权益分类	功能权益	普通用户	{{item.name}}会员
{{category.name}}	{{benefitItem.name}}

Regulating Information Security. Keeping Public and Private Data Safe

规范信息安全。

基本信息

批准号：
320727003
负责人：
Professor Dr. Thomas Wischmeyer
金额：
--
依托单位：
Lehrstuhl für Öffentliches Recht und Recht der Digitalisierung
依托单位国家：
德国
项目类别：
Research Grants
财政年份：
2016
资助国家：
德国
起止时间：
2015-12-31 至 2021-12-31
项目状态：
已结题

来源：
https://gepris.dfg.de/gepris/projekt/320727003?language=en
关键词：
Regulating Information Security.Keeping Public

项目摘要

While information security is widely considered to be one of the most pressing problems of our time, it is far from clear how public actors can contribute to making information technology (IT) and information networks safe. Nevertheless, lawmakers have started to address the issue: in 2015, statutes were passed in Germany, the European Union, the U.S. and many other states, which are supposed to improve information security for essential data and information infrastructures. But can national or even supranational actors effectively regulate this global problem? And what is the potential impact of information security governance on constitutional rights? I want to understand why the existing legal regime fails to provide for an adequate level of information security and how it can become more effective - without compromising the (supra-)national constitutional framework. There are three aspects of information security governance that I plan to explore further as part of my proposed research: First, I identify and analyze the four main challenges faced by information security governance as well as their implications for effective rule making. These challenges are the non-territorial architecture of the Internet, the important role and dynamic development of technology in this field, the dialectical relationship between information security and fundamental rights, and the lack of trust in public authorities as far as the regulation of "digital" matters is concerned. Second, I reconstruct the legal regime of information security governance. A look beyond the recent statutes reveals that there already exists a large body of rules governing information security risks. This complex, partly transnational regime and the "hybrid" nature of some of the institutions involved in rule making make a global and pluralist account of information security law (ISL) necessary. Third, I seek to evaluate how information security governance can manage the tension between effectiveness and legality. In the absence of an international legal framework, it is mainly national and supranational constitutional law that legally structures information security governance. I analyze whether and how constitutional obligations are affected and, eventually, transformed when confronted with the pluralist and transnational rule making processes in which ISL is embedded. All in all, the project uses ISL as a lens to analyze general questions and challenges for regulation in the information age.

虽然信息安全被广泛认为是我们这个时代最紧迫的问题之一，但公共行为者如何能够为确保信息技术(IT)和信息网络的安全做出贡献还远不清楚。尽管如此，立法者已经开始解决这个问题：2015年，德国、欧盟、美国和其他许多州通过了一些法规，旨在改善关键数据和信息基础设施的信息安全。但是，国家甚至超国家行为者能否有效地监管这一全球问题？信息安全治理对宪法权利的潜在影响是什么？我想了解为什么现有的法律制度未能提供足够水平的信息安全，以及它如何在不损害(超)国家宪法框架的情况下变得更有效。作为我提出的研究的一部分，我计划进一步探讨信息安全治理的三个方面：第一，我确定和分析信息安全治理面临的四个主要挑战及其对有效规则制定的影响。这些挑战是互联网的非领土架构、技术在这一领域的重要作用和动态发展、信息安全和基本权利之间的辩证关系，以及在监管“数字”事项方面对公共当局缺乏信任。第二，重构信息安全治理的法律制度。如果超越最近的法规，就会发现已经存在大量管理信息安全风险的规则。这种复杂的、部分跨国的制度，以及参与规则制定的一些机构的“混合”性质，使得有必要对信息安全法(ISL)进行全球性和多元化的解释。第三，我试图评估信息安全治理如何处理有效性和合法性之间的紧张关系。在缺乏国际法律框架的情况下，在法律上构建信息安全治理的主要是国家和超国家宪法。我分析了宪法义务是否以及如何受到影响，并最终在面对ISL所嵌入的多元化和跨国规则制定过程时发生了转变。总而言之，该项目使用ISL作为镜头来分析信息时代监管面临的一般问题和挑战。