MILESTONES IN THE DEVELOPMENT OF LEGAL FRAMEWORKS FOR CYBERSECURITY COOPERATION: FROM THE PERSPECTIVE OF DIFFERENT COUNTRIES AND ORGANIZATIONS
Keywords:
ENISA, UN GGE, cyber security, CCDCOE, NIS, UN, legal frameworkAbstract
This article explores a comprehensive overview of the evolution of legal frameworks for cybersecurity cooperation, focusing on key developments from the 1990s to the present. It begins by exploring the early recognition of cybersecurity issues by the United Nations (UN) in the 1990s, highlighting the establishment of the UN Group of Governmental Experts (UN GGE) in 1999, which laid the groundwork for international collaboration on cyber security and governance. The adoption of the Council of Europe's Budapest Convention in 2001 marked a significant milestone, offering the first comprehensive legal framework for addressing cybercrime through international cooperation and harmonized national laws. It also discusses recent advancements in legal frameworks, such as the European Union’s NIS Directive and Cybersecurity Act, which aim to strengthen cybersecurity across member states, and the United States’ recent executive orders, which address the evolving cybersecurity threat landscape. It concludes by emphasizing the ongoing challenges and the need for adaptive and robust legal frameworks to effectively mitigate cyber risks in an increasingly interconnected world.References
United Nations, “Report of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security,” 1999. available on: https://digitallibrary.un.org/record/799853?v=pdf
"Доктрина информационной безопасности Российской Федерации" (утв. Президентом РФ 09.09.2000 N Пр-1895) ("Doctrine of Information Security of the Russian Federation" (approved by the President of the Russian Federation on 09.09.2000 N Pr-1895))
Council of Europe, “Convention on Cybercrime,” Budapest, 2001. available on: https://rm.coe.int/1680081561
U.S. Government, “The National Strategy to Secure Cyberspace,” 2003. available on: https://georgewbush-whitehouse.archives.gov/pcipb/
European Commission, “European Network and Information Security Agency,” 2004. available on: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32004R0460
NATO Cooperative Cyber Defence Centre of Excellence, “About CCDCOE,” 2008
United Nations, “Proposal for an International Cyber Treaty by the Russian Federation,” 2011.
Michael N. Schmitt, ed., “Tallinn Manual on the International Law Applicable to Cyber Warfare,” Cambridge University Press, 2013.
United Nations, “Report of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security,” 2015
French Government, “Paris Call for Trust and Security in Cyberspace,” 2018. available on https://www.diplomatie.gouv.fr/en/french-foreign-policy/france-and-the-united-nations/multilateralism-a-principle-of-action-for-france/alliance-for-multilateralism/article/paris-call-for-trust-and-security-in-cyberspace#:~:text=The%20Paris%20Call%20for%20Trust%20and%20Security%20in%20Cyberspace%2C%20launched,professional%20associations%20and%20civil%20society
United Nations General Assembly, “Ad Hoc Committee on Cybercrime,” 2019. available on: https://dig.watch/processes/cybercrime-ad-hoc-committee
European Union, “Directive on Security of Network and Information Systems,” 2016. available on: https://www.europarl.europa.eu/thinktank/en/document/EPRS_BRI(2020)654198#:~:text=The%20NIS%20Directive%20entered%20into,States'%20supervision%20of%20critical%20sectors.
European Union, “Cyber security Act,” (Regulation (EU) 2019/881) 2019. available on: https://www.bsi.bund.de/EN/Das-BSI/Auftrag/Gesetze-und-Verordungen/Cyber-Security-Act/cyber-security-act_node.html
U.S. Government, “Executive Order on Improving the Nation’s Cybersecurity,” 2021. available on https://www.cisa.gov/topics/cybersecurity-best-practices/executive-order-improving-nations-cybersecurity
Cyberspace Solarium Commission, “Final Report,” 2020. available on: https://www.solarium.gov/report
ASEAN, “Regional Framework on Cybersecurity Cooperation,” 2021. available on: https://gakkai.sfc.keio.ac.jp/journal/.assets/SFCJ23-1-02.pdf
Указ Президента Российской Федерации от 02.07.2021 г. № 400, “О Стратегии национальной безопасности Российской Федерации”. 2021 (Decree of the President of the Russian Federation of 02.07.2021 No. 400, “On the National Security Strategy of the Russian Federation”. 2021)
The White House, “Executive Order on Improving the Nation’s Cybersecurity,” 2021. available on https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/
U.S. Congress, “Cyber Incident Reporting for Critical Infrastructure Act,” 2022. available on: https://www.cisa.gov/topics/cyber-threats-and-advisories/information-sharing/cyber-incident-reporting-critical-infrastructure-act-2022-circia
Government of Japan, “Revised Basic Act on Cybersecurity,” 2022
Center for Strategic and International Studies (CSIS), “State-Sponsored Cyber Operations and Geopolitical Tensions,” 2023.
“Тенденции и перспективы формирования российской экосистемы данных” Экспертное заключение подготовлено по итогам сессии ПМЭФ-2024 «Российская экономика данных: задавая векторы развития до 2050 года».2024 (“Trends and Prospects for the Formation of the Russian Data Ecosystem” Expert opinion prepared following the results of the SPIEF-2024 session “Russian Data Economy: Setting Development Vectors until 2050”.2024) available at: https://roscongress.org/materials/tendentsii-i-perspektivy-formirovaniya-rossiyskoy-ekosistemy-dannykh/