Skip to main content
SpringerLink
Log in
Book cover

Security Privatization pp 219–247Cite as

A Typology of Cybersecurity and Public–Private Partnerships in the Context of the European Union

  • Chapter
  • First Online:

Abstract

The European Union increasingly aims towards a “partnership” with private companies for ensuring public security. The loosely defined, or contested, area of “cybersecurity” provides the leading case for involving private actors in transnational security governance, which interacts with the dynamic debate on different models of “internet” or “cyberspace” governance. At the same time, official proclamations and the practice of such public private partnerships in cybersecurity remain highly diverse. This chapter therefore first sets out a typology for categorizing different forms of public–private interactions for cybersecurity, only some of which qualify as more regularized and operational “partnership”. On this basis, the chapter surveys the activities of ENISA and EUROPOL as the two leading agencies of EU cybersecurity. In particular, the increasing relations the EC3 cybersecurity centre within EUROPOL with leading private IT security companies is discussed. The conclusions underline the lack of public knowledge and need for critical normative reflection on these partnerships, particularly in so far as they extend to more proactive prosecution of cybercrimes.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   139.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   179.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD   179.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    One should, however, that there are alternative framings of technical IT security and problems with the general label of “cyber”, which will be briefly taken up below.

  2. 2.

    In contrast to informal working arrangements for security and intelligence agencies.

  3. 3.

    For instance, https://www.icspa.org/ or https://www.ncia.nato.int/NewsRoom/Pages/140918-NATO-launches-Industry-Cyber-Partnership.aspx

  4. 4.

    At the time of writing, the legislative proposal had gained political agreement from all EU institutions, but was not formally concluded yet. See: https://ec.europa.eu/digital-single-market/en/news/network-and-information-security-directive-co-legislators-agree-first-eu-wide-legislation

  5. 5.

    Information and computer scientist tend to prefer other more technical and precise concepts, such as information security, which is composed of definable attributes of integrity, availability and confidentiality. Security scholars, in contrast, have highlighted the dangers of “securitizing” the digital communications or simply just ‘cyber’ and merging distinct issues of cybercrime, cyber-assisted crime with more state-centred notion of security, which can legitimate “offensive” methods and the involvement of the military.

  6. 6.

    Again, we cannot go into the question whether cyberspace is a suitably precise analytical concept. For a widely cited official definition, see http://www.dhs.gov/sites/default/files/publications/Cyberspace_Policy_Review_final_0.pdf

  7. 7.

    For instance, http://www.ix-f.net/ixp-models.html. See also Farrand and Carrapico, Chap. 9, for a more detailed discussion on the historical development from public to private management of critical infrastructures.

  8. 8.

    An especially controversial response to this challenge has been to create separate market incentives through programs such as ‘bug bounties.’

  9. 9.

    Such as “hate” speech, weapons instructions, child sexual abuse material, etc.

  10. 10.

    These functionally differentiated tasks or processes have been inductively derived by the authors from the diverse social science literature on cybersecurity referred above. For reasons of space this differentiation cannot be systematically related to wider theories of public (economic) regulation and security governance here, but this may prove a worthwhile research agenda for the future. On the one hand, one could test whether the proposed tasks are truly exhaustive and comprehensive in the area of cybersecurity. On the other hand, more elaborate formal reasoning on collective action dynamics, such as with regard to the public good qualities of information or reliable access, could be explored beyond the cursory remarks made below.

  11. 11.

    If one applies a broad or multi-level understanding of cybersecurity, this can range from questions of rights management, privacy and data protection to secure communication protocol standards or product safety and security.

  12. 12.

    http://www.nationalisacs.org/#!member-isacs/jnog6

  13. 13.

    http://www.wired.com/2015/11/facebook-and-twitter-face-tough-choices-as-isis-exploits-social-media

  14. 14.

    This point can be unlined by the fact that PPPs for a more secure internet provision at the infrastructural level have not yet been funded in Europe, as illustrated by the failed idea of a “Schengen-net” for secure data transfers in Europe.

  15. 15.

    The typological fields are referred to in the respective subheadings of the different sections.

  16. 16.

    ENISA has organised several annual major ICT incident exercises for EU member states that were triggered official EU conclusions in the aftermath of the 2009 Estonian cyber-attacks. Assessments of these exercises are limited to official document, where the large number of participants (500+) and positive resonance had highlighted.

  17. 17.

    See https://www.enisa.europa.eu/about-enisa/structure-organization/psg

  18. 18.

