Brazil’s diplomacy has historically been one of soft power and brokering discussions. In Internet governance, the country has been internationally recognised for to its multi-stakeholder governance model and for advocating for privacy in the digital age. As cyber threats become a national security concern and a key part of the political agenda in the run-up to 2022 presidential elections, the …
Data Protection in China
In the summer of 2021, China’s National People’s Congress passed two pieces of data-related legislation, the Data Security Law (DSL) and the Personal Information Protection Law (PIPL). These laws, which entered into force in September and November respectively, form the centre of what will become a comprehensive regulatory architecture governing all important aspects of data collection, storage, processing, trading and …
Revamping the EU’s Technology Partnerships
The EU is expanding its global partnerships in the technological and digital realm. However, its approach to the Global South countries has differed markedly from its approach to developing partnerships with the US and Asian countries. Discussion of the best ways to partner with Global South countries has been limited and many areas remain unexplored. Current mechanisms risk being not …
Net Politics in Africa
African governments’ views on cybersecurity are not homogenous and actions that indicate ideals of “net nationalism” continue to emerge in parts of Africa. A politics of net nationalism utterly focused on individual governmental interests will imperil international cooperation, mutual legal assistance and the cross-border flow of information, and may derail international cybersecurity efforts, especially harmful to a region like Africa …
German Cybersecurity Policy 2021-2025
The new German government will mean a shift for the country’s cybersecurity policy. The joint coalition agreement of the three ruling parties lays out their plans for the next four years and signals changes of course in areas like encryption policy and “hackbacks”. In other fields – particularly cyber diplomacy – the devil will be in the details. The country’s …
Cybersecurity Convergence in the BRICS Countries
The thirteenth BRICS Summit took place on 9 September 2021 and cybersecurity featured prominently amongst the priorities identified by BRICS leaders. The BRICS – Brazil, Russia, India, China, and South Africa – are explicitly advocating for enhanced cooperation on cybersecurity issues, both at the international and intra-BRICS level. The facility with which cooperation can be enhanced remains unclear, but BRICS priorities …
Navigating Europe’s Cybersecurity
A native Estonian, Juhan Lepassaar is no stranger to cybersecurity and the inner workings of the European Union. Between 2014 and 2019 he was the head of cabinet of Andrus Ansip, Vice-President for Digital Single Market in the Juncker Commission. In this role he was also involved in the preparation and the subsequent legislative phases of the Cybersecurity Act, which significantly strengthened the competences of the European Union Agency for Cybersecurity, which he currently heads.
Time for Cyber Maastricht?
In today’s information society, data and information replace the traditional resources for conducting war: coal and steel. Preventing conflicts revolving around these new resources demands greater cooperation and transparency. Until recently, coal and steel were critical raw materials for the economy and the basis for waging wars. It was coal and steel that brought European countries together in 1951 to …
Do We Need an EU Cybersecurity Rating Agency?
As companies get ever more concerned about the cybersecurity standards of their suppliers, they are looking for a cheap and easy way to establish whether they can trust another company. Audits are time-consuming and expensive, but a number of new companies offer so-called outside-in cybersecurity ratings that promise to provide an accurate appraisal of IT security standards through a mixture …
When Sovereignty Leads and Cyber Law Follows
The Network and Information Security Directive (NIS Directive) is one of the most important pieces of cyber legislation in the EU. Only four years after its entry into force, the European Commission is expected to table a revision of this cyber law by the end of the year. This is an excellent moment to consider this revision in the context …