Skip to main content
SpringerLink
Log in

A typology of cybersecurity and public-private partnerships in the context of the EU

Crime, Law and Social Change volume 67pages 265–288 (2017)Cite this article

This is a preview of subscription content, access via your institution.

Access options

Buy single article

Instant access to the full article PDF.

USD 39.95

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Notes

  1. One should, however, that there are alternative framings of technical IT security and problems with the general label of “cyber”, which will be briefly taken up below.

  2. In contrast to informal working arrangements for security and intelligence agencies

  3. For instance, https://www.icspa.org/ or https://www.ncia.nato.int/NewsRoom/Pages/140918-NATO-launches-Industry-Cyber-Partnership.aspx

  4. At the time of writing, the legislative proposal had gained political agreement from all EU institutions, but was not formally concluded yet. See: https://ec.europa.eu/digital-single-market/en/news/network-and-information-security-directive-co-legislators-agree-first-eu-wide-legislation

  5. Information and computer scientist tend to prefer other more technical and precise concepts, such as information security, which is composed of definable attributes of integrity, availability and confidentiality. Security scholars, in contrast, have highlighted the dangers of “securitizing” the digital communications or simply just ‘cyber’ and merging distinct issues of cybercrime, cyber-assisted crime with more state-centred notion of security, which can legitimate “offensive” methods and the involvement of the military.

  6. Again, we cannot go into the question whether cyberspace is a suitably precise analytical concept. For a widely cited official definition, see http://www.dhs.gov/sites/default/files/publications/Cyberspace_Policy_Review_final_0.pdf

  7. For instance, http://www.ix-f.net/ixp-models.html. See also Farrand and Carrapico in this issue for a more detailed discussion on the historical development from public to private management of critical infrastructures.

  8. An especially controversial response to this challenge has been to create separate market incentives through programs such as ‘bug bounties.’

  9. Such as “hate” speech, weapons instructions, child sexual abuse material, etc.

  10. These functionally differentiated tasks or processes have been inductively derived by the authors from the diverse social science literature on cybersecurity referred above. For reasons of space this differentiation cannot be systematically related to wider theories of public (economic) regulation and security governance here, but this may prove a worthwhile research agenda for the future. On the one hand, one could test whether the proposed tasks are truly exhaustive and comprehensive in the area of cybersecurity. On the other hand, more elaborate formal reasoning on collective action dynamics, such as with regard to the public good qualities of information or reliable access, could be explored beyond the cursory remarks made below.

  11. If one applies a broad or multi-level understanding of cybersecurity, this can range from questions of rights management, privacy and data protection to secure communication protocol standards or product safety and security.

  12. http://www.nationalisacs.org/#!member-isacs/jnog6

  13. http://www.wired.com/2015/11/facebook-and-twitter-face-tough-choices-as-isis-exploits-social-media/

  14. This point can be unlined by the fact that PPPs for a more secure internet provision at the infrastructural level have not yet been funded in Europe, as illustrated by the failed idea of a “Schengen-net” for secure data transfers in Europe.

  15. The typological fields are referred to in the respective subheadings of the different sections

  16. ENISA has organised several annual major ICT incident exercises for EU member states that were triggered official EU conclusions in the aftermath of the 2009 Estonian cyber-attacks. Assessments of these exercises are limited to official document, where the large number of participants (500+) and positive resonance had highlighted

  17. See https://www.enisa.europa.eu/about-enisa/structure-organization/psg

  18. See also Art. 3 of the EU regulation establishing ENISA (revised 526/2013)

  19. https://resilience.enisa.europa.eu/internet-infrastructure-security-and-resilience-reference-group

  20. https://resilience.enisa.europa.eu/ecrg

  21. https://www.enisa.europa.eu/publications/articles/standards-for-cyber-security

  22. https://www.cscan.org/openaccess/?id=213

  23. http://www.enisa.europa.eu/activities/stakeholder-relations/nis-brokerage-1/european-cyber-security-month-advocacy-campaign

  24. https://www.enisa.europa.eu/activities/cert/support/information-sharing/european-fi-isac-a-public-private-partnership. This has been modelled on a corresponding US Forum with global reach. http://www.fsisac.com/

  25. http://www.cyspa.eu/default.aspx?page=home

  26. http://www.scmagazineuk.com/internet-security-alliance-to-launch-european-spinoff/article/382265/

    https://ec.europa.eu/futurium/en/system/files/ged/safe_-_nis_and_the_dsm_07042015.pdf

  27. ENISA, 2012a. European Public + Private Partnership for Resilience. Activity Report 2012. Available at:

    https://resilience.enisa.europa.eu/ep3r/2012-activity-report.