    See also Art. 3 of the EU regulation establishing ENISA (revised 526/2013).

  19. 19.

    https://resilience.enisa.europa.eu/internet-infrastructure-security-and-resilience-reference-group

  20. 20.

    https://resilience.enisa.europa.eu/ecrg

  21. 21.

    https://www.enisa.europa.eu/publications/articles/standards-for-cyber-security

  22. 22.

    https://www.cscan.org/openaccess/?id=213

  23. 23.

    http://www.enisa.europa.eu/activities/stakeholder-relations/nis-brokerage-1/european-cyber-security-month-advocacy-campaign

  24. 24.

    https://www.enisa.europa.eu/activities/cert/support/information-sharing/european-fi-isac-a-public-private-partnership. This has been modelled on a corresponding US Forum with global reach. http://www.fsisac.com/

  25. 25.

    http://www.cyspa.eu/default.aspx?page=home

  26. 26.

    http://www.scmagazineuk.com/internet-security-alliance-to-launch-european-spinoff/article/382265/

    https://ec.europa.eu/futurium/en/system/files/ged/safe_-_nis_and_the_dsm_07042015.pdf

  27. 27.

    ENISA, 2012a. European Public + Private Partnership for Resilience. Activity Report 2012. Available at: https://resilience.enisa.europa.eu/ep3r/2012-activity-report

  28. 28.

    Compare also for an incomplete survey of information-sharing platforms across EU member states https://resilience.enisa.europa.eu/nis-platform/shared-documents/wg2-documents/wg2-outcome-draft/at_download/file

  29. 29.

    This would hitherto be limited to some cases that are covered by the 2009 EU telecommunications regulation (Directive 2009/140/EC). See https://resilience.enisa.europa.eu/article-13

  30. 30.

    Public authorities from 18 member state are taking part, while the rest is constituted by academic institutions or experts See full list of members http://ec.europa.eu/transparency/regexpert/index.cfm?do=groupDetail.groupDetail&groupID=2920&NewSearch=1&NewSearch=1

  31. 31.

    See https://resilience.enisa.europa.eu/nis-platform. Especially the second working group provide the most detailed recommendations on how to differentiate, improve and link up the variety of information-sharing initiatives for CIIP, see https://resilience.enisa.europa.eu/nis-platform/shared-documents/5th-plenary-meeting/chapter-3-wg2_final-for-discussion-may-27-2015/at_download/file

  32. 32.

    https://resilience.enisa.europa.eu/nis-platform/shared-documents/eu-us-preliminary-workshop-comparing-approaches

  33. 33.

    Or computer security incident response teams in alternative European parlance (CSIRT), see https://www.enisa.europa.eu/activities/cert/support/guide2/introduction/what-is-csirt

  34. 34.

    http://cert.europa.eu/cert/plainedition/en/cert_about.html

  35. 35.

    For instance, one could point to frameworks for data sharing or best practice collection, see http://www.enisa.europa.eu/activities/cert/support/data-sharing

    http://www.enisa.europa.eu/activities/cert/support/fight-against-cybercrime/the-directive-on-attacks-against-information-systems

  36. 36.

    https://www.us-cert.gov/about-us

  37. 37.

    http://cybersecurity.bsa.org/assets/PDFs/study_eucybersecurity_en.pdf

  38. 38.

    https://www.telekom.com/verantwortung/sicherheit/136918

  39. 39.

    https://www.enisa.europa.eu/activities/risk-management/events/enisa-workshop-on-eu-threat-landscape/05PresentationStavrosLingris p-15

  40. 40.

    https://www.enisa.europa.eu/activities/cert/support/information-sharing/detect-share-protect-solutions-for-improving-threat-data-exchange-among-certs

  41. 41.

    http://www.egc-group.org/index.html

  42. 42.

    https://cert.europa.eu/cert//plainedition/en/cert_partners.html

  43. 43.

    http://www.nttdata.com/global/en/insights/it-briefings/2015022401.html

  44. 44.

    https://www.europol.europa.eu/sites/default/files/publications/ec3_programme_board_-_tor_-_terms_of_reference_and_mandate_of_the_advisory_group_on_internet_security.pdf

  45. 45.

    http://www.computerweekly.com/news/2240235526/Over-a-hundred-cyber-criminals-arrested-in-global-operation

  46. 46.

