The Role of the State and Public Administration in the Cybersecurity System (original) (raw)
Related papers
A Legal Assessement of Management of the European Union Cyberterrorism Policy
Modern Management Review, 2017
In addition to traditional threats such as spying or revealing state or business secrets, the new threats have appeared, among which the most dangerous is cyberterrorism. Proper functioning of society depends today largely on management functioning of modern techniques and information technology. Computers networks are widely used in economy, administration, as well as inhouseholds. Taking into account the problems of cyberterrorism, in particular an analysis of legislation aimed at ensuring the security of information systems of individual countries, this subject should be also recognized as a requirement for the insightful analysis. Therefore, this publication is an attempt to characterize the determinants of this phenomenon and an analysis of the latest legal solutions in the fight management against cyberterrorism in the European Union. Moreover, an attempt has been made to present the EU counter-terrorism policy so the Author`s intention is also to show the impact of legal instrument on combating cyberterrorism itself. In addition, it tries to find an answer to the question whether the current legal standard solutions of the European Union in the area of security are an effective tool in the fight against cyberterrorism.
S. Kavyn, I. Bratsuk, A. Lytvynenko, Regulatory and Legal Enforcement of Cyber Security in Countries of the European Union: The Experience of Germany and France, 121 Teise, p.p. 135-147 (2021), 2021
This article is devoted to the study of information security in the EU member states, in particular Germany and France, in the context of the analysis of their national legislation, state, national programs and regulations. Particular attention is paid to the study of the features of regulatory and legal security of information security of Germany and France in the context of the study of their national legislation in terms of economic security as an inherent component of national security. In the course of this study the peculiarities of the functioning of the institutional and legal mechanism of cyber defense in the context of the multi-vector system of international security and legal regulation of international cooperation are analyzed. The article substantiates the expediency of developing an integrated, coordinated information policy of the EU member states in order to unify approaches to information security.
Legal aspects of fighting cyber crime in the European Union
Oditor
The development of information technologies and the Internet and the commission of criminal acts in this new environment leads to the emergence of transnational, high-tech crime. Competent bodies for the fight against crime are hindered in achieving results by the traditional division into national jurisdictions, while there are no such restrictions for perpetrators. Cyber activities cause great damage and consequences to natural or legal persons, illegally appropriate financial resources and protected data. The specificities of high-tech crime require the specialization of state authorities because in the fight against crime, individual rights, privacy and freedoms of individuals must not be jeopardized. The aim of this paper is to show how the legislation of the European Union (EU) and the activities of its institutions improve the prevention, investigation and prosecution of perpetrators and build capacities in the judiciary. Harmonization of domestic law with EU law in the field...
Cybersecurity Regulation in the European Union: The Digital, the Critical and Fundamental Rights
The International Library of Ethics, Law and Technology
This chapter provides an overview of the European Union (EU) policies and legislative measures developed in an attempt to regulate cybersecurity. By invoking a historical perspective, policy developments that have shaped the cybersecurity landscape of the EU are highlighted. More concretely, this contribution investigates how the EU has been delimiting and constructing its cybersecurity policies in relation to different and sometimes opposing objectives, and questions what such choices reveal about (and how they determine) the evolution of the EU's cybersecurity policy and its legal contours. For this purpose, the major steps in the evolution of the EU's agenda on cybersecurity are analysed, ranging from the adoption of the 2013 Cybersecurity Strategy to other numerous norms, initiatives and sectorial frameworks that tackle issues arising from the active use of information systems and networks. The chapter reviews the mobilisation of multiple areas (such as the regulation of electronic communications, critical infrastructures and cybercrime) in the name of cybersecurity imperatives, and explores how the operationalisation of such imperatives surfaced in the EU cybersecurity strategy published in September 2017. The chapter suggests that one of the key challenges of cybersecurity regulation is to impose the right obligations on the right actors, through the right instrument. Reflecting on issues surrounding the current liability framework dating from the 80s, it considers how principles such as data protection by design and default as well as the 'duty of care' have emerged. Finally, the chapter considers how the perception of cybersecurity's relationship with (national) security plays a determinant role in the current EU legislative and policy debates, where fundamental rights considerations, despite being acknowledged in numerous policy documents, are only considered in a limited manner.
