Microtargeting involves collecting information about people and using that information to show them targeted political advertisements. Such microtargeting enables advertisers to tailor ads to specific groups of people, for instance people who visit certain websites or share specific characteristics. Microtargeted propaganda can be more effective, more efficient and more hidden than traditional propaganda. Consequently, its use, especially by foreign actors, …
Incorporating Cybersecurity into EU Policy Formation
As the EU strives to strengthen its cyber resilience, it becomes ever more important for its institutions to have coherent advice on the cybersecurity implications of legislative and regulatory decisions. Current practice, including in the context of the Digital Market Act (DMA), suggests action is needed to establish a policy-agnostic technical mechanism to generate such advice, develop important partnerships and …
Revamping the EU’s Technology Partnerships
The EU is expanding its global partnerships in the technological and digital realm. However, its approach to the Global South countries has differed markedly from its approach to developing partnerships with the US and Asian countries. Discussion of the best ways to partner with Global South countries has been limited and many areas remain unexplored. Current mechanisms risk being not …
The EU and Responsible Active Cyber Defence
A growing number of states are looking into active cyber defence operations to diversify their available responses to cyber incidents. In order to not only create guidelines for its member states but also to serve as a norm setter for this controversial policy issue, the EU must act now. Starting by defining active cyber defence for itself, the EU should …
The Political Economy of European Cybersecurity
Public-private cooperation is often suggested as one response to an increasingly volatile digital security environment. But there has been little attention paid to how outcomes at the EU level are influenced by how such cooperation is organised in practice, what its drivers are and specific models of organising relations between the public and private sector. By making a distinction between …
The EU’s Fragmented Cybersecurity Market
While the EU recognises the importance of cybersecurity policies, it continues to lag behind certain international counterparts in terms of creating a unified ecosystem and providing investment opportunities. One of the central problems hindering the EU is the fragmentation of its cybersecurity market, which impedes European cybersecurity companies from scaling up and forces them to look for alternative markets to …
EU Cyber Sanctions and Cyber Norms
In the absence of clear international law on state-led or sponsored cyber activity, cyber norms are surrounded by ambiguity and different interpretations. Cyber sanctions are a relatively new tool the EU has to promote norms on appropriate state behaviour in cyberspace and clarify such ambiguity. However, the EU has to be careful in its application of cyber sanctions to avoid …
Rule of Law in Cyberspace
As Montesquieu advocated, the rule of law and separation of powers are necessary to protect citizens and individuals from arbitrary rule by the state. Intensified measures to secure cyberspace risk leading to expert and political decisionmaking being kept outside of public and political debate and scrutiny. Deliberate separation of state cyber agencies and functions strengthens the rule of law, transparency …
Debunking Strategic Autonomy
Strategic autonomy continues to be “hot” in Brussels, Berlin and Paris. Not a week passes without a new policy proposal by the European Commission or a letter from a number of European Heads of State urging the strengthening of strategic autonomy and defence of sovereignty. As the thinking on strategic autonomy is evolving, it’s time to take a critical look …
Navigating Europe’s Cybersecurity
A native Estonian, Juhan Lepassaar is no stranger to cybersecurity and the inner workings of the European Union. Between 2014 and 2019 he was the head of cabinet of Andrus Ansip, Vice-President for Digital Single Market in the Juncker Commission. In this role he was also involved in the preparation and the subsequent legislative phases of the Cybersecurity Act, which significantly strengthened the competences of the European Union Agency for Cybersecurity, which he currently heads.