    Barclays, ING Group, Citibank, the European Banking Federation, and the association for ATM Security (EAST). See https://www.europol.europa.eu/category/news-category/agreements?page=1 and https://www.european-atm-security.eu/tag/ec3 and http://www.finextra.com/news/fullstory.aspx?newsitemid=27536

  47. 47.

    http://www.kaspersky.com/about/news/business/2014/Kaspersky-Lab-Broadens-Cooperation-with-Both-INTERPOL-and-Europol

  48. 48.

    http://news.softpedia.com/news/Intel-and-Europol-Sign-Agreement-on-Fight-against-Cybercrime-465520.shtml

  49. 49.

    http://www.eurosecglobal.de/europols-european-cybercrime-centre-ec3-and-mnemonic-co-operate.html

  50. 50.

    http://iq-media.com/category/cybercrime

  51. 51.

    http://www.thepaypers.com/digital-identity-security-online-fraud/europol-s-ec3-joins-forces-with-fireeye-to-better-detect-cybercrime/761040-26

  52. 52.

    https://www.europol.europa.eu/latest_news/europol-signs-agreement-group-ib-cooperate-fighting-cybercrime

  53. 53.

    https://www.europol.europa.eu/newsletter/ec3-and-anubisnetworks-initiate-cooperation-fighting-malware-threats

    http://www.so-co-it.com/post/368648/anubisnetworks-and-europol-s-european-cybercrime-centre-sign-memorandum-of-understanding-to-fight-international-malware-threats.html

  54. 54.

    https://www.europol.europa.eu/latest_news/shadowserver-foundation-steps-cooperation-europol-combat-cybercrime

  55. 55.

    http://www.kaspersky.com/about/news/business/2014/Kaspersky-Lab-Broadens-Cooperation-with-Both-INTERPOL-and-Europol

    http://www.informationsecuritybuzz.com/kaspersky-lab-broadens-cooperation-interpol-europol/

    See on the joint EUROPOL INTERPOL MoU http://www.threatmetrix.com/interpol-has-new-nerve-centerand-more-muscle

    And conference http://www.interpol.int/News-and-media/Events/2014/INTERPOL-Europol-Cybercrime-Conference-2014/INTERPOL-Europol-Cybercrime-Conference-2014

  56. 56.

    http://iq-media.com/category/cybercrime

  57. 57.

    http://news.microsoft.com/presskits/dcu

  58. 58.

    https://www.european-atm-security.eu/tag/ec3/

    https://www.european-atm-security.eu/tag/ec3

  59. 59.

    http://blogs.microsoft.com/on-the-issues/2015/02/25/europol-takes-down-servers-used-by-cybercriminals-to-steal-financial-data

  60. 60.

    http://www.2uzhan.com/police-security-firms-team-up-and-take-down-shylock-malware/ This particular action even seems to have involved the British signals intelligence service GCHQ

  61. 61.

    Austria, France, Germany, Italy, Spain, the Netherlands and the UK

  62. 62.

    http://sgocnet.org/site/wp-content/uploads/2014/06/08_ReitanoEtAl_pp142-154.pdf

    http://www.theguardian.com/technology/2014/sep/01/europol-taskforce-cybercrime-hacking-malware

    https://www.europol.europa.eu/content/expert-international-cybercrime-taskforce-launched-tackle-online-crime

    http://www.scmagazineuk.com/europol-plans-more-malware-takedowns/article/396089/

    https://www.clearswift.com/blog/2014/07/25/why-joint-cybercrime-action-taskforce-positive-europe

    http://www.computing.co.uk/ctg/news/2348940/europol-cybercrime-head-international-public-private-collaboration-the-one-true-way-to-stop-cyber-criminals

  63. 63.

    http://www.scmagazineuk.com/j-cat-operations-to-continue/article/422464

  64. 64.

    EU DOC 6785/16, p. 35

  65. 65.

    http://www.adjacentgovernment.co.uk/ict/european-union-internet-referral-unit-europol/23582

  66. 66.

    https://wiki.openrightsgroup.org/wiki/Counter_Terrorism_Internet_Referral_Unit

  67. 67.

    http://www.ft.com/intl/cms/s/0/b5b03bb4-a87b-11e3-b50f-00144feab7de.html

  68. 68.

    https://edri.org/european-internet-forum-untransparent-and-dangerous/

  69. 69.

    http://www.cleanitproject.eu/about-the-project

  70. 70.

    https://edri.org/CleanIT-evaluation

  71. 71.

    http://www.fsm.de/hotline

References

  • Anderson, R., & Moore, T. (2006). The economics of information security. Science, 314(5799), 610–613.