  28. Compare also for an incomplete survey of information-sharing platforms across EU member states https://resilience.enisa.europa.eu/nis-platform/shared-documents/wg2-documents/wg2-outcome-draft/at_download/file.

  29. This would hitherto be limited to some cases that are covered by the 2009 EU telecommunications regulation (Directive 2009/140/EC). See https://resilience.enisa.europa.eu/article-13

  30. Public authorities from 18 member state are taking part, while the rest is constituted by academic institutions or experts See full list of members http://ec.europa.eu/transparency/regexpert/index.cfm?do=groupDetail.groupDetail&groupID=2920&NewSearch=1&NewSearch=1

  31. See https://resilience.enisa.europa.eu/nis-platform. Especially the second working group provide the most detailed recommendations on how to differentiate, improve and link up the variety of information-sharing initiatives for CIIP, see https://resilience.enisa.europa.eu/nis-platform/shared-documents/5th-plenary-meeting/chapter-3-wg2_final-for-discussion-may-27-2015/at_download/file

  32. https://resilience.enisa.europa.eu/nis-platform/shared-documents/eu-us-preliminary-workshop-comparing-approaches

  33. Or computer security incident response teams in alternative European parlance (CSIRT), see https://www.enisa.europa.eu/activities/cert/support/guide2/introduction/what-is-csirt

  34. http://cert.europa.eu/cert/plainedition/en/cert_about.html.

  35. For instance, one could point to frameworks for data sharing or best practice collection, see http://www.enisa.europa.eu/activities/cert/support/data-sharing

    http://www.enisa.europa.eu/activities/cert/support/fight-against-cybercrime/the-directive-on-attacks-against-information-systems

  36. https://www.us-cert.gov/about-us

  37. http://cybersecurity.bsa.org/assets/PDFs/study_eucybersecurity_en.pdf

  38. https://www.telekom.com/verantwortung/sicherheit/136918

  39. https://www.enisa.europa.eu/activities/risk-management/events/enisa-workshop-on-eu-threat-landscape/05PresentationStavrosLingris p-15

  40. https://www.enisa.europa.eu/activities/cert/support/information-sharing/detect-share-protect-solutions-for-improving-threat-data-exchange-among-certs

  41. http://www.egc-group.org/index.html

  42. https://cert.europa.eu/cert//plainedition/en/cert_partners.html

  43. http://www.nttdata.com/global/en/insights/it-briefings/2015022401.html

  44. https://www.europol.europa.eu/sites/default/files/publications/ec3_programme_board_-_tor_-_terms_of_reference_and_mandate_of_the_advisory_group_on_internet_security.pdf

  45. http://www.computerweekly.com/news/2240235526/Over-a-hundred-cyber-criminals-arrested-in-global-operation

  46. Barclays, ING Group, Citibank, the European Banking Federation, and the association for ATM Security (EAST). See https://www.europol.europa.eu/category/news-category/agreements?page=1 and https://www.european-atm-security.eu/tag/ec3/ and http://www.finextra.com/news/fullstory.aspx?newsitemid=27536

  47. http://www.kaspersky.com/about/news/business/2014/Kaspersky-Lab-Broadens-Cooperation-with-Both-INTERPOL-and-Europol

  48. http://news.softpedia.com/news/Intel-and-Europol-Sign-Agreement-on-Fight-against-Cybercrime-465520.shtml

  49. http://www.eurosecglobal.de/europols-european-cybercrime-centre-ec3-and-mnemonic-co-operate.html

  50. http://iq-media.com/category/cybercrime/

  51. http://www.thepaypers.com/digital-identity-security-online-fraud/europol-s-ec3-joins-forces-with-fireeye-to-better-detect-cybercrime/761040-26

  52. https://www.europol.europa.eu/latest_news/europol-signs-agreement-group-ib-cooperate-fighting-cybercrime

