While the pandemic has created a new awareness of the importance of digital inclusion, we need to expand the conversation beyond accessibility and literacy and towards human-centric strategies to combat newer forms of biases and gaps. Current discussions about digital inclusion need to take into account three elements in particular: smart technology bias, data citizenship and platform cooperativism. If there’s …
Incorporating Cybersecurity into EU Policy Formation
As the EU strives to strengthen its cyber resilience, it becomes ever more important for its institutions to have coherent advice on the cybersecurity implications of legislative and regulatory decisions. Current practice, including in the context of the Digital Market Act (DMA), suggests action is needed to establish a policy-agnostic technical mechanism to generate such advice, develop important partnerships and …
Is War in Ukraine the End of Cyber Diplomacy?
The war in Ukraine has so far seen very little engagement from the cyber diplomatic community. While the international community focuses on stopping Russia’s invasion and ending the conflict, the contribution of cyber diplomacy to these efforts has been limited to the usual offers of assistance to deal with cyber incidents. This is surprising, given the number of cyber diplomacy-related …
Revamping the EU’s Technology Partnerships
The EU is expanding its global partnerships in the technological and digital realm. However, its approach to the Global South countries has differed markedly from its approach to developing partnerships with the US and Asian countries. Discussion of the best ways to partner with Global South countries has been limited and many areas remain unexplored. Current mechanisms risk being not …
The EU and Responsible Active Cyber Defence
A growing number of states are looking into active cyber defence operations to diversify their available responses to cyber incidents. In order to not only create guidelines for its member states but also to serve as a norm setter for this controversial policy issue, the EU must act now. Starting by defining active cyber defence for itself, the EU should …
Personal Data and International Organisations: Hacks Off!
Harmful, malicious and hostile cyber activities against international institutions, entire populations and vulnerable groups are appalling, regardless of whether they are committed by state or non-state actors. It is time to talk restraint when it comes to cyberattacks and information operations targeting international organisations and personal data. The compromise of personal data and confidential information on the servers of the …
Charting of National Attribution Policies
States’ drafting of explicit national attribution policies is anchored in the law of state responsibility in cyberspace. Such policies do not necessarily promote frequent (or any) attribution. Rather, they draw attention to the multifaceted aspects of attribution and the need for careful political consideration in making affirmative, deferring or negative attribution decisions. While actual content direction remains the prerogative of …
The EU’s Fragmented Cybersecurity Market
While the EU recognises the importance of cybersecurity policies, it continues to lag behind certain international counterparts in terms of creating a unified ecosystem and providing investment opportunities. One of the central problems hindering the EU is the fragmentation of its cybersecurity market, which impedes European cybersecurity companies from scaling up and forces them to look for alternative markets to …
EU Cyber Sanctions and Cyber Norms
In the absence of clear international law on state-led or sponsored cyber activity, cyber norms are surrounded by ambiguity and different interpretations. Cyber sanctions are a relatively new tool the EU has to promote norms on appropriate state behaviour in cyberspace and clarify such ambiguity. However, the EU has to be careful in its application of cyber sanctions to avoid …
The EU’s Approach to e-Evidence
Electronic evidence (‘e-evidence’) plays a central role in the fight against crime both online and offline. But the goal of ensuring access to such evidence must be reconciled with the need for protecting data privacy and other fundamental rights. The European Union is in the process of adopting a regulatory framework for e-evidence. It needs to strike the right balance …