    Article  Google Scholar 

  • August, T., & Tunca, T. I. (2011). Who should be responsible for software security? A comparative analysis of liability policies in network environments. Management Science, 57(5), 934–959.

    Article  Google Scholar 

  • August, T., August, R., & Shin, H. (2014). Designing user incentives for cybersecurity. Communications of the ACM, 57(11), 43–46.

    Article  Google Scholar 

  • Bauer, J. M. (2010). Changing roles of the state in telecommunications. International Telecommunications Policy Review, 17(1).

    Google Scholar 

  • Bauer, J. M., & Van Eeten, M. J. G. (2009). Cybersecurity: Stakeholder incentives, externalities, and policy options. Telecommunications Policy, 33(10), 706–719.

    Article  Google Scholar 

  • Bendiek, A., & Porter, A. L. (2013). European cyber security policy within a global multistakeholder structure. European Foreign Affairs Review, 18(2), 155–180.

    Google Scholar 

  • Bevir, M. (2014). The rise of security governance. In M. Bevir, O. Daddow, & I. Hall (Eds.), Interpreting global security (pp. 17–34). London: Routledge.

    Google Scholar 

  • Börzel, T. (2010). European governance: Negotiation and competition in the shadow of hierarchy. JCMS: Journal of Common Market Studies, 48(2), 191–219.

    Google Scholar 

  • Bovaird, T. (2004). Public–private partnerships: From contested concepts to prevalent practice. International Review of Administrative Sciences, 70(2), 199–215. doi:10.1177/0020852304044250.

    Article  Google Scholar 

  • Bovis, C. (2013). Public-private partnerships in the European Union. Routledge.

    Google Scholar 

  • Bovis, C. H. (2015). Risk in public-private partnerships and critical infrastructure. European Journal of Risk Regulation, 6(2).

    Google Scholar 

  • Braman, S. (2011). The framing years: Policy fundamentals in the internet design process, 1969–1979. The Information Society, 27, 295–310.

    Article  Google Scholar 

  • Brinkerhoff, D. W., & Brinkerhoff, J. M. (2011). Public–private partnerships: Perspectives on purposes, publicness, and good governance. Public Administration and Development, 31(1), 2–14.

    Article  Google Scholar 

  • Brown, I., & Cowls, J. (2015). Check the web: Assessing the ethics of politics of policing the internet for extremist material. Voxpol Report. http://voxpol.eu/category/publications/vox-pol-publications/

  • Brown, I., & Marsden, C. T. (2013). Regulating code: Good governance and better regulation in the information age. Cambridge: MIT Press.

    Google Scholar 

  • Camp, L. J. (2011). Reconceptualizing the role of security user. Daedalus, 140(4), 93–107.

    Article  Google Scholar 

  • Carr, M. (2015). Power plays in global internet governance. Millennium – Journal of International Studies, 43(2), 640–659. doi:10.1177/0305829814562655.

    Article  Google Scholar 

  • Carr, M. (2016). Public–private partnerships in national cyber-security strategies. International Affairs, 92(1), 43–62.

    Article  Google Scholar 

  • Chenou, J.-M. (2014). From cyber-libertarianism to neoliberalism: Internet exceptionalism, multi-stakeholderism, and the institutionalisation of internet governance in the 1990s. Globalizations, 11(2), 205–223.

    Article  Google Scholar 

  • Choucri, N., & Clark, D. D. (2012). Integrating cyberspace and international relations: The co-evolution dilemma. In Explorations in cyber-international relations: Who controls cyberspace? Cambridge, MA: MIT.

    Google Scholar 

  • Christou, G., & Simpson, S. (2006). The Internet and public–private governance in the European Union. Journal of Public Policy, 26(01), 43–61.

    Article  Google Scholar 

  • Clark, D., Berson, T., & Lin, H. S. (2014). At the nexus of cybersecurity and public policy: Some basic concepts and issues. Washington, DC: National Academies Press.

    Google Scholar 

  • Cohen-Almagor, R. (2015). Internet architecture, freedom of expression and social responsibility: Critical realism and proposals for a better future. Innovation: The European Journal of Social Science Research, 28(2), 147–166.

    Google Scholar 

  • Commission of the European Communities. (2009). Communication from the commission.. on critical information infrastructure protection. “Protecting Europe from large scale cyber-attacks and disruptions: enhancing preparedness, security and resilience”. COM(2009) 149 final.

