Informationssicherheitsrecht. IT-Sicherheitsgesetz und NIS-Richtlinie als Bausteine eines Ordnungsrechts für die Informationsgesellschaft
JOURNAL ARTICLE
Cite JOURNAL ARTICLE
Style
Format
Informationssicherheitsrecht. IT-Sicherheitsgesetz und NIS-Richtlinie als Bausteine eines Ordnungsrechts für die Informationsgesellschaft
Die Verwaltung, Vol. 50 (2017), Iss. 2 : pp. 155–188
3 Citations (CrossRef)
Additional Information
Article Details
Pricing
Author Details
Dr. Thomas Wischmeyer, Albert-Ludwigs-Universität Freiburg, Rechtswissenschaftliche Fakultät, Institut für Staatswissenschaft und Rechtsphilosophie – Abteilung 1 (Staatswissenschaft), Platz der Alten Synagoge 1, 79098 Freiburg im Breisgau
Cited By
-
Handbuch Industrie 4.0: Recht, Technik, Gesellschaft
Recht der Informationssicherheit
Wischmeyer, Thomas | Mohnert, Alica2020
https://doi.org/10.1007/978-3-662-58474-3_12 [Citations: 0] -
Cybersicherheit von Gehirn-Computer-Schnittstellen
Martini, Mario | Kemper, CarolinInternational Cybersecurity Law Review, Vol. 3 (2022), Iss. 1 P.191
https://doi.org/10.1365/s43439-022-00046-x [Citations: 0] -
Regulating Artificial Intelligence
Artificial Intelligence as a Challenge for Law and Regulation
Hoffmann-Riem, Wolfgang
2020
https://doi.org/10.1007/978-3-030-32361-5_1 [Citations: 20]
Abstract
Information security is widely considered to be one of the most pressing problems of our time. Since 2015, lawmakers have started to address the issue and have passed legislation in Germany (IT-Sicherheitsgesetz) and the European Union (NIS-Directive), which is supposed to improve information security for operators of essential and digital services. A look beyond the recent statutes reveals that there already exists a large body of rules governing the safety of information networks and data infrastructures.
This article analyzes the main challenges faced by information security regulation. It explains why the previous legal regime failed to provide for an adequate level of information security – and why the recent approaches can be expected to be more effective. Especially, IT-Sicherheitsgesetz (ITSiG) and NIS-Directive mark a fundamental change in regulatory scope and strategy as well as a regulatory paradigm shift: So far, information security regulation has focused either on the protection of subjective rights or on the deterrence of and retaliation against deliberate attacks. ITSiG and NIS-Directive, on the contrary, attempt to strengthen the public and private IT infrastructure by creating or introducing institutions and instruments such as expert organizations, certification regimes, and information systems.