| Popis: |
The EU has evolved much cyber law over the course of two decades. The EU has approached cyber regulation with a particularly unwieldly mix of powers, sanctions and the development of new actors and agencies. Cyber law-making arguably exposes the EU as a weak global governance actor, conflicted, beholder to private actors and vexed by its competences (Carrapiço and Barrinha, 2018: 1254). EU cyber law-making reveals a partially institutionalised field, with incomplete and awkwardly non-intersecting competences, straddling incomplete Security and Digital Single Market policies, evolving sanctions and new agencies. Cyber laws and policies fall as a law-making exercise only partly within EU security (Fahey, 2020: 1; Christou, 2019: 278). This chapter shows the EU caught between complex global challenges and contested taxonomies. The EU harbours multiple conflicting definitions of cybercrime between actors and entities and multiple working definitions of cybersecurity. Some key terms also lack common definition in the EU context e.g. cyber defence, albeit as a key competence of the EU Member States. The EU lacks sufficiently robust institutions, agencies or actors to implement cyber security and risks conflicts and impingement upon many fundamental rights through its partial institutionalisation of a field. As a result, the EU as a Global cyber actor risks becoming an inadequate international actor. Global law-making efforts, e.g. on a Treaty, is advancing but the EU’s engagement therewith will likely prove legally problematic as to the autonomy of EU law. |