  53. https://www.europol.europa.eu/newsletter/ec3-and-anubisnetworks-initiate-cooperation-fighting-malware-threats

    http://www.so-co-it.com/post/368648/anubisnetworks-and-europol-s-european-cybercrime-centre-sign-memorandum-of-understanding-to-fight-international-malware-threats.html/

  54. https://www.europol.europa.eu/latest_news/shadowserver-foundation-steps-cooperation-europol-combat-cybercrime

  55. http://www.kaspersky.com/about/news/business/2014/Kaspersky-Lab-Broadens-Cooperation-with-Both-INTERPOL-and-Europol

    http://www.informationsecuritybuzz.com/kaspersky-lab-broadens-cooperation-interpol-europol/

    See on the joint EUROPOL INTERPOL MoU http://www.threatmetrix.com/interpol-has-new-nerve-centerand-more-muscle/

    And conference http://www.interpol.int/News-and-media/Events/2014/INTERPOL-Europol-Cybercrime-Conference-2014/INTERPOL-Europol-Cybercrime-Conference-2014

  56. http://iq-media.com/category/cybercrime/

  57. http://news.microsoft.com/presskits/dcu/

  58. https://www.european-atm-security.eu/tag/ec3/

    https://www.european-atm-security.eu/tag/ec3/

  59. http://blogs.microsoft.com/on-the-issues/2015/02/25/europol-takes-down-servers-used-by-cybercriminals-to-steal-financial-data/

  60. http://www.2uzhan.com/police-security-firms-team-up-and-take-down-shylock-malware/ This particular action even seems to have involved the British signals intelligence service GCHQ

  61. Austria, France, Germany, Italy, Spain, the Netherlands and the UK

  62. http://sgocnet.org/site/wp-content/uploads/2014/06/08_ReitanoEtAl_pp142-154.pdf

    http://www.theguardian.com/technology/2014/sep/01/europol-taskforce-cybercrime-hacking-malware

    https://www.europol.europa.eu/content/expert-international-cybercrime-taskforce-launched-tackle-online-crime

    http://www.scmagazineuk.com/europol-plans-more-malware-takedowns/article/396089/

    https://www.clearswift.com/blog/2014/07/25/why-joint-cybercrime-action-taskforce-positive-europe

    http://www.computing.co.uk/ctg/news/2348940/europol-cybercrime-head-international-public-private-collaboration-the-one-true-way-to-stop-cyber-criminals

  63. http://www.scmagazineuk.com/j-cat-operations-to-continue/article/422464/

  64. EU DOC 6785/16, p. 35

  65. http://www.adjacentgovernment.co.uk/ict/european-union-internet-referral-unit-europol/23582/

  66. https://wiki.openrightsgroup.org/wiki/Counter_Terrorism_Internet_Referral_Unit

  67. http://www.ft.com/intl/cms/s/0/b5b03bb4-a87b-11e3-b50f-00144feab7de.html

  68. https://edri.org/european-internet-forum-untransparent-and-dangerous/

  69. http://www.cleanitproject.eu/about-the-project/

  70. https://edri.org/CleanIT-evaluation/

  71. http://www.fsm.de/hotline

References

  1. Eriksson, J., & Giacomello, G. (2009). Who controls the internet? Beyond the obstinacy or obsolescence of the State. International Studies Review, 11(1), 205–230.

    Article  Google Scholar 

  2. Radu, Roxana, Jean-Marie Chenou, and Rolf H Weber. 2014. The evolution of global internet governance: principles and policies in the making. Vol. 56: Springer Science & Business Media.

  3. Mueller, M., Schmidt, A., & Kuerbis, B. (2013). Internet security and networked governance in international relations. International Studies Review, 15(1), 86–104.

    Article  Google Scholar 

  4. Von Solms Rossouw, and Johan Van Niekerk. 2013. "From information security to cyber security." Computers & Security 38:97–102.

  5. Tropina, Tatiana. 2015. "Public–Private Collaboration: Cybercrime, Cybersecurity and National Security." In Self-and Co-regulation in Cybercrime, Cybersecurity and National Security, 1–41. Springer.

  6. Min, K.-S., Chai, S.-W., & Han, M. (2015). An International Comparative Study on Cyber Security Strategy. International Journal of Security and Its Applications, 9(2), 13–20.

