Publications
Top Keywords
- AI Act (11)
- Art. 10 EVRM (26)
- Art. 17 CDSM Directive (13)
- Artificial intelligence (83)
- Big data (12)
- Constitutional and administrative law (11)
- Consumer law (11)
- Content moderation (22)
- Copyright (211)
- Cybersecurity (10)
- Data protection (29)
- Data protection law (11)
- Digital Services Act (DSA) (31)
- Digital Single Market (13)
- EU (19)
- EU law (25)
- Europe (13)
- Fake news (14)
- Freedom of expression (50)
- Fundamental rights (21)
- GDPR (22)
- Human rights (31)
- Intellectual property (31)
- Internet (24)
- Journalism (18)
- Kluwer Information Law Series (43)
- Licensing (14)
- Media law (37)
- Online platforms (20)
- Patent law (20)
- Personal data (35)
- Platforms (24)
- Privacy (327)
- Regulation (13)
- Social media (11)
- Software (10)
- Surveillance (11)
- Text and Data Mining (TDM) (21)
- Trademark law (16)
- Transparency (19)
Certificate Authority Collapse: Regulating Systemic Vulnerabilities in the HTTPS Value Chain external link
Abstract
Recent breaches and malpractices at several Certificate Authorities (CA’s) have led to a global collapse of trust in these central mediators of Hypertext Transfer Protocol Secure (HTTPS) communications. Given our dependence on secure web browsing, the security of HTTPS has become a top priority in telecommunications policy. In June 2012, the European Commission proposed a new Regulation on eSignatures. As the HTTPS ecosystem is by and large unregulated across the world, the proposal presents a paradigm shift in the governance of HTTPS. This paper examines if, and if so, how the European regulatory framework should legitimately address the systemic vulnerabilities of the HTTPS ecosystem. To this end, the HTTPS authentication model is conceptualised using actor-based value chain analysis and the systemic vulnerabilities of the HTTPs ecosystem are described through the lens of several landmark breaches. The paper explores the rationales for regulatory intervention, discusses the proposed EU eSignatures Regulation and ultimately develops a conceptual framework for HTTPS governance. It apprises the incentive structure of the entire HTTPS authentication value chain, untangles the concept of information security and connects its balancing of public and private interests to underlying values, in particular constitutional rights such as privacy, communications secrecy and freedom of expression. On the short term, specific regulatory measures to be considered throughout the value chain includes proportional liability provisions, meaningful security breach notifications and internal security requirements, but both legitimacy and effectiveness will depend on the exact wording of the regulatory provisions. The EU eSignatures proposal falls short on many of these aspects. In the long term, a robust technical and policy overhaul is needed to address the systemic weaknesses of HTTPS, as each CA is a single point of failure for the security of the entire ecosystem.
Telecommunicatierecht
RIS
Bibtex
Annotatie bij Rb. ‘s-Gravenhage 11 januari 2012 (Brein / Ziggo & XS4ALL) external link
What the European Commission owes 500 million Europeans external link
Alles onder controle? Een kritische blik op de door de dataretentierichtlijn in het leven geroepen driehoeksverhouding tussen de Wet Bewaarplicht Telecommunicatiegegevens, de strafvorderlijke toegangs external link
Handhaving van intellectuele eigendomrechten external link
Abstract
Rapport in opdracht van het Ministerie van Economische Zaken ten behoeve van de ICT-toets 2002. Bijdrage over de stand van wetgeving(sinitiatieven) op wereld- en Europees niveau en in Nederland, Canada, Duitsland, Frankrijk, Japan, Verenigd Koninkrijk, Verenigde Staten en Zweden op het gebied van intellectuele eigendom in de digitale omgeving, m.n. wat betreft auteursrecht, naburige rechten en octrooien op software en bedrijfsmethoden.
Intellectuele eigendom
RIS
Bibtex
Annotatie bij Hof Den Haag 21 december 2000 (De Telegraaf / NVM) external link
Choice of Law in Copyright and Related Rights. Alternatives to the Lex Protectionis external link
Abstract
Nobody denies that the traditional territorial approach to copyright and other intellectual property rights has come under pressure. Yet it persists. Faced with the need to determine the applicable law in cross-border cases, lawyers everywhere wrestle with the implications of the territorial nature of copyright and related rights. In this book Mireille van Eechoud clears the way to the formulation of conflict rules that reflect the purpose of copyright law- to protect creators and stimulate the production and use of information- without reverting to old-fashioned notions of territoriality. She shows how the applicable law can be determined for four distinct legal avenues of intellectual property law:
- Which exclusive rights exist in an intellectual creation and for how long;
- Who is considered to own such right;
- How can these rights be transferred; and
- What continues infringement of copyright and related rights.
Mireille van Eechoud shows how, when each of these questions is approached in the light of the different allocation principles used in modern choice of law, a new clarity begins to emerge that promises in time to build a set of conflict rules well suited to the unprecedented copyright and related rights issues that we find so difficult to resolve today. Her in-depth analysis draws in the classis multilateral conventions and treaties, underlying policies, technological and economic developments, utilitarian grounds versus justice considerations, and issues of infringement in the digital environment.
Kluwer Information Law Series