With the new Dutch International Cybersecurity Strategy for 2023-2028, the government of the Netherlands demonstrates responsibility and agency in the face of continuous cyber threats posed by states and criminals. It aspires to keep democratic and human rights and norms top of mind and seeks to preserve a globally open, free and secure internet. The strategy makes clear the government’s …
Countering Cyber Mercenaries
The EU and its member states face a human rights and security crisis due to the use of cyber mercenaries, private entities that sell offensive cyber capabilities to governments. The Paris Peace Forum, the Paris Call for Trust and Security in Cyberspace, and a Franco-British initiative are some of the platforms that have proposed concrete actions and guidance for industry, …
From Westphalia to San Francisco: A cyber and digital perspective on the changing nature of European diplomacy and transatlantic relations
Gerard de Graaf is no stranger to EU digital policies. He serves as EU Senior Envoy for Digital to the US and currently heads the EU Office in San Francisco. Prior to his recent appointment, de Graaf was Director responsible for the Digital Services and Digital Markets Acts in the Directorate-General for Communications Networks, Content and Technology, and co-chaired two …
Why EU Cyber Policy Should Become Feminist
The EU’s cyber policy and strategy has developed essential relevance to the EU’s security environment. This was highlighted in 2022’s Strategic Compass, which emphasises the importance of cybersecurity. In the grey zone between peace and armed conflict, state and non-state actors use cyber operations for espionage, ransom or sabotage. The 2022 ENISA Threat Landscape found a massive increase in cyberattacks …
Upping the Ante on EU Cyber Defence: What Should we Expect from our Capitals?
The obvious importance of cyber defence – often the poor cousin of all things cyber – is becoming clearer and more entrenched, with growing high-level EU ambitions. The recent release of the EU cyber defence policy in late 2022 marks a milestone for the EU’s cyber defence policy framework insofar as its ambitions indicate the aspirational direction of travel for …
Europe’s Risky Plan for the Internet
Over the past few months, the European Commission, along with European telecommunication providers, have reignited an old debate about the way traffic is meant to flow through the internet. Premised under the decade-old idea of the ‘Sending Party Network Pays’ (SPNP) model, the intention is to require content providers to pay telecom operators for the traffic they carry on their …
Towards a data-driven EU Cyber Diplomacy
The EU and its member-states lack quantifiable data on cyber conflict that can guide EU Cyber diplomacy. But data is necessary to answer even basic questions like, whether cyber conflict is getting better or worse and does the EU cyber posture have the desired effect in reducing cyber operations or their damaging effects. A new European research project, the European …
Microtargeted Propaganda by Foreign Actors
Microtargeting involves collecting information about people and using that information to show them targeted political advertisements. Such microtargeting enables advertisers to tailor ads to specific groups of people, for instance people who visit certain websites or share specific characteristics. Microtargeted propaganda can be more effective, more efficient and more hidden than traditional propaganda. Consequently, its use, especially by foreign actors, …
Incorporating Cybersecurity into EU Policy Formation
As the EU strives to strengthen its cyber resilience, it becomes ever more important for its institutions to have coherent advice on the cybersecurity implications of legislative and regulatory decisions. Current practice, including in the context of the Digital Market Act (DMA), suggests action is needed to establish a policy-agnostic technical mechanism to generate such advice, develop important partnerships and …
Revamping the EU’s Technology Partnerships
The EU is expanding its global partnerships in the technological and digital realm. However, its approach to the Global South countries has differed markedly from its approach to developing partnerships with the US and Asian countries. Discussion of the best ways to partner with Global South countries has been limited and many areas remain unexplored. Current mechanisms risk being not …