    Article  Google Scholar 

  7. Carr, M. (2016). Public–private partnerships in national cyber-security strategies. International Affairs, 92(1), 43–62.

    Article  Google Scholar 

  8. Dunn-Cavelty, M., & Suter, M. (2009). Public–Private Partnerships are no silver bullet: An expanded governance model for Critical Infrastructure Protection. International Journal of Critical Infrastructure Protection, 2(4), 179–187.

    Article  Google Scholar 

  9. van Dijck, J. (2014). Datafication, dataism and dataveillance: Big Data between scientific paradigm and ideology. Surveillance & Society, 12(2), 197–208.

    Google Scholar 

  10. Bevir, M. (2014). The Rise of Security Governance. In M. Bevir, O. Daddow, & I. Hall (Eds.), Interpreting Global Security, (pp. 17–34). London: Routledge.

    Google Scholar 

  11. Hameiri, Shahar, and Lee Jones. 2015. Governing Borderless Threats: Non-traditional Security and the Politics of State Transformation: Cambridge University Press.

    Book  Google Scholar 

  12. Nance, M., & Cottrell, P. (2014). A turn toward experimentalism? Rethinking security and governance in the twenty-first century. Review of International Studies, 40(02), 277–301. doi:10.1017/S026021051300017X.

    Article  Google Scholar 

  13. Crawford, A. (2006). Networked governance and the post-regulatory state? Steering, rowing and anchoring the provision of policing and security. Theoretical Criminology, 10(4), 449–479.

    Article  Google Scholar 

  14. Ehrhart, H.-G., Hegemann, H., & Kahl, M. (2014). Putting security governance to the test: conceptual, empirical, and normative challenges. European Security, 23(2), 119–125.

    Article  Google Scholar 

  15. Kennedy, David. 2016. A World of Struggle: How Power, Law, and Expertise Shape Global Political Economy: Princeton University Press.

  16. Christou, G., & Simpson, S. (2006). The Internet and public–private governance in the European Union. Journal of Public Policy, 26(01), 43–61.

    Article  Google Scholar 

  17. Procedda, M. (2014). Public-Private Partnerships: A soft approach to cybersecurity? Views from the European Union. In G. Giacomello (Ed.), Security in Cyberspace: Targeting Nations, Infrastructures, Individual. New York, London: Bloomsbury Academic.

    Google Scholar 

  18. Fahey, Elaine. 2014. "EU's Cybercrime and Cyber-Security Rulemaking: Mapping the Internal and External Dimensions of EU Security, The." Eur. J. Risk Reg.:46.

  19. EU. 2013. "Joint Communication on the Cybersecurity Strategy of the European Union: An Open, Safe and Secure Cyberspace " JOIN(2013) 1 final http://eeas.europa.eu/policies/eu-cyber-security/cybsec_comm_en.pdf.

  20. European Commission (2015). The European Agenda on Security. COM, 2015, 185 .http://eur-lex.europa.eu/legal-content/en/HIS/?uri=celex%3A52015DC0185

    Google Scholar 

  21. Grimsey, Darrin, and Mervyn Lewis. 2007. Public private partnerships: The worldwide revolution in infrastructure provision and project finance: Edward Elgar Publishing.

    Google Scholar 

  22. Schneider, A. L. (1999). Public-private partnerships in the US prison system. American Behavioral Scientist, 43(1), 192–208.

    Article  Google Scholar 

  23. Bovaird, T. (2004). Public–Private Partnerships: from Contested Concepts to Prevalent Practice. International Review of Administrative Sciences, 70(2), 199–215. doi:10.1177/0020852304044250.

    Article  Google Scholar 

  24. Hodge, G. A., & Greve, C. (2007). Public–private partnerships: an international performance review. Public Administration Review, 67(3), 545–558.

    Article  Google Scholar 

  25. Reynaers, A.-M., & De Graaf, G. (2014). Public Values in Public–Private Partnerships. International Journal of Public Administration, 37(2), 120–128.

    Article  Google Scholar 

  26. Forrer, J., Kee, J. E., Newcomer, K. E., & Boyer, E. (2010). Public–private partnerships and the public accountability question. Public Administration Review, 70(3), 475–484.