    Google Scholar 

  • Council of the European Union. (2015). “EU Internet Referral Unit at Europol – Concept note.” 7266/15.

    Google Scholar 

  • Crawford, A. (2006). Networked governance and the post-regulatory state? Steering, rowing and anchoring the provision of policing and security. Theoretical Criminology, 10(4), 449–479.

    Article  Google Scholar 

  • DeNardis, L. (2012). Hidden levers of internet control: An infrastructure-based theory of Internet governance. Information, Communication & Society, 15(5), 720–738.

    Article  Google Scholar 

  • DeNardis, L. (2014). The global war for internet governance. New Haven, CT: Yale University Press.

    Book  Google Scholar 

  • Dourado, E., & Castillo, A. (2015). “Information Sharing”: No panacea for American cybersecurity challenges. Mercatus Center Policy Paper, George Mason University. http://mercatus.org/publication/information-sharing-no-panacea-american-cybersecurity-challenges

  • Dunn Cavelty, M. (2013). From cyber-bombs to political fallout: Threat representations with an impact in the cyber-security discourse. International Studies Review, 15(1), 105–122.

    Article  Google Scholar 

  • Dunn-Cavelty, M., & Suter, M. (2009). Public–private partnerships are no silver bullet: An expanded governance model for critical infrastructure protection. International Journal of Critical Infrastructure Protection, 2(4), 179–187.

    Article  Google Scholar 

  • Edwards, B., Locasto, M., & Epstein, J. (2014). Panel Summary: The Future of Software Regulation. Proceedings of the 2014 workshop on New Security Paradigms Workshop. http://dl.acm.org/citation.cfm?id=2683478

  • Ehrhart, H.-G., Hegemann, H., & Kahl, M. (2014). Putting security governance to the test: Conceptual, empirical, and normative challenges. European Security, 23(2), 119–125.

    Article  Google Scholar 

  • ENISA. (2011a). Cooperative models for effective public private partnerships. http://www.enisa.europa.eu/activities/Resilience-and-CIIP/public-private-partnership/national-public-private-partnerships-ppps/copy_of_desktop-reserach-on-public-private-partnerships/at_download/fullReport

  • ENISA. (2011b). Cooperative models for effective public private partnerships. Desktop Research Report. http://www.enisa.europa.eu/activities/Resilience-and-CIIP/public-private-partnership/national-public-private-partnerships-ppps/copy_of_desktop-reserach-on-public-private-partnerships/at_download/fullReport ENISA.

  • ENISA. (2015). EP3R 2009–2013 Future of NIS Public Private Cooperation. https://www.enisa.europa.eu/activities/Resilience-and-CIIP/public-private-partnership/european-public-private-partnership-for-resilience-ep3r/ep3r-2009-2013/at_download/fullReport

  • Eriksson, J., & Giacomello, G. (2009). Who controls the internet? Beyond the obstinacy or obsolescence of the State. International Studies Review, 11(1), 205–230.

    Article  Google Scholar 

  • EU. (2013). Joint communication on the cybersecurity strategy of the European Union: An Open, Safe and Secure Cyberspace. JOIN(2013) 1 final. http://eeas.europa.eu/policies/eu-cyber-security/cybsec_comm_en.pdf

  • European Commission. (2004). Green paper on public-private partnerships and community law on public contracts and concessions. COM (2004) 327 final.

    Google Scholar 

  • European Commission. (2012). Internet policy and governance Europe’s role in shaping the future of internet governance. COM/2014/072 final.

    Google Scholar 

  • European Commission. (2013). Proposal for a directive of the European Parliament and of the Council concerning measures to ensure a high common level of network and information security across the Union. COM(2013) 48 final. http://ec.europa.eu/newsroom/dae/document.cfm?doc_id=1666

  • European Commission. (2015). The European Agenda on Security. COM (2015) 185. http://eur-lex.europa.eu/legal-content/en/HIS/?uri=celex%3A52015DC0185

  • European Union. (2013). Regulation (EU) No 526/2013 of the European Parliament and of the Council of 21 May 2013 concerning the European Union Agency for Network and Information Security (ENISA) and repealing Regulation (EC) No 460/2004 Text with EEA relevance. OJ L 165, 41–58.

    Google Scholar 

  • Fahey, E. (2014). ‘EU’s cybercrime and cyber-security rulemaking: Mapping the internal and external dimensions of EU security, The. Eur. J. Risk Reg. 46.