2019
Cybersecurity has developed into horizontal policy issue in the European Union in the last two decades. In relevant domains technological, policy and legal measures are implemented to protect the EU against cyber threats, however it is unclear where the boundaries of cybersecurity might be in the absence of a commonly agreed and operational definition. Therefore, we raise the question how coherent and coordinated the EU legal responses to cybersecurity challenges can be if the boundaries of cybersecurity are not set. A well-balanced regulatory framework would require a systematic analysis of the potential harms that relevant measures aim to address, understanding of the impact of measures in different policy domains and interactions between these. Hence we study the Wannacry cyber crisis in order to establish the types of harms EU cybersecurity-related laws can aim to address, examine what elements of the cyber ecosystem needs to be secured and can be targeted by regulatory intervention, as well as we examine the main pieces of current and proposed EU legal frameworks relevant for cybersecurity in order to draw some conclusions on the scope, nature and aims of the emerging field of ‘EU cybersecurity law’.
Cyberspace in a State of Flux: Regulating cyberspace through International Law
Groningen journal of international law, 2022
Cyberspace continues to become increasingly integral to our way of life. It has brought with it many benefits but has recently become a domain used for misdeed, as was evident from the recent WannaCry ransomware, the Stuxnet virus issue, and the much-publicized US 2016 Election hacking. These incidents have caused the issue of cyberspace to be on the international agenda, but there is a lack of consensus among the various nations on how cyberspace should be regulated. The article analyzes the legal status of cyberspace by first embarking on a discussion on what is cyberspace, followed by a discussion on recent notable cyberattacks. It is against this backdrop that: (1) the legal status of cyberspace in domestic law is analyzed; (2) the application of the existing rules of international law to cyberspace are considered; (3) the problems with the Budapest Convention on Cybercrime are discussed; and (4) proposals for a new Convention on cybersecurity at the UN level in light of the Tallinn Manual, and the Budapest Convention of Cybercrime are made.
THE ROLE OF CYBERSECURITY IN THE PUBLIC SPHERE -THE EUROPEAN DIMENSION
THE ROLE OF CYBERSECURITY IN THE PUBLIC SPHERE - THE EUROPEAN DIMENSION K.Chałubińska-Jentkiewicz & I. Hoffman , 2022
The subject-matter of the analysis includes the state of the EU legal framework and the proposed amendments in the sphere of the cybersecurity of financial institutions operating in European Union Member States, interests protected by law, and the rationale behind regulatory provisions proposed or adopted by EU legislators, notwithstanding their legal form (strategic documents, directives or regulations).
ACIG journal, 2022
Cybersecurity is a relatively recent addition to the list of preoccupations for modern states. The forceful emergence of the internet and computer networks and their subsequent prevalence quickly brought this to the fore. By now, it is inconceivable that modern administrations, whether public or private, can exist entirely outside the digital realm. Nevertheless, with great opportunities also comes great risk. Attacks against com- puter systems quickly evolved from marginalised incidents to matters of state concern. The exponential increase in the importance of cybersecurity over the past few years has led to a multi-level response. New policies, followed by relevant laws and regulations, have been introduced at national and international levels. While modern states have therefore been compelled to devise concrete cybersecurity strategies in response to potential threats, the most notable aspect of these strategies is their resemblance to one another. Such uni- form thinking could develop into a risk per se: challenges may appear unexpectedly, given the dynamic nature of the internet and the multitude of actors and sources of risk, which could put common knowledge, or what may be called conventional wisdom, to the test at a stage where the scope for response is limited. This paper builds upon the idea of national states being perceived as platforms within the contemporary digital and regulatory environ- ment. Platforms are in this context information structures or systems, whereby the primary role of states acting as platforms is that of an information broker for its citizens or subjects. This role takes precedence even over the fundamental obligation of states to provide se- curity; it calls upon them first to co-create (basic) personal data, and then to safely store and further transmit such data. Once the key concept of states as platforms has been elaborated in section 2, this paper then presents the concrete consequences of this approach within the cybersecurity field. In section 3, former off-line practices for safely storing per- sonal information, undertaken by states within their role as platforms, are contrasted with the challenges posed by the digitisation of information. The focus is then turned in section 4 to the EU, and the NIS Directive’s obligation upon Member States to introduce and imple- ment national cybersecurity strategies, which are therefore examined under the lens intro- duced in section 2. Finally, specific points for improvement and relevant recommendations for these cybersecurity strategies are presented in section 5.