    Article  Google Scholar 

  27. Willems, T., & Van Dooren, W. (2011). Lost in diffusion? How collaborative arrangements lead to an accountability paradox. International Review of Administrative Sciences, 77(3), 505–530.

    Article  Google Scholar 

  28. Hodge, Graeme A, and Carsten Greve. 2005. The challenge of public-private partnerships: Learning from international experience: Edward Elgar Publishing.

  29. European Commission. 2004. "Green paper on public-private partnerships and community law on public contracts and concessions." COM (2004) 327 final.

  30. United Nations Economic Commission for Europe. 2008. "Guidebook on promoting good governance in public private partnerships." ECE/CECI/4.

  31. Van, d. H., Martijn, L. B., Lember, V., Petersen, O. H., & Witz, P. (2015). National varieties of Public–Private Partnerships (PPPs): A comparative analysis of PPP-supporting units in 19 European countries (pp. 1–20). Research and Practice: Journal of Comparative Policy Analysis.

    Google Scholar 

  32. Roumboutsos, Athena. 2015. Public Private Partnerships in Transport: Trends and Theory: Routledge.

  33. Linder, S. H. (1999). Coming to terms with the public-private partnership a grammar of multiple meanings. American Behavioral Scientist, 43(1), 35–51.

    Article  Google Scholar 

  34. Bovis, C. H. (2015). Risk in Public-Private Partnerships and Critical Infrastructure. European Journal of Risk Regulation, 6(2).

  35. Hans, V. D., Sarmento, J. M., & Renneboog, L. (2016). Anatomy of public-private partnerships: their creation, financing and renegotiations. International Journal of Managing Projects in Business, 9(1), 94–122.

    Article  Google Scholar 

  36. Van, D. H., Martijn, & Verhoest, K. (2016). The challenge of using standard contracts in public–private partnerships. Public Management Review, 18(2), 278–299.

    Article  Google Scholar 

  37. Brinkerhoff, D. W., & Brinkerhoff, J. M. (2011). Public–private partnerships: perspectives on purposes, publicness, and good governance. Public Administration and Development, 31(1), 2–14.

    Article  Google Scholar 

  38. Bovis, Christopher. 2013. Public-private Partnerships in the European Union: Routledge.

    Google Scholar 

  39. Gómez-Barroso, J. L., & Feijóo, C. (2010). A conceptual framework for public-private interplay in the telecommunications sector. Telecommunications Policy, 34(9), 487–495.

    Article  Google Scholar 

  40. Braman, S. (2011). The Framing Years: Policy Fundamentals in the Internet Design Process, 1969–1979. The Information Society, 27, 295–310.

    Article  Google Scholar 

  41. Townes, M. (2012). The spread of TCP/IP: How the Internet became the Internet. Millennium-Journal of International Studies, 41(1), 43–64.

    Article  Google Scholar 

  42. LaRose, R., Bauer, J. M., DeMaagd, K., Chew, H. E., Ma, W., & Jung, Y. (2014). Public broadband investment priorities in the United States: an analysis of the broadband technology opportunities program. Government Information Quarterly, 31(1), 53–64. doi:10.1016/j.giq.2012.11.004.

    Article  Google Scholar 

  43. Narayanan, A., Jain, A., & Bowonder, B. (2005). Providing rural connectivity infrastructure: ICT diffusion through private sector participation. International Journal of Services, Technology and Management, 6(3–5), 416–436.

    Article  Google Scholar 

  44. ENISA. 2011a. "Cooperative Models for Effective Public Private Partnerships." http://www.enisa.europa.eu/activities/Resilience-and-CIIP/public-private-partnership/national-public-private-partnerships-ppps/copy_of_desktop-reserach-on-public-private-partnerships/at_download/fullReport

  45. Héritier, A. (2001). Market integration and social cohesion: the politics of public services in European regulation. Journal of European Public Policy, 8(5), 825–852. doi:10.1080/13501760110083536.

    Article  Google Scholar 

  46. Graz, Jean-Christophe, and Andreas Nölke. 2007. Transnational private governance and its limits: Routledge.

    Google Scholar 

  47. Harcourt, A. (2013). Participatory Gains and Policy Effectiveness: The Open Method of Co-ordination Information Society. JCMS: Journal of Common Market Studies, 51(4), 667–683. doi:10.1111/jcms.12022.