    Google Scholar 

  • Forrer, J., Kee, J. E., Newcomer, K. E., & Boyer, E. (2010). Public–private partnerships and the public accountability question. Public Administration Review, 70(3), 475–484.

    Article  Google Scholar 

  • General Secretariat of the Council. (2015). Friends of the Presidency Group on Cyber Issues. 15059/15.

    Google Scholar 

  • Gómez-Barroso, J. L., & Feijóo, C. (2010). A conceptual framework for public-private interplay in the telecommunications sector. Telecommunications Policy, 34(9), 487–495.

    Article  Google Scholar 

  • Graz, J.-C., & Nölke, A. (2007). Transnational private governance and its limits. London: Routledge.

    Google Scholar 

  • Grimsey, D., & Lewis, M. (2007). Public private partnerships: The worldwide revolution in infrastructure provision and project finance. Cheltenham: Edward Elgar.

    Google Scholar 

  • Hameiri, S., & Jones, L. (2015). Governing borderless threats: Non-traditional security and the politics of state transformation. Cambridge: Cambridge University Press.

    Book  Google Scholar 

  • Hansen, L., & Nissenbaum, H. (2009). Digital disaster, cyber security, and the Copenhagen School. International Studies Quarterly, 53(4), 1155–1175.

    Article  Google Scholar 

  • Harcourt, A. (2013). Participatory gains and policy effectiveness: The open method of co-ordination information society. JCMS: Journal of Common Market Studies, 51(4), 667–683. doi:10.1111/jcms.12022.

    Google Scholar 

  • Hare, F. (2010). The interdependent nature of national cyber security: Motivating public action for a private good. PhD, George Mason University. http://digilib.gmu.edu:8080/dspace/bitstream/1920/6312/1/Hare_dissertation_2010.pdf

  • Héritier, A. (2001). Market integration and social cohesion: The politics of public services in European regulation. Journal of European Public Policy, 8(5), 825–852. doi:10.1080/13501760110083536.

    Article  Google Scholar 

  • Hodge, G. A., & Greve, C. (2005). The challenge of public-private partnerships: Learning from international experience. Cheltenham: Edward Elgar.

    Book  Google Scholar 

  • Hodge, G. A., & Greve, C. (2007). Public–private partnerships: an international performance review. Public Administration Review, 67(3), 545–558.

    Article  Google Scholar 

  • Horten, M. (2015). The policy challenge of content restrictions: How private actors engage the duties of states. Media@LSE Working Paper 34. http://www.lse.ac.uk/media@lse/research/mediaWorkingPapers/pdf/WP34-FINAL.pdf

  • Irion, K. (2013). The Governance of Network and Information Security in the European Union: The European Public-Private Partnership for Resilience (EP3R). In J. Krüger, B. Nickolay, & S. Gaycken (Eds.), The Secure Information Society (pp. 83–116). London: Springer.

    Chapter  Google Scholar 

  • Kaijankoski, E. A. (2015). Cybersecurity information sharing between public private sector agencies. http://oai.dtic.mil/oai/oai?verb=getRecord&metadataPrefix=html&identifier=ADA620766: DTIC Document.

  • Kennedy, D. (2016). A world of struggle: How power, law, and expertise shape global political economy. Princeton: Princeton University Press.

    Book  Google Scholar 

  • Kesan, J. P., & Hayes, C. M. (2015). Creating a “Circle of Trust” to further digital privacy and cybersecurity goals. Michigan State Law Review, 2014(5), 1475.

    Google Scholar 

  • Kleinschmidt, B. (2010). An international comparison of ISP’s liabilities for unlawful third party content. International Journal of Law and Information Technology:eaq009.

    Google Scholar 

  • Lagazio, M., Sherif, N., & Cushman, M. (2014). A multi-level approach to understanding the impact of cyber crime on the financial sector. Computers & Security, 45, 58–74.

    Article  Google Scholar 

  • LaRose, R., Bauer, J. M., DeMaagd, K., Chew, H. E., Ma, W., & Jung, Y. (2014). Public broadband investment priorities in the United States: An analysis of the broadband technology opportunities program. Government Information Quarterly, 31(1), 53–64. doi:10.1016/j.giq.2012.11.004.

    Article  Google Scholar 

  • Linder, S. H. (1999). Coming to terms with the public-private partnership a grammar of multiple meanings. American Behavioral Scientist, 43(1), 35–51.

    Article  Google Scholar 

  • Marsden, C. T. (2011). Internet co-regulation: European law, regulatory governance and legitimacy in cyberspace. Cambridge: Cambridge University Press.

