The war in Ukraine has so far seen very little engagement from the cyber diplomatic community. While the international community focuses on stopping Russia’s invasion and ending the conflict, the contribution of cyber diplomacy to these efforts has been limited to the usual offers of assistance to deal with cyber incidents. This is surprising, given the number of cyber diplomacy-related …
Revamping the EU’s Technology Partnerships
The EU is expanding its global partnerships in the technological and digital realm. However, its approach to the Global South countries has differed markedly from its approach to developing partnerships with the US and Asian countries. Discussion of the best ways to partner with Global South countries has been limited and many areas remain unexplored. Current mechanisms risk being not …
The EU and Responsible Active Cyber Defence
A growing number of states are looking into active cyber defence operations to diversify their available responses to cyber incidents. In order to not only create guidelines for its member states but also to serve as a norm setter for this controversial policy issue, the EU must act now. Starting by defining active cyber defence for itself, the EU should …
Personal Data and International Organisations: Hacks Off!
Harmful, malicious and hostile cyber activities against international institutions, entire populations and vulnerable groups are appalling, regardless of whether they are committed by state or non-state actors. It is time to talk restraint when it comes to cyberattacks and information operations targeting international organisations and personal data. The compromise of personal data and confidential information on the servers of the …
Charting of National Attribution Policies
States’ drafting of explicit national attribution policies is anchored in the law of state responsibility in cyberspace. Such policies do not necessarily promote frequent (or any) attribution. Rather, they draw attention to the multifaceted aspects of attribution and the need for careful political consideration in making affirmative, deferring or negative attribution decisions. While actual content direction remains the prerogative of …
The EU’s Fragmented Cybersecurity Market
While the EU recognises the importance of cybersecurity policies, it continues to lag behind certain international counterparts in terms of creating a unified ecosystem and providing investment opportunities. One of the central problems hindering the EU is the fragmentation of its cybersecurity market, which impedes European cybersecurity companies from scaling up and forces them to look for alternative markets to …
EU Cyber Sanctions and Cyber Norms
In the absence of clear international law on state-led or sponsored cyber activity, cyber norms are surrounded by ambiguity and different interpretations. Cyber sanctions are a relatively new tool the EU has to promote norms on appropriate state behaviour in cyberspace and clarify such ambiguity. However, the EU has to be careful in its application of cyber sanctions to avoid …
The EU’s Approach to e-Evidence
Electronic evidence (‘e-evidence’) plays a central role in the fight against crime both online and offline. But the goal of ensuring access to such evidence must be reconciled with the need for protecting data privacy and other fundamental rights. The European Union is in the process of adopting a regulatory framework for e-evidence. It needs to strike the right balance …
Rule of Law in Cyberspace
As Montesquieu advocated, the rule of law and separation of powers are necessary to protect citizens and individuals from arbitrary rule by the state. Intensified measures to secure cyberspace risk leading to expert and political decisionmaking being kept outside of public and political debate and scrutiny. Deliberate separation of state cyber agencies and functions strengthens the rule of law, transparency …
Ransomware: a Crisis in Need of a Global Response
Ransomware has become a lucrative money-making enterprise for criminals and a useful tool for some nations, with consequences for national security, economic prosperity, and public health and safety. Its global nature means that individual countries or organizations cannot successfully thwart this threat alone—it will require complex, sustained, joint, collaborative international action. A U.S. politician once said, “All politics is local.” …