Data Protection and the Prevention of Cybercrime: The EU as an area of security?

DSpace/Manakin Repository

Show simple item record

dc.contributor.author PORCEDDA, Maria Grazia
dc.date.accessioned 2012-08-06T13:26:10Z
dc.date.available 2012-08-06T13:26:10Z
dc.date.issued 2012
dc.identifier.issn 1725-6739
dc.identifier.uri http://hdl.handle.net/1814/23296
dc.description (This working paper is a revised version of Ms. Porcedda's EUI LL.M. thesis, 2012.)
dc.description.abstract Cybercrime and cyber-security are attracting increasing attention, both for the relevance of Critical Information Infrastructure to the national economy and security, and the interplay of the policies tackling them with ‘ICT sensitive’ liberties, such as privacy and data protection. This study addresses the subject in two ways. On the one hand, it aims to cast light on the (legal substantive) nature of, and relationship between, cybercrime and cyber security, which are currently ‘terms of hype’ (and therefore it is descriptive). On the other, it explores the possibility of reconciling data protection and privacy with the prevention of cybercrime and the pursuit of a cyber-security policy (and therefore it explores causation). As such, the subject falls in the ‘security vs. privacy’ debate, and wishes in particular to investigate whether it is possible to build ‘human rights by design’ security policies, i.e. a security policy that reconciles both security and human rights. My argument hinges on a clarification of the term ‘cybercrime’ (and cyber-security), both by building on the literature – which recognises the mix of traditional crimes committed by electronic means (broad cybercrime or off-line crimes), and novel crimes possible only in the online environment (narrow cybercrime or online crimes) –and on original interpretations as far as the relationship between cybercrime and cyber-security is concerned. I argue that narrow (or online) crimes and broad (or off-line) crimes are profoundly different in terms of underlying logics while facing the same procedural challenges, and that only narrow cybercrime pertains to cyber-security, understood as a policy. Yet, the current policy debate is focussing too much on broad cybercrimes, thus biasing the debate over the best means to tackle ICT-based crimes and challenging the liberties involved. I then claim that the implementation of data protection principles in a cyber-security policy can act as a proxy to reduce cyber threats, and in particular (narrow) cybercrime, provided that the following caveats are respected: i) we privilege a technical computer security notion; ii) we update the data protection legislation (in particular the understanding of personal data); and iii) we adopt a coreperiphery approach to human rights. The study focuses on the European Union. The interaction between privacy and data protection and other liberties involved, as well as purely procedural issues, are outside of the scope of this research. en
dc.language.iso en en
dc.relation.ispartofseries EUI LAW en
dc.relation.ispartofseries 2012/25 en
dc.subject Data protection en
dc.subject privacy en
dc.subject cybercrime en
dc.subject cyber-security en
dc.subject AFSJ (area of freedom, security and justice) en
dc.title Data Protection and the Prevention of Cybercrime: The EU as an area of security? en
dc.type Working Paper en


Files in this item

This item appears in the following Collection(s)

Show simple item record