    Book  Google Scholar 

  • Mathew, A. J. (2014). Where in the world is the internet? Locating political power in internet infrastructure. http://gradworks.proquest.com/3685949.pdf. University of California, Berkeley.

  • Min, K.-S., Chai, S.-W., & Han, M. (2015). An international comparative study on cyber security strategy. International Journal of Security and Its Applications, 9(2), 13–20.

    Article  Google Scholar 

  • Morgus, R., Skierka, I., Hohmann, M., & Maurer, T. (2015). National CSIRTs and their role in computer security incident.

    Google Scholar 

  • Mueller, M., Schmidt, A., & Kuerbis, B. (2013). Internet security and networked governance in international relations. International Studies Review, 15(1), 86–104.

    Article  Google Scholar 

  • Nance, M., & Cottrell, P. (2014). A turn toward experimentalism? Rethinking security and governance in the twenty-first century. Review of International Studies, 40(02), 277–301. doi:10.1017/S026021051300017X.

    Article  Google Scholar 

  • Narayanan, A., Jain, A., & Bowonder, B. (2005). Providing rural connectivity infrastructure: ICT diffusion through private sector participation. International Journal of Services Technology and Management, 6(3–5), 416–436.

    Article  Google Scholar 

  • Nolan, A. (2015). Cybersecurity and information sharing: Legal challenges and solutions. Congressional Research Service 7–5700. http://a51.nl/sites/default/files/pdf/R43941.pdf

  • Parti, K., & Marin, L. (2013). Ensuring freedoms and protecting rights in the governance of the Internet: A comparative analysis of blocking measures of illegal Internet content and the liability of ISPs. Journal of Contemporary European Research, 9(1), 138–159.

    Google Scholar 

  • Prince, D., & King, N. (2013). Small business cyber security workshop 2013: Towards digitally secure business growth. http://eprints.lancs.ac.uk/65265/

  • Procedda, M. (2014). Public-private partnerships: A soft approach to cybersecurity? Views from the European Union. In G. Giacomello (Ed.), Security in Cyberspace: Targeting Nations, Infrastructures, Individual. New York, London: Bloomsbury Academic.

    Google Scholar 

  • Radu, R., Chenou, J.-M., & Weber, R. H. (2014). The evolution of global internet governance: Principles and policies in the making, vol. 56. Springer Science & Business Media.

    Google Scholar 

  • RAND Europe. (2012). Feasibility study for a European cybercrime centre. http://www.rand.org/pubs/technical_reports/TR1218.html

  • Reitano, T., Oerting, T., & Hunter, M. (2015). Innovations in international cooperation to counter cybercrime: The joint cybercrime action taskforce. The European Review of Organised Crime, 2(2), 142–154.

    Google Scholar 

  • Reynaers, A.-M., & De Graaf, G. (2014). Public values in public–private partnerships. International Journal of Public Administration, 37(2), 120–128.

    Article  Google Scholar 

  • Rosenzweig, P. (2011). Cybersecurity and public goods. The public/private “partnership”. In P. Berkowitz (Ed.), Emerging threats in national security and law. Stanford: Hoover Institution, Stanford University.

    Google Scholar 

  • Roumboutsos, A. (2015). Public private partnerships in transport: Trends and theory. Routledge.

    Google Scholar 

  • Rowe, B., & Wood, D. (2013). Are home internet users willing to pay ISPs for improvements in cyber security? In Economics of information security and privacy III (pp. 193–212). Springer.

    Google Scholar 

  • Ruiz, J. B., & Barnett, G. A. (2014). Who owns the international Internet networks? Journal of International Communication, 21(1), 38–57.

    Article  Google Scholar 

  • Schmidt, A. (2014). Open security. Contributions of networked approaches to the challenge of democratic internet security governance. In R. Radu, J.-M. Chenou, & R. H. Weber (Eds.), The evolution of global internet governance (pp. 169–187). Berlin, Heidelberg: Springer.

    Chapter  Google Scholar 

  • Schneider, A. L. (1999). Public-private partnerships in the US prison system. American Behavioral Scientist, 43(1), 192–208.

    Article  Google Scholar 

  • Suter, M. (2007). Improving information security in companies: How to meet the need for threat information. In M. D. Cavelty, V. Mauer, & S. F. Krishna-Hensel (Eds.), Power and security in the information age: Investigating the role of the state in cyberspace (pp. 129–150). Aldershot: Ashgate.

