smart justice
The new era is facing new challenges, and how to prevent and defuse major risks has a profound bearing on the security of the mainland's development and is an important issue facing national security. General Secretary Xi Jinping pointed out: "Deeply understand and accurately grasp the profound changes in the external environment and the new situations, new problems and new challenges faced by the mainland's reform, development and stability, adhere to the bottom-line thinking, enhance the sense of worry, improve the ability of prevention and control, and strive to prevent and resolve major risks." Development and security are like the two wheels of a car and the wings of a bird, and the overall concept of national security requires that development and security be properly coordinated, and development is the guarantee of security and security is the premise of development. It is necessary not only to pay attention to the external risks faced by smart justice and strive to achieve the premise of safe development, but also to persist in promoting the development of smart justice, promote the modernization of digital rule of law, and provide guarantees for further improving the protection of judicial big data.
Smart justice has greatly improved judicial efficiency with digital and informatization technology, which can effectively improve the capacity of the judicial dispute resolution mechanism and escort the stable development of society under the current situation of the blowout growth of the number of litigation cases. Taking the Guangzhou Internet Court as an example, in the three years since its establishment, the average number of cases concluded by judges has been 4,105, while the average number of cases concluded by judges in traditional grassroots courts in the same region is about 1,500. Specifically, the trial cycle of litigation in current judicial practice is still long, and the people's litigation burden on choosing litigation to resolve disputes is heavier. The application of smart justice can effectively reduce the burden of the people's participation in judicial activities, and at the same time, it can also effectively reduce the burden of judges adjudicating cases, which plays a positive role in improving judicial efficiency and enhancing the ability of the judiciary to respond to disputes. Therefore, adhering to the development of smart justice is an inevitable requirement for resolving social disputes and preventing social risks in accordance with the law, and is the way forward for the future judiciary.
IV. Paths and countermeasures for protecting the security of smart judicial data
By examining the practical risks faced by smart judicial data protection, the above illustrates the urgency and inevitability of protecting the data generated and recorded in the process of smart judicial operation. Examining the issue of smart judicial data protection with an overall national security perspective is an epistemological response to this issue. The following part moves from epistemology to methodology, and on the basis of adhering to the theory of the overall national security concept, combined with the specific situation of the current smart judicial practice, feasible countermeasures and methods are put forward for the data protection of smart justice.
(1) Fundamental: Improve data protection laws and regulations
The protection of big data generated by smart justice lies in the protection of law. The Supreme People's Court and the Supreme People's Procuratorate have respectively formulated the Opinions on Accelerating the Construction of Smart Courts and the Opinions on Deepening the Construction of Smart Procuratorial Affairs for the development of smart justice, basically realizing that there is a law to follow for data protection.
However, the mainland's data protection legislation started late, and the Data Protection Law came into effect in September 2021, and some of its provisions have not yet been refined and lack certain operability. For example, Article 21 of the Data Protection Law stipulates that data should be protected by classification and grading, the protection of important data should be strengthened, and the management of core data should be more stringent. The problem is that the law only mentions the establishment of a catalogue of important data, and only briefly explains what belongs to core data, which cannot meet the needs of data protection in practice. In addition to establishing a general catalog of important data, the Supreme People's Court, the Supreme People's Procuratorate, and other highest judicial organs shall, based on the actual conditions of trial work and procuratorial work, combined with the existing application of smart justice in the system, attempt to establish a list of smart judicial data within the system from the perspective of national security and from a high level, clarifying the definitions and categories of general, important, and core data in the judicial field, and may use "abstract generalization + specific enumeration" to provide more practical and guiding data protection norms for judicial organs at all levels.
In addition to the formulation of laws in the field of data protection, special laws on Internet justice or digital justice can be formulated with reference to the experience of extraterritorial justice. Taking the European experience as an example, Germany's e-justice law promulgated in 2013 has played an important role in regulating and guiding its judicial informatization reform, and the EU's "Electronic Identity Authentication and Private Services for Electronic Communication" has also provided assistance to member states in terms of data security and legal order security when building electronic justice.
(2) Core: Cultivating scientific and technological talents within the judiciary
Marxism believes that people are the most important factor in the productive forces, and talents can play a key role in promoting the progress of science and technology. Judicial organs need to cultivate their own scientific and technological talents, relying only on third-party technology supply can not meet the growing demand for scientific and technological talents in the development of smart justice, to avoid the emergence of black boxes in practical use, it is necessary to strengthen their own technology research and development capabilities, and grasp the main control of data. Cultivating technical talents within the judicial organs is first of all conducive to solving the problems that arise in the process of smart judicial operation in the first time, eliminating obstacles and risks in a timely manner, and ensuring the normal and safe operation of the system; secondly, the confidentiality and security are guaranteed, because of the identity of the staff of the judicial organs, their awareness of the importance of data security is relatively higher and the discipline is stronger; finally, it is helpful to reduce the expenses required for the outsourcing of the information system as a whole, improve the judicial economy, and realize the optimization of judicial benefits in the era of big data.
