The European Union's cyber-diplomacy is focused on ensuring that governments, the private sector, civil society organizations around the globe understand the impact of an open, free and secure cyberspace on their lives and that they are capable of taking action to protect it.

  1. It develops and promotes ggod practices to ensure respect for human rights online.
  2. It aims to prevent the miuse of new technologies by authoritarian regimes.
  3. It supports human rights defenders around the world.
  4. It develops regulatory frameworks that ensure trust in the digital environment.
  5. It ensures the protection of personal data and privacy online.
  6. It protects citizens against cybercrime including by promoting international cooperation (e.g. the Budapest Convention).
  7. It contributes to raising awareness and building capacities for human rights, the rule of law; security, growth and development.
  8. It implements projects aimed at building capacities for cyber resilience and the fight against cybercrime.
  9. It promotes the respect for existing international law and norms of responsible behaviour in cyberspace.
  10. It maintains bilateral cyber dialogues with other regional bodies and international organizations.
  11. It promotes a vision of the internet as a single, open, neutral, free and unfragmented network.
  12. It supports and strengthens multistakeholder engagement for internet governance.
  13. It promotes technological policy and regulatory capacity-building related to the internet.
  14. It actively shape global debates on the future of cyberspace, in particular at the UN.
  15. It improves cooperation and coordination with regional organizations such as ASEAN, OAS, AU, OSCE and NATO

The EU as a forward looking cyber player

  • Launch of the Commission's cybersecurity package (2017);
  • Permanent mandate to the EU Agency for Network and Information Security (ENISA);
  • EU cybersecurity certification framework;
  • Full implementation of the 'NIS' Directive (Directive on security of ¬†Network and Information Systems ;
  • Blueprint for rapid emergency response;
  • Establishing EU-wide cyber-research centres;
  • Improving law-enforcement response;
  • Improving the overall political response and deterrence.

Since the Commission does not have operational capabilities of its own, it is supported by agencies and bodies, such as

  1. ENISA,
  2. Europol (especially its European Cyber Crime Centre),
  3. EU Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice (eu-LISA),
  4. Computer Emergency Response Team (CERT-EU)
  5. Intelligence and Situation Centre (INTCEN).

In 2017, the Council established a framework for a joint EU diplomatic response to malicious cyber activities. On 17 May 2019, the Council established an autonomous sanctions framework for cyberattacks, meaning that the EU is now able to impose sanctions on perpetrators or accomplices. Cyber-defence aspects have also been included in the 2016 European defence action plan, prioritised in the European Defence Agency's 2018 capability development priorities, addressed through several projects under permanent structured cooperation (PESCO), and listed as one of the seven concrete areas of EU-NATO cooperation. Cyber-defence also has implications for the EU's solidarity and mutual assistance clauses as well as for the functioning and protection of EU missions and operations. The EU also holds numerous cyber-dialogues with international organisations, such as the UN, the Council of Europe, the OSCE and the OECD, and with partners such as the United States, Canada and Japan, to name a few. In March 2019, Parliament approved the proposed cybersecurity act, establishing the first EU cyber-certification scheme and giving ENISA a permanent mandate. Ensuring effective cyber-deterrence of malicious actors remains a challenge for the EU, and pan-European efforts for resilience, deterrence and defence should be strengthened and streamlined further. Experts have argued that deeper engagement by EU countries can hone a more systematic approach to fixing weak links and gaps, and can generate more robust and effective EU action on cyber.

Add new comment