    Google Scholar 

  • Townes, M. (2012). The spread of TCP/IP: How the Internet became the Internet. Millennium-Journal of International Studies, 41(1), 43–64.

    Article  Google Scholar 

  • Tropina, T. (2015). Public–private collaboration: Cybercrime, cybersecurity and national security. In Self-and co-regulation in Cybercrime, cybersecurity and national security (pp. 1–41). Springer.

    Google Scholar 

  • Tropina, T., & Callanan, C. (2015). Self-and co-regulation in cybercrime, cybersecurity and national security. Heidelberg: Springer.

    Book  Google Scholar 

  • United Nations Economic Commission for Europe. (2008). Guidebook on promoting good governance in public private partnerships. ECE/CECI/4.

    Google Scholar 

  • Usman, S. H. (2013). A review of responsibilities of internet service providers towards their customer network security. Journal of Theoretical and Applied Information Technology, 49(1), 70–78.

    Google Scholar 

  • Van Den Hurk, M., & Verhoest, K. (2016). The challenge of using standard contracts in public–private partnerships. Public Management Review, 18(2), 278–299.

    Article  Google Scholar 

  • Van den Hurk, M., Brogaard, L., Lember, V., Petersen, O. H., & Witz, P. (2015). National varieties of Public–Private Partnerships (PPPs): A comparative analysis of PPP-supporting units in 19 European countries (pp. 1–20). Research and Practice: Journal of Comparative Policy Analysis.

    Google Scholar 

  • van Dijck, J. (2014). Datafication, dataism and dataveillance: Big Data between scientific paradigm and ideology. Surveillance & Society, 12(2), 197–208.

    Google Scholar 

  • Van Eijk, N. (2013). Duties of care on the Internet. In The secure information society (pp. 57–81). Springer.

    Google Scholar 

  • Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber security. Computers & Security, 38, 97–102.

    Article  Google Scholar 

  • Voordijk, H., Sarmento, J. M., & Renneboog, L. (2016). Anatomy of public-private partnerships: their creation, financing and renegotiations. International Journal of Managing Projects in Business, 9(1), 94–122.

    Article  Google Scholar 

  • Wagner, B. (2014). The politics of internet filtering: The United Kingdom and Germany in a comparative perspective. Politics, 34(1), 58–71.

    Article  Google Scholar 

  • Wagner, B. (forthcoming). Constructed “cyber” realities & international relations theory. In R. Marlin-Bennett & J. P. Singh (Eds.), Technology and international relations theory. Cambridge: CUP.

    Google Scholar 

  • Wagner, B., Gollatz, K., & Calderaro, A. (2014). Internet & Human Rights in Foreign Policy: Comparing narratives in the US and EU Internet Governance agenda. Robert Schuman Centre for Advanced Studies Research Paper No. RSCAS 86.

    Google Scholar 

  • Walker, C., & Conway, M. (2015). Online terrorism and online laws. Dynamics of Asymmetric Conflict, 8(2), 156–175. doi:10.1080/17467586.2015.1065078.

    Article  Google Scholar 

  • Wiater, P. (2015). On the notion of “partnership” in critical infrastructure protection. European Journal of Risk Regulation, 6(2), 255–262.

    Article  Google Scholar 

  • Willems, T., & Van Dooren, W. (2011). Lost in diffusion? How collaborative arrangements lead to an accountability paradox. International Review of Administrative Sciences, 77(3), 505–530.

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. German Institute for International and Security Affairs (SWP), Ludwigkirchplatz 3-4, 10719, Berlin, Germany

    Raphael Bossong

  2. Institute for Management Information Systems, Vienna University of Economics and Business, Vienna, Austria

    Ben Wagner

Authors
  1. Raphael Bossong
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ben Wagner
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Raphael Bossong .

Editor information

Editors and Affiliations

  1. Center for Security Studies, Metropolitan University Prague, Prague, Czech Republic

    Oldrich Bures

  2. Department of Politics and International Relations, School of Languages and Social Sciences, Aston University, Birmingham, United Kingdom

    Helena Carrapico

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG

About this chapter

Cite this chapter

Bossong, R., Wagner, B. (2018). A Typology of Cybersecurity and Public–Private Partnerships in the Context of the European Union. In: Bures, O., Carrapico, H. (eds) Security Privatization. Springer, Cham. https://doi.org/10.1007/978-3-319-63010-6_10

Download citation

Publish with us

Policies and ethics

Search

Navigation