Although the current design of the organizational structure has a certain degree of rationality, the office has to deal with a large number of paperwork and other miscellaneous affairs on a daily basis, and it is inevitable to take care of one or the other, so the development of data protection work is still insufficient, and it is difficult to meet the specialized training of scientific and technological talents. The optimal path is to set up a special department responsible for the daily maintenance of the operation of the smart judicial system, monitor the network security status of the smart judicial system, and recruit or call talents who are proficient in computer software technology and hardware engineering when the department is formed, and form a professional smart judicial operation and maintenance team within the judicial organ to monitor the security of judicial data around the clock. The next choice is to set up a special informatization and network security section in the office, which will be responsible for the management of the smart judicial system, and report problems to the relevant person in charge in a timely manner, so as to achieve professional, timely and effective management of data security. By separating technical affairs from administrative affairs, technical talents can specialize in professional and technical affairs such as the security maintenance of smart judicial databases, the parameter adjustment of judicial artificial intelligence algorithm models, and the operation monitoring of online platforms such as online litigation and online service, so as to achieve the goal of further cultivating talents in practice.
(3) Foundation: Establish a linkage mechanism for judicial data protection
The establishment of a linkage mechanism for judicial data protection is a systematic and systematic epistemological practice of the overall national security concept, making full use of the mainland's existing national security resources to ensure the security of smart judicial data. According to article 5 of the mainland data security law and article 8 of the cybersecurity law, the leading institution for national security is responsible for decision-making, deliberation and coordination of data security efforts, the internet information department is responsible for the specific overall planning and coordination of work related to network data security, and other functional departments are responsible for the division of labor within the scope of their duties. Therefore, the establishment of a linkage mechanism should be led by the internet information department under the leadership of the leading institution for national security, to coordinate and coordinate the interconnection between judicial organs, public security organs and other relevant departments, and network technology service providers, break down information barriers between different entities, and form a joint force to maintain data security.
The first meaning of the linkage mechanism is the linkage of different subjects in the process of smart judicial operation. The first is the linkage between network technology service providers and judicial organs, when there is a problem in the data computing process and storage process of smart justice, network technology service providers should deal with it as soon as possible, and promptly explain the disposition situation, risk sources and other matters to the judicial organs using the system. The second is the linkage between judicial organs, public security organs, and state security organs, and when there is an abnormal situation in the data security of smart justice, the relevant situation shall be promptly reported to the investigating organs, and the investigating organs are to employ relevant investigative measures to investigate the cyber attack.
The second implication is to establish a linkage between the central and local governments, with the Cyberspace Administration of China (CAC) responsible for coordinating network data security work nationwide, and local cyberspace administrations at all levels responsible for network data security work within their administrative regions. The Supreme People's Court and Supreme People's Procuratorate shall fully establish smart justice with local courts and procuratorates at all levels. Fully rely on the technical resources of the National Internet Emergency Response Center to establish mechanisms for transmitting information from above and below, actively preventing data security in smart justice, and responding quickly to data crises that arise.
The third implication is that the data protection work between various localities should be linked, and it is necessary to achieve both upper and lower communication and left and right smoothness. There are differences in the level of network infrastructure security facilities between different regions, and the level of network attack and defense technology is not the same, so different regions should communicate with each other in a timely manner, learn advanced data protection concepts and technologies, and promote the improvement of judicial data protection capacity in that region.
(4) Key: Form a security capability assessment system for third-party contractors
The establishment of a security capability assessment system for third-party network contracting service providers will help form a benign competitive environment in which the fittest will survive and the capable will prevail, and fully promote the improvement of their own security protection capabilities by all contracting service providers, in line with the economic principles of market-oriented competition.
Drawing on the beneficial exploration of the digital government network security assessment system carried out by Guangdong Province, the judicial organs and internet information departments may carry out regular and irregular security capability inspections and assessments of third-party service providers who are qualified and willing to undertake smart judicial construction projects, and form an intuitive understanding and ranking of different service providers in the form of quantitative assessments, and may appropriately increase the proportion of security capability assessment scores when bidding.
Specifically, the formation of a security capability assessment system can be carried out in four aspects: security management, security construction, security operation and security effect, and in the evaluation process, the security hardware infrastructure and network security operation capabilities of the third-party contractor should be investigated, and the security actual combat ability of the service provider can be evaluated by holding network security attack and defense drills.
epilogue
As a sharp sword for safeguarding national security and a line of defense for ensuring social stability, the judiciary should all the more permeate the overall concept of national security in all aspects and throughout the entire process of judicial activities. The development of smart justice echoes the trend of the information era, and its data security is related to judicial security and then directly related to national security, so it is necessary to promote the data protection of smart justice on the track of the rule of law to ensure national security as solid as a rock.