Cooperation between the U.S. and Germany on cybersecurity cannot
be taken for granted since information sharing remained a delicate
issue between the two countries following concerns raised by
documents released by whistleblower Edward Snowden in 2013. The
U.S. and Germany set aside those tensions, and government
representatives recently met for the fourth time to discuss a wide
range of cyber issues.
At the annual Cyber Bilateral Meeting in Washington, D.C. in
March 2016, the delegations agreed to collaborate further on the
protection of critical infrastructure, and to "continue to
work closely to enhance cybersecurity of critical infrastructure,
improve incident management and coordination, and build cyber
capacity of other countries", as noted in an official joint
Most importantly, the U.S. and German delegations agreed to
further promote certain key values and objectives related to cyber,
promotion of human rights online,
cyber capacity building in third countries, and
the concept of multistakeholder internet governance.
The concept of multistakeholder internet governance is
particularly important. Multistakeholder internet governance is a
participation model that seeks to include all interested parties,
such as industry, civil society, technical and academic experts,
and governments to facilitate dialogue, decision making, and
problem solving on issues arising from the growing importance of
the use and misuse of the internet in almost every sphere of life.
For example, this model is used by the Internet Corporation for
Assigned Names and Numbers (ICANN, which most notably is
responsible for managing most top-level domains) and the Internet
Engineering Task Force (IETF, which develops and promotes internet
standards). Also, at the end of last year, the United Nations
General Assembly reaffirmed the multistakeholder model and extended
the Internet Governance Forum mandate for another 10 years, which
allows for a continued participation of all stakeholders in the
development of internet standards and therefore was particularly
highlighted as a positive development by the U.S. and German
governments at the Cyber Bilateral Meeting.
The delegations also expressed that they support the
applicability of international law in cyberspace, and assessed
which measures Germany could adopt to continue setting the
standards. This comes at a time when Germany chairs the
Organization of Security and Cooperation in Europe (OSCE). Thus,
Germany can coordinate the work of OSCE institutions for the
remainder of 2016, before Austria will take over this role in 2017
as the chairmanship rotates annually between the participating
states. The U.S. and Germany welcomed and supported the results of
the consensus report of the United Nations Group of Governmental
Experts (UN GGE) on Developments in the Field of Information and
Telecommunications in the Context of International Security, which
was adopted in July 2015. The report proposes norms of responsible
behavior, features comments on how international law applies, and
recommends confidence-building measures. One important
recommendation is that states should not knowingly allow their
territory to be used for internationally wrongful acts using
information and communications technology. At the same time, states
should, among other things, take appropriate measures to protect
their critical infrastructure from threats stemming from
information and communications technology.
Cybersecurity cooperation was another important topic at the
Cyber Bilateral Meeting. The grave implications of cyberattacks
were once again brought to the world's attention in December
last year, when over a quarter million people in the Ukraine lost
power as a result of a cyberattack on a local electrical grid. The
delegations discussed bilateral cybersecurity cooperation measures
in light of such incidents, including information exchange
regarding infrastructure hardening and improvements.
The chairmen of the two delegations, Christopher Painter (U.S.
Department of State's Coordinator for Cyber Issues) and
Ambassador Thomas Fitschen (the Federal Foreign Office's
Director for International Cyber Policy), expressed their
willingness to continue their annual bilateral meetings, and are
determined to meet again in Berlin, Germany, in 2017.
Because of the generality of this update, the information
provided herein may not be applicable in all situations and should
not be acted upon without specific legal advice based on particular
In this article Filippo Noseda examines the impact of the Common Reporting Standards (CRS), based on practical examples of data transfer and data breaches and analysed in the light of general tax law principles.
Brexit will have fundamental implications for the UK data protection regime. Until Brexit takes place, there will be a period during which its precise form and implications for UK data protection laws are not clear.
Four years after the overhaul of European data protection laws began, the final text of the new General Data Protection Regulation (GDPR) was approved in Spring 2016 and the new rules will come into effect on 25 May 2018.
The EU Commission has now formally adopted the EU-US Privacy Shield arrangement for the legal transfer of personal data from the EU/EEA to the US.
Some comments from our readers… “The articles are extremely timely and highly applicable” “I often find critical information not available elsewhere” “As in-house counsel, Mondaq’s service is of great value”
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).