Cybersecurity & Surveillance

"Cybersecurity has moved from the sole technical field to become a key legal issue"

In the current context of Big Data, Cloud Computing, Internet of Things (IoT) and more generally the upward interconnection of IT systems, cybersecurity has moved from the sole technical field to become a key legal issue, not only to ensure the effectiveness of the fundamental rights to privacy and to protection of personal data but also to improve the functioning of the internal market by creating trust and confidence.

In this context, European Union law imposes risk-based security measures and incident reporting obligations to guarantee the confidentiality, integrity and availability of information.

Additionally, rules provide for a European certification framework for ICT processes, products and services to materialise the security-by-design principle.

Given the increased risks of cyber-attacks and data breaches, cybersecurity is of course linked with the fight against cybercrime. In matters of substantive criminal law, European and national law incriminate cyber-offences such as computer-related forgery and fraud, external and internal hacking, sabotage, as well as the use and distribution of any malware, virus, or trojan.

Furthermore, to allow police and judicial authorities to have effective means for investigations, procedural criminal law provide for enquiry tools such as the search and seizure of computer data, the collection of traffic data and the interception of content data.

The aim of the research at the CRIDS is to strike the right “balance” between the fundamental rights of citizens, the legitimate interest of companies and public bodies to be secured against cyber threats and the efficiency of law enforcement authorities in ensuring their missions. In a digital democracy, cybersecurity and the fight against cybercrime are means to ensure the protection of fundamental rights such as the right to privacy: legality and proportionality are the main safeguards against a state of surveillance.

 

Related publications from the CRIDS members:

N. Colette-Basecqz, « La protection pénale des personnes vulnérables dans l’environnement numérique » in Vulnérabilités et droits dans l'environnement numérique (H. Jacquemin & M. Nihoul, dir.), Bruxelles, Larcier, 2018, pp. 133-177.

N. Colette-Basecqz, « Pédopornographie et technologies : les réponses du droit pénal » in Law, Norms and Freedoms in Cyberspace / Droit, normes et libertés dans le cybermonde (C. de Terwangne et al., dir.), Bruxelles, Larcier, 2018, pp. 81-108.

N. Colette-Basecqz, « Le secret professionnel : une valeur de plus en plus menacée à l’heure de la lutte contre le terrorisme », Rev. dr. santé, 2017-18, liv. 2, pp. 81-83.

J.-N. Collin, « Risk as the Cornerstone of Information Security and Data Protection » in Deep diving into data protection: 1979-2019: celebrating 40 years of research on privacy data protection at the CRIDS, Bruxelles, Larcier, 2021, pp. 255-27.

E. Delhaise & C. Fievet, « Frontières intelligentes et nouvelles incriminations pénales : l'Union européenne face à la problématique des Foreign terrorist fighters », J.T., n° 6676, 2017, pp. 113-120.

H. Hindy, R. Atkinson, C. Tachtatzis, J.-N. Colin, E. Bayne & X. Bellekens , « Utilising Deep Learning Techniques for Effective Zero-Day Attack Detection », Electronics, 2020, 9(10).

M. Knockaert, « La sécurité dans le marché unique numérique européen : le Règlement 2019/881 ("Cybersecurity Act") » in Les obligations légales de cybersécurité et de notifications d’incidents (F. Dumortier & V. Vander Geeten, dir.), Bruxelles, Politeia, 2019, pp. 163-183.

A. Lachapelle, La dénonciation à l’ère des lanceurs d’alerte fiscale : de la complaisance à la vigilance, Bruxelles, Larcier, 2021.

A. Michel, « Révision de la « loi caméras » : précisions ou ambiguïtés pour l’installation et l’utilisation de caméras de surveillance ? », J.T., 2019, pp. 149-160.

 

CRIDS Documentary Database