    Google Scholar 

  48. Börzel, T. (2010). European governance: negotiation and competition in the shadow of hierarchy. JCMS: Journal of Common Market Studies, 48(2), 191–219.

    Google Scholar 

  49. Wagner, B. (2014). The politics of internet filtering: The United Kingdom and Germany in a comparative perspective. Politics, 34(1), 58–71.

    Article  Google Scholar 

  50. Wiater, P. (2015). On the notion of" Partnership" in Critical Infrastructure Protection. European Journal of Risk Regulation, 6(2), 255–262.

    Article  Google Scholar 

  51. Bauer, J. M. (2010). Changing roles of the state in telecommunications. International Telecommunications Policy Review, 17(1).

  52. European Commission. 2013. "Proposal for a directive of the European Parliament and of the Council concerning measures to ensure a high common level of network and information security across the Union." COM(2013) 48 final http://ec.europa.eu/newsroom/dae/document.cfm?doc_id=1666.

  53. Marsden, Christopher T. 2011. Internet co-regulation: European law, regulatory governance and legitimacy in cyberspace: Cambridge University Press.

  54. Tropina, T., & Callanan, C. (2015). Self-and Co-regulation in Cybercrime, Cybersecurity and National Security. Heidelberg: Springer.

    Book  Google Scholar 

  55. Bendiek, A., & Porter, A. L. (2013). European Cyber Security Policy within a Global Multistakeholder Structure. European Foreign Affairs Review, 18(2), 155–180.

    Google Scholar 

  56. Carr, M. (2015). Power Plays in Global Internet Governance. Millennium - Journal of International Studies, 43(2), 640–659. doi:10.1177/0305829814562655.

    Article  Google Scholar 

  57. Chenou, J.-M. (2014). From Cyber-Libertarianism to Neoliberalism: Internet Exceptionalism, Multi-stakeholderism, and the Institutionalisation of Internet Governance in the 1990s. Globalizations, 11(2), 205–223.

    Article  Google Scholar 

  58. Cavelty, D., & Myriam (2013). From Cyber-Bombs to Political Fallout: Threat Representations with an Impact in the Cyber-Security Discourse. International Studies Review, 15(1), 105–122.

    Article  Google Scholar 

  59. Hansen, L., & Nissenbaum, H. (2009). Digital disaster, cyber security, and the Copenhagen School. International Studies Quarterly, 53(4), 1155–1175.

    Article  Google Scholar 

  60. Wagner, Ben. forthcoming. "Constructed "Cyber" Realities & International Relations Theory. ." In Technology and International Relations Theory, edited by R Marlin-Bennett and J. P. Singh. Cambridge: CUP.

  61. Schmidt, A. (2014). Open Security. Contributions of Networked Approaches to the Challenge of Democratic Internet Security Governance. In R. Radu, J.-M. Chenou, & R. H. Weber (Eds.), The Evolution of Global Internet Governance (pp. 169–187). Berlin Heidelberg: Springer.

    Chapter  Google Scholar 

  62. Choucri, N., & Clark, D. D. (2012). Integrating Cyberspace and International Relations: The Co-Evolution Dilemma. In Explorations in Cyber-International Relations: Who Controls Cyberspace? Cambridge, MA: MIT.

    Google Scholar 

  63. DeNardis, L. (2012). Hidden levers of Internet control: An infrastructure-based theory of Internet governance. Information, Communication & Society, 15(5), 720–738.

    Article  Google Scholar 

  64. Mathew, Ashwin Jacob. 2014. Where in the World is the Internet? Locating Political Power in Internet Infrastructure. http://gradworks.proquest.com/3685949.pdf: University of California, Berkeley.

  65. DeNardis, Laura. 2014. The global war for internet governance: Yale University Press.

  66. Ruiz, Jeanette B, and George A Barnett. 2014. "Who owns the international Internet networks?" Journal of International Communication 21 (1):38–57.

  67. Anderson, R., & Moore, T. (2006). The economics of information security. Science, 314(5799), 610–613.

    Article  Google Scholar 

  68. August, T., & Tunca, T. I. (2011). Who should be responsible for software security? A comparative analysis of liability policies in network environments. Management Science, 57(5), 934–959.

    Article  Google Scholar 

  69. Brown, Ian, and Christopher T Marsden. 2013. Regulating code: Good governance and better regulation in the Information Age: MIT Press.

