Our former Ph.D. researcher Pier Giorgio Chiara – who defended his thesis on ‘Security and Privacy of resource-constrained devices’ under the supervision of Prof. Cole in March 2023 – together with his team ‘LegalAIzers’ won the 1st University of St. Gallen Grand Challenge on the EU AI Act. The Grand Challenge seeks to clarify how to … Continued
Our most recent publication is based on the presentation given at BILETA 2022 at the University of Exeter in April 2022. This paper reflects on the final text of the NIS 2 Directive as adopted on 14 December 2022. Following the risk-based approach adopted in the NIS Directive, the NIS 2 Directive enlists as a … Continued
In March 2022, the European Commission and the U.S. government announced the political agreement on a new EU-U.S. Data Privacy Framework to replace the Privacy Shield Framework which had been struck down by the CJEU in the case of Schrems II. The new framework seeks to establish the legal basis for transatlantic data flows to … Continued
The NIS Directive Commentary has been updated with regard to Article 8. Articles 1, 3 and 7 NIS Directive foresee the adoption of a national framework by each Member State including a strategy on NIS security as well as regulatory measures covering OESs and DSPs. The envisaged increase of Member States’ capabilities further requires a … Continued
On 18 April 2023, the European Commission adopted a Proposal for a Regulation laying down measures to strengthen solidarity and capacities in the Union to detect, prepare for and respond to cybersecurity threats and incidents (Proposal for an EU Cyber Solidarity Act) along with a Commission Communication setting up a Cybersecurity Skills Academy. The EU … Continued
Our second contribution to the Proceedings of the International Conference on Cybersecurity, Situational Awareness and Social Media outlines the new incident reporting obligations under the NIS 2 Directive as foreseen in the original Commission Proposal for a NIS 2 Directive and further discussed during the trilogue negotiations. The NIS Directive (NISD) and sector-specific cybersecurity regulations … Continued