Angeliki Zagoriti

The European Union's defense against common cyber attacks part 1: The Budapest convention and the EU's strategies

The European Union's defense against common cyber attacks part 1: The Budapest convention and the EU's strategies

Cyber security is a major global issue, and it is the case in Europe. In order to deal cyber threats, it is important to know how the European Union (EU) perceives these threats.

The EU’s approach to cyber threats is mainly reflected in the EU strategies and legal documents. Before looking into them, I will introduce the Budapest Convention (formally Convention on Cybercrime) (2001) and the EU strategies.

Budapest Convention 2001

On 23 November 2001, the EU entered into the Convention on Cybercrime, which is known as the Budapest Convention. It was the first international treaty on cybersecurity and it provided definitions that guide the member states. Specifically, from its first articles, definitions of the terminologies that are included in the context of cyberspace are given (article 1). The Budapest Convention adopted two additional protocols; “Additional Protocol to the Convention on Cybercrime, concerning the criminalisation of acts of a racist and xenophobic nature committed through computer systems” (entered into force on 2006) and “Second Additional Protocol to the Convention on Cybercrime on enhanced co-operation and disclosure of electronic evidences” (adopted by the Committee of Ministers on 17/11/2021). The second protocol arose from the extent of cybercrimes / cyberattacks and the difficulty of the investigations. As the result, immediate detection of the cybercriminal and the extraction of the evidence became possible.

EU Strategies

In general, the EU strategy “is a boutique public affairs consultancy based in Brussels, the heart of EU policy making”. When a threat is identified, a policy and the strategy that aim to deal with the problems are drawn up. There are several cybersecurity related strategies developed between 2003 and 2020

  • European Security Strategy, ESS (2003)

  • European Strategy for a secure information society (2006)

  • European Cybersecurity Strategy (2013)

  • European Union Global Strategy (2016)

  • EU Security Union Strategy (2020)

It is important to know these EU strategies to understand the principles and priorities. More information about the above EU strategies will be explained in the next articles.

If you need any assistance or have any questions regarding cybersecurity, feel free to contact us.

References:

  1. Second Additional Protocol to the Convention on Cybercrime on enhanced co’operation and disclosure of electronic evidence

  2. Additional Protocol to the Convention on Cybercrime, concerning the criminalisation of acts of a racist and xenophobic nature committed through computer systems (ETS No. 189)

  3. Challenges to effective EU cybersecurity policy (europa.eu)

  4. european security strategy a secure europe in a better world opa.eu)

  5. CETS 189 - Additional Protocol to the Convention on Cybercrime, concerning the criminalisation of acts of a racist and xenophobic nature committed through computer systems (coe.int)

  6. Budapest Convention - Cybercrime (coe.int)