  70. Edwards, Benjamin, Michael Locasto, and Jeremy Epstein. 2014. "Panel Summary: The Future of Software Regulation." Proceedings of the 2014 workshop on New Security Paradigms Workshop, http://dl.acm.org/citation.cfm?id=2683478.

  71. Kleinschmidt, Broder. 2010. "An International Comparison of ISP's Liabilities for Unlawful Third Party Content." International Journal of Law and Information Technology:eaq009.

  72. Rowe, Brent, and Dallas Wood. 2013. "Are Home Internet Users Willing to Pay ISPs for Improvements in Cyber Security?" In Economics of Information Security and Privacy III, 193–212. Springer.

  73. Usman, S. H. (2013). A review of responsibilities of internet service providers towards their customer network security. Journal of Theoretical and Applied Information Technology, 49(1), 70–78.

    Google Scholar 

  74. Van Eijk Nico. 2013. "Duties of care on the Internet." In The Secure Information Society, 57–81. Springer.

  75. Clark, David, Thomas Berson, and Herbert S Lin. 2014. At the Nexus of Cybersecurity and Public Policy:: Some Basic Concepts and Issues: National Academies Press.

  76. Cohen-Almagor, R. (2015). Internet architecture, freedom of expression and social responsibility: critical realism and proposals for a better future. Innovation: The European Journal of Social Science Research, 28(2), 147–166.

    Google Scholar 

  77. Horten, Monica. 2015. "The Policy Challenge of Content Restrictions: How Private Actors Engage the Duties of States." Media@LSE Working Paper 34 (http://www.lse.ac.uk/media@lse/research/mediaWorkingPapers/pdf/WP34-FINAL.pdf).

  78. Parti, K., & Marin, L. (2013). Ensuring freedoms and protecting rights in the governance of the Internet: a comparative analysis of blocking measures of illegal Internet content and the liability of ISPs. Journal of Contemporary European Research, 9(1), 138–159.

    Google Scholar 

  79. August, T., August, R., & Shin, H. (2014). Designing user incentives for cybersecurity. Communications of the ACM, 57(11), 43–46.

    Article  Google Scholar 

  80. Camp, L. J. (2011). Reconceptualizing the role of security user. Daedalus, 140(4), 93–107.

    Article  Google Scholar 

  81. Hare, Forest. 2010. "The interdependent nature of national cyber security: motivating public action for a private good." PhD, George Mason University (http://digilib.gmu.edu:8080/dspace/bitstream/1920/6312/1/Hare_dissertation_2010.pdf).

    Google Scholar 

  82. Kaijankoski, Eric A. 2015. Cybersecurity Information Sharing Between Public Private Sector Agencies. http://oai.dtic.mil/oai/oai?verb=getRecord&metadataPrefix=html&identifier=ADA620766: DTIC Document.

  83. Suter, M. (2007). Improving information security in companies: How to meet the need for threat information. In M. D. Cavelty, V. Mauer, & S. F. Krishna-Hensel (Eds.), Power and Security in the Information Age: Investigating the Role of the State in Cyberspace, Aldershot: Ashgate (pp. 129–150). Aldershot: Ashgate.

    Google Scholar 

  84. Bauer, J. M., JG, M., & Eeten, V. (2009). Cybersecurity: Stakeholder incentives, externalities, and policy options. Telecommunications Policy, 33(10), 706–719.

    Article  Google Scholar 

  85. Dourado, E., & Castillo, A. (2015). "Information Sharing”: No panacea for American cybersecurity challenges. Mercatus Center Policy Paper: George Mason University http://mercatus.org/publication/information-sharing-no-panacea-american-cybersecurity-challenges.

    Google Scholar 

  86. Nolan, A. (2015). Cybersecurity and Information Sharing: Legal Challenges and Solutions. Congressional Research Service, 7–5700 http://a51.nl/sites/default/files/pdf/R43941.pdf.

  87. Kesan, J. P., & Hayes, C. M. (2015). Creating a “Circle of Trust” to Further Digital Privacy and Cybersecurity Goals. Michigan State Law Review, 2014(5), 1475.

