Skip to main content
Publications
Journal Article
Datenschutz und Datensicherheit 45 (7): 438–443
Subject(s)
Economics, politics and business environment; Information technology and systems; Technology, R&D management
Keyword(s)
AI, artificial intelligence, privay, data protection, information law
The European Commission has presented proposals for the horizontal regulation of artificial intelligence. It is thus foreseeable that the regulatory systems of data protection and IT security will be supplemented by a further cross-sectoral approach to the regulation of information technology. This article explains the proposals and describes their advantages and disadvantages.

[Die Europäische Kommission hat Vorschläge vorgelegt, wie eine horizontale Regulierung künstlicher Intelligenz erfolgen soll. Damit ist absehbar, dass neben die Regulierungssysteme des Datenschutzes und der IT-Sicherheit ein weiterer sektorübergreifender Ansatz zur Regulierung von Informationstechnik treten wird.]
Volume
45
Journal Pages
438–443
ISSN (Online)
1862-2607
ISSN (Print)
1614-0702
Journal Article
International Cybersecurity Law Review 2 (1): 77–92
Andrew J. Grotto, Martin Schallbruch (2021)
Subject(s)
Economics, politics and business environment; Information technology and systems; Technology, R&D management
Keyword(s)
Transatlantic, data protection, internet of things, artificial intelligence, industrial control systems (ICS)
Volume
2
Journal Pages
77–92
ISSN (Online)
2662-9739
ISSN (Print)
2662-9720
Subject(s)
Economics, politics and business environment; Information technology and systems; Technology, R&D management
Keyword(s)
Cybersecurity, information security, government, Germany
Since its foundation 30 years ago, the Federal Office for Information Security (BSI) has developed into an internationally and nationally recognized center of competence for IT security. With a steady increase in tasks, the discussion about the governance of the office has become stronger - many voices are calling for greater independence of the BSI. The article examines the reasons for and options for greater independence of the agency. As a result, it argues for a further development of the agency's governance that represents a balance between independence and political responsibility.

[Seit seiner Gründung vor 30 Jahren hat sich das BSI zu einem international und national anerkannten Kompetenzträger für IT-Sicherheit entwickelt. Mit stetigem Aufgabenzuwachs ist die Diskussion über die Steuerung des Amtes stärker geworden – viele Stimmen fordern eine größere Unabhängigkeit des BSI.]
Volume
45
Journal Pages
229–233
ISSN (Online)
1862-2607
ISSN (Print)
1614-0702
Journal Article
TA TuP (Journal for Technology Assessment in Theory and Practice) 29 (1): 30–36
Arnd Weber, Gernot Heiser, Dirk Kuhlmann, Martin Schallbruch, Anupam Chattopadhyay, Sylvain Guilley, Michael Kasper et al. (2020)
Subject(s)
Information technology and systems
Keyword(s)
Cybersecurity, sovereignty, open source, verification,
supply chain risks
Increasing dependence on information technology calls for strengthening the requirements on their safety and security. Vulnerabilities that result from flaws in hardware and software are a core problem which market mechanisms have failed to eliminate. A strategy for resolving this issue should consider the following options: (1) private- and public-sector
funding for open and secure production, (2) strengthening the sovereign control over the production of critical IT components within an
economic zone, and (3) improving and enforcing regulation. This paper
analyses the strengths and weaknesses of these options and proposes
a globally distributed, secure supply chain based on open and mathematically proved components. The approach supports the integration
of legacy and new proprietary components.
Volume
29
Journal Pages
30–36
ISSN (Online)
2199-9201
ISSN (Print)
1619-7623
Subject(s)
Information technology and systems; Technology, R&D management
Keyword(s)
Cybersecurity, information security, legislation, risk management
With the increasing importance of the security of information technology for all areas of life, the IT security law has developed step by step without the European and German legislation being able to follow an overall draft. At the latest with the IT security regulations in the General Data Protection Regulation and the expansion of sector-specific regulations on IT security, questions of the systematization of the new area of law arise. The authors examine three key questions - the modeling of systems subject to the law, the concept of risk management, and the determination of the state of the art security measures. Finally, they outline the main elements of a restructuring of IT security law. [Das IT-Sicherheitsrecht will die IT-Sicherheit schützen, folgt aber weder auf europäischer noch auf deutscher Gesetzgebungsebene einem Gesamtentwurf. Der Beitrag geht drei Schlüsselfragen nach – der Modellierung der dem Recht unterworfenen Systeme (II.), dem Risikobegriff (III.) sowie der Ermittlung des Standes der Technik (IV.) – und entwirft Grundzüge einer Strukturierung des IT-Sicherheitsrechts (V.).]
Volume
34
Journal Pages
706–720
ISSN (Online)
2194-4172