The emergence of EU cybersecurity law: A tale of lemons, angst, turf, surf and grey boxes

IF 3.3 3区社会学 Q1 LAW

Computer Law & Security Review Pub Date : 2024-11-09 DOI:10.1016/j.clsr.2024.106071

Lee A. Bygrave

{"title":"The emergence of EU cybersecurity law: A tale of lemons, angst, turf, surf and grey boxes","authors":"Lee A. Bygrave","doi":"10.1016/j.clsr.2024.106071","DOIUrl":null,"url":null,"abstract":"<div><div>Using a series of metaphors, this opinion piece charts patterns, trends and obstacles shaping the development of EU cybersecurity law over the last three decades. It shows that this development is more than simply a function of the EU's increasing regulatory capacity. It argues that, to a large degree, the development has been a reactive, gap-filling process, which is partly due to the piecemeal character of the regulatory areas in which the EU legislates, combined with smouldering ‘turf wars’ over regulatory competence. An overarching point is that EU cybersecurity law is far from reminiscent of a well-kempt forest; rather, it resembles a sprawling jungle of regulatory instruments interacting in complex, confusing and sometimes disjointed ways. Thus, this field of regulation underlines the fact that increased regulatory capacity does not necessarily beget optimal regulatory coherence. Nonetheless, the paper also identifies multiple positive traits in the legislative development—traits that signal Brussels’ ability to learn from weaknesses with previous regulatory instruments.</div></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"56 ","pages":"Article 106071"},"PeriodicalIF":3.3000,"publicationDate":"2024-11-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Law & Security Review","FirstCategoryId":"90","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0267364924001377","RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"LAW","Score":null,"Total":0}

引用次数: 0

Abstract

Using a series of metaphors, this opinion piece charts patterns, trends and obstacles shaping the development of EU cybersecurity law over the last three decades. It shows that this development is more than simply a function of the EU's increasing regulatory capacity. It argues that, to a large degree, the development has been a reactive, gap-filling process, which is partly due to the piecemeal character of the regulatory areas in which the EU legislates, combined with smouldering ‘turf wars’ over regulatory competence. An overarching point is that EU cybersecurity law is far from reminiscent of a well-kempt forest; rather, it resembles a sprawling jungle of regulatory instruments interacting in complex, confusing and sometimes disjointed ways. Thus, this field of regulation underlines the fact that increased regulatory capacity does not necessarily beget optimal regulatory coherence. Nonetheless, the paper also identifies multiple positive traits in the legislative development—traits that signal Brussels’ ability to learn from weaknesses with previous regulatory instruments.

查看原文本刊更多论文

欧盟网络安全法的出现：柠檬、焦虑、草皮、冲浪和灰盒的故事

这篇评论文章使用了一系列比喻，描绘了过去三十年欧盟网络安全法律发展的模式、趋势和障碍。文章表明，这种发展不仅仅是欧盟监管能力不断增强的结果。文章认为，在很大程度上，网络安全法的发展是一个被动的、填补空白的过程，部分原因在于欧盟立法的监管领域是零散的，再加上在监管权限问题上的 "地盘争夺战 "愈演愈烈。最重要的一点是，欧盟的网络安全法律远非让人联想起一片修剪整齐的森林；相反，它就像一片无边无际的丛林，各种监管文书以复杂、混乱、有时甚至脱节的方式相互作用。因此，这一监管领域强调了一个事实，即监管能力的提高并不一定带来最佳的监管一致性。不过，本文也指出了立法发展中的多个积极特征--这些特征表明布鲁塞尔有能力吸取以往监管文书的不足之处。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computer Law & Security Review LAW-

CiteScore

5.60

自引率

10.30%

发文量

审稿时长

67 days

期刊介绍： CLSR publishes refereed academic and practitioner papers on topics such as Web 2.0, IT security, Identity management, ID cards, RFID, interference with privacy, Internet law, telecoms regulation, online broadcasting, intellectual property, software law, e-commerce, outsourcing, data protection, EU policy, freedom of information, computer security and many other topics. In addition it provides a regular update on European Union developments, national news from more than 20 jurisdictions in both Europe and the Pacific Rim. It is looking for papers within the subject area that display good quality legal analysis and new lines of legal thought or policy development that go beyond mere description of the subject area, however accurate that may be.