    Google Scholar 

  88. Rosenzweig, Paul. 2011. Cybersecurity and Public goods. The Public/Private “Partnership”. In Emerging Threats in National Security and Law, edited by Peter Berkowitz. Stanford: Hoover institution, Stanford University.

  89. Prince, Daniel, and Nick King. 2013. "Small business cyber security workshop 2013: towards digitally secure business growth." http://eprints.lancs.ac.uk/65265/.

  90. Lagazio, M., Sherif, N., & Cushman, M. (2014). A multi-level approach to understanding the impact of cyber crime on the financial sector. Computers & Security, 45, 58–74.

    Article  Google Scholar 

  91. Brown, I., & Cowls, J. (2015). Check the web: assessing the ethics of politics of policing the internet for extremist material. Voxpol: Report http://voxpol.eu/category/publications/vox-pol-publications/.

    Google Scholar 

  92. European Union (2013). Regulation (EU) No 526/2013 of the European Parliament and of the Council of 21 May 2013 concerning the European Union Agency for Network and Information Security (ENISA) and repealing Regulation (EC) No 460/2004 Text with EEA relevance. OJ L, 165, 41–58.

    Google Scholar 

  93. ENISA. 2011b. Cooperative Models for Effective Public Private Partnerships. Desktop Research Report. http://www.enisa.europa.eu/activities/Resilience-and-CIIP/public-private-partnership/national-public-private-partnerships-ppps/copy_of_desktop-reserach-on-public-private-partnerships/at_download/fullReport ENISA.

  94. Commission of the European Communities. 2009. Communication from the Commission..on Critical Information Infrastructure Protection. "Protecting Europe from large scale cyber-attacks and disruptions: enhancing preparedness, security and resilience". COM(2009) 149 final.

  95. Irion, K. (2013). The Governance of Network and Information Security in the European Union: The European Public-Private Partnership for Resilience (EP3R). In J. Krüger, B. Nickolay, & S. Gaycken (Eds.), The Secure Information Society (pp. 83–116). London: Springer.

    Chapter  Google Scholar 

  96. ENISA. 2015. "EP3R 2009–2013 Future of NIS Public Private Cooperation." (https://www.enisa.europa.eu/activities/Resilience-and-CIIP/public-private-partnership/european-public-private-partnership-for-resilience-ep3r/ep3r-2009-2013/at_download/fullReport).

  97. Morgus, Robert, Isabel Skierka, Mirko Hohmann, and Tim Maurer. 2015. "National CSIRTs and Their Role in Computer Security Incident."

    Google Scholar 

  98. RAND Europe. 2012. "Feasibility Study for a European Cybercrime Centre." http://www.rand.org/pubs/technical_reports/TR1218.html .

  99. Reitano, T., Oerting, T., & Hunter, M. (2015). Innovations in International Cooperation to Counter Cybercrime: The Joint Cybercrime Action Taskforce. The European Review of Organised Crime, 2(2), 142–154.

    Google Scholar 

  100. General Secretariat of the Council. 2015. "Friends of the Presidency Group on Cyber Issues." 15059/15.

  101. Council of the European Union. 2015. "EU Internet Referral Unit at Europol - Concept note." 7266/15.

  102. European Commission. 2012. "Internet Policy and Governance Europe's role in shaping the future of Internet Governance." COM/2014/072 final

  103. Wagner, Ben, Kirsten Gollatz, and Andrea Calderaro. 2014. "Internet & Human Rights in Foreign Policy: comparing narratives in the US and EU Internet Governance agenda." Robert Schuman Centre for Advanced Studies Research Paper No. RSCAS 86.

  104. Walker, C., & Conway, M. (2015). Online terrorism and online laws. Dynamics of Asymmetric Conflict, 8(2), 156–175. doi:10.1080/17467586.2015.1065078.

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. German Institute for International and Security Affairs, Berlin, Germany

    Raphael Bossong

  2. Europe University Viadrina, Frankfurt, Germany

    Ben Wagner

Authors
  1. Raphael Bossong
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ben Wagner
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Raphael Bossong.

Rights and permissions

Reprints and Permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Bossong, R., Wagner, B. A typology of cybersecurity and public-private partnerships in the context of the EU. Crime Law Soc Change 67, 265–288 (2017). https://doi.org/10.1007/s10611-016-9653-3

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10611-016-9653-3

Keywords

search

Navigation