Security and Law Book contents
- Frontmatter
- Contents
- List of Contributors
- Chapter 1 Introduction: Security and Law in a Digitizing World
- Chapter 2 Safety, Security and Ethics
- Chapter 3 National and Public Security within and beyond the Police Directive
- Chapter 4 Criminal Profiling and Non-Discrimination: On Firm Grounds for the Digital Era?
- Chapter 5 Operationalization of Information Security through Compliance with Directive 2016/680 in Law Enforcement Technology and Practice
- Chapter 6 Protecting Human Rights through a Global Encryption Provision
- Chapter 7 Identity Management and Security
- Chapter 8 Towards an Obligation to Secure Connected and Automated Vehicles “by Design”?
- Chapter 9 The Cybersecurity Requirements for Operators of Essential Services under the NIS Directive – An Analysis of Potential Liability Issues from an EU, German and UK Perspective
- Chapter 10 The ‘by Design’ Turn in EU Cybersecurity Law: Emergence, Challenges and Ways Forward
- Chapter 11 Promoting Coherence in the EU Cybersecurity Strategy
- Chapter 12 Challenges of the Cyber Sanctions Regime under the Common Foreign and Security Policy (CFSP)
- Chapter 13 International (Cyber)security of the Global Aviation Critical Infrastructure as a Community Interest
- Cumulative Bibliography
- Miscellaneous Endmatter
Chapter 5 - Operationalization of Information Security through Compliance with Directive 2016/680 in Law Enforcement Technology and Practice
Published online by Cambridge University Press: 23 January 2020
- Frontmatter
- Contents
- List of Contributors
- Chapter 1 Introduction: Security and Law in a Digitizing World
- Chapter 2 Safety, Security and Ethics
- Chapter 3 National and Public Security within and beyond the Police Directive
- Chapter 4 Criminal Profiling and Non-Discrimination: On Firm Grounds for the Digital Era?
- Chapter 5 Operationalization of Information Security through Compliance with Directive 2016/680 in Law Enforcement Technology and Practice
- Chapter 6 Protecting Human Rights through a Global Encryption Provision
- Chapter 7 Identity Management and Security
- Chapter 8 Towards an Obligation to Secure Connected and Automated Vehicles “by Design”?
- Chapter 9 The Cybersecurity Requirements for Operators of Essential Services under the NIS Directive – An Analysis of Potential Liability Issues from an EU, German and UK Perspective
- Chapter 10 The ‘by Design’ Turn in EU Cybersecurity Law: Emergence, Challenges and Ways Forward
- Chapter 11 Promoting Coherence in the EU Cybersecurity Strategy
- Chapter 12 Challenges of the Cyber Sanctions Regime under the Common Foreign and Security Policy (CFSP)
- Chapter 13 International (Cyber)security of the Global Aviation Critical Infrastructure as a Community Interest
- Cumulative Bibliography
- Miscellaneous Endmatter
Summary
INTRODUCTION
Information and communication technologies are cornerstones of modern society. Automated computer processes and the continuous collection, analysis and creation of data are staples of each current industry, service and sector. As data analytics are now vital in both the public and private sphere, securing confidential and valuable information remains a key goal of computer science. To this end, the concept of information security revolves around the identification and implementation of concrete safeguards based on the three fundamental tenets of Confidentiality, Integrity and Availability. While these principles are generally accepted in the field of computer science, they do not constitute universal or legally binding conditions. The current EU legal framework on cybersecurity does not impose general or specific obligations on developers of information technologies for private or public actors. Still, as the undue disclosure or processing of confidential information can have serious consequences, the EU legislator recently finalized its data protection reforms to further safeguard personal data. In addition to the General Data Protection Regulation (GDPR), the reforms also consist of a Law Enforcement Directive (DPLE) for the purpose of regulating the collection, processing and storage of personal information in the context of policing.
As innovative technologies are rapidly adopted by law enforcement agencies to detect, investigate and prevent crime, the negative impact of security breaches can significantly affect the safety and integrity of citizens and police practices. It is in light of these developments that this chapter seeks to assess whether compliance with the recent European legislation on data protection may support the realization of fundamental principles of information security in a law enforcement context. To this end, it provides an outline of the principles of information security followed by an overview of the current legal framework on cybersecurity and data protection in the EU. The differences and similarities between information security and data protection are examined in order to determine to what extent law enforcement technology and practice could rely on the applicable data protection legislation to ensure sufficiently high standards of information security. Finally, to illustrate how the concrete implementation of security requirements in data protection might actually support the accomplishment of high standards of information security in practice, the chapter concludes with a brief assessment of security protocols applied in two law enforcement systems developed in the framework of European research projects.
- Type
- Chapter
- Information
- Security and LawLegal and Ethical Aspects of Public Security, Cyber Security and Critical Infrastructure Security, pp. 97 - 128Publisher: IntersentiaPrint publication year: 2019
- 1
- Cited by