| CODE | MCT5002 | ||||||||||||
| TITLE | Cybersecurity Regulation | ||||||||||||
| UM LEVEL | 05 - Postgraduate Modular Diploma or Degree Course | ||||||||||||
| MQF LEVEL | 7 | ||||||||||||
| ECTS CREDITS | 5 | ||||||||||||
| DEPARTMENT | Media, Communications & Technology Law | ||||||||||||
| DESCRIPTION | This study-unit is concerned with the regulatory aspects of cybersecurity and cybercrime. Rather than focus on cybersecurity as a technical issue, this study-unit will focus on the regulatory and policy aspects. Cybersecurity has become a top priority for both public and private sectors (governments, businesses, and other policy-makers). It is also increasingly a top priority for citizens, whose everyday web 'surfing' may also be impacted by cybercrimes and/or personal data breaches. It will delve into specific aspects such as regulation on use of strong encryption and regulation on cyber warfare; regulation on security of connected devices and regulation on security of essential services. This study-unit will consider national, European and international law and policy on cybersecurity in different contexts, such as national security, protection of critical infrastructure (critical market operators, ranging from critical sectors (energy, transport, water, health, digital infrastructure and the finance sector) to critical digital service providers (on-line marketplaces, cloud and on-line search engines)), and data privacy. The study-unit will also focus on cybercrime from both substantive and procedural aspects. The main 鈥渉ard law鈥 instruments that will be discussed are: The Network and 福利在线免费 Security Directive (NIS Directive) (EU 2016/1148) Security rules in the General Data Protection Regulation (EU 2016/679) Council of Europe Convention on Cybercrime (ETS No. 185) EU Directive on Attacks against 福利在线免费 Systems (Directive 2013/40/EU) - and the national transposition of these instruments Emerging legislation: Proposal for a Directive of the European Parliament and of the Council on measures for a high common level of cybersecurity across the Union, repealing Directive (EU) 2016/1148 COM/2020/823 final (NIS 2 Directive) Study-unit Aims: The aim of the study-unit is to familiarise non-lawyers with regulatory and policy aspects of cybersecurity and cybercrime. Beyond examining the main 'hard' law instruments in the field, the study-unit aims to analyse such legislation and other emerging policy initiatives in terms of their aims and regulatory approach, thus encouraging a critical approach to emerging issues and challenges. The aim is also to critically engage with the question of to what extent do extant and emerging legal instruments adequately contribute to effectively tackling cybersecurity incidents. Learning Outcomes: 1. Knowledge & Understanding By the end of the study-unit the student will be able to: - Discuss the concept of 'regulation' and what it means to regulate cybersecurity and cybercrime; - Explain how the EU regulates cybersecurity and cybercrime, including those instruments focusing directly or indirectly on incidents affecting the confidentiality, integrity and/or availability of data; - Discuss the aims and regulatory approaches of the regulatory instruments mentioned in study-unit, also considering relevant cybersecurity practices of IT practitioners; - Appraise the said EU regulation, in particular in terms of its strengths and weaknesses; - Identify cybersecurity laws at the global, regional and national levels; - Describe the relevant regulatory roles played by international organisations, such as the International Telecommunications Union (ITU), the World Trade Organization (WTO) and the North Atlantic Treaty Organization (NATO). 2. Skills By the end of the study-unit the student will be able to: - Explore the connection between technical security issues and regulatory issues discussed in the study-unit; - Compare and critically discuss how different legal instruments conceptualise and regulate incidents affecting the confidentiality, integrity and/or availability of data, including their prevention and their consequences; - Formulate, organise and plan concrete cybersecurity solutions by merging legal and technical assurances; - Synthesise and review the different cybersecurity regulatory instruments; - Formulate arguments in the context of policy debates about emerging cybersecurity issues and their regulation at national, European and international level; - Review upcoming legislative initiatives in the area of cybersecurity regulation. Main Text/s and any supplementary readings: Main text: - European Security and Defence College, Rehrl, J. 2018. Handbook on cyber security. Volume V, (J. Rehrl, editor), Publications Office. - Synodinu, Tatiane虅-Elene虅, Philippe Jougleux, Christiana Markou, and Thalia Prastitou (editors) 2017. EU internet law: regulation and enforcement. Springer Cham. Hardcover ISBN 978-3-319-64954-2, Softcover ISBN 978-3-319-87910-9, eBook ISBN 978-3-319-64955-9 (free access on-line) Supplementary readings: - Christou, George. 2016. Cybersecurity in the European Union: Resilience and Adaptability in Governance Policy. Palgrave Macmillan London. Hardcover ISBN 978-1-137-40051-2, eBook ISBN 978-1-137-40052-9 (free access on-line) - Savin, Andrej. 2018. EU Internet Law. Edward Elgar. ISBN 978 1 78990 856 5 - European Court of Auditors, Challenges to effective EU cybersecurity policy. Briefing Paper, March 2019. Note: The area of cybersecurity regulation is a fast moving one. Thus, further reading materials will necessarily need to be suggested as the study-unit proceeds. Primary materials, such as legislation and case-law, as well as other useful secondary material are often published on-line and, as a result, learning how to search Internet resources effectively is an increasingly important skill. |
||||||||||||
| STUDY-UNIT TYPE | Lecture and Independent Study | ||||||||||||
| METHOD OF ASSESSMENT |
|
||||||||||||
| LECTURER/S | |||||||||||||
|
The University makes every effort to ensure that the published Courses Plans, Programmes of Study and Study-Unit information are complete and up-to-date at the time of publication. The University reserves the right to make changes in case errors are detected after publication.
The availability of optional units may be subject to timetabling constraints. Units not attracting a sufficient number of registrations may be withdrawn without notice. It should be noted that all the information in the description above applies to study-units available during the academic year 2025/6. It may be subject to change in subsequent years. |
|||||||||||||