nl en

Regulating Security in Cyberspace


Admission requirements

Admission only after intake, see the website of the Cyber Security Academy
Admission only for those students who are enrolled in the governance track


‘Regulating security on the internet’ is about law and regulation on the internet. The Internet has become a critical infrastructure in our modern society. We use it at home, at work, and when in transit, to email, look up information on Google, or check in which friends via Facebook. This global network with its wide variety of application domains has enriched our lives and made them more fun and more efficient. But it also raises a host of legal and regulatory questions, especially in the field of security. As we have already seen in the introductory lecture on regulating the internet in S1M1, first and foremost, regulatory questions arise because the internet is a global network, on which individuals, businesses and governments from different countries and cultures interact. This raises issues in relation to jurisdiction and sovereignty: legal frameworks are always organised along national (or regional) lines. But if the internet has a global reach, then whose laws apply?
Second, the internet also raises all sorts of specific regulatory issues relating to our security. Is our privacy safe in a world of interconnected, always on technologies? What is the balance between storing citizens’ personal details to combat terrorism and enabling individuals to use the web, sometimes anonymously, to search for or share information, or to freely express their opinions? Is there a difference, legally and morally, between governments that store citizens’ information, and companies that store consumers’ information, and if so, why do we value these forms of collecting personal information differently?
Taken together, all of these questions lead to the following: how can we regulate the behaviours of individuals on the internet to ensure its safety and that of its users? What is the role of law in this promoting and protecting cybersecurity, and which other strategies for regulation exist, if and when law cannot deliver the proper levels of protection?
Technological developments relating to the Internet in general and cybersecurity in particular occur at dazzling speed, and this entails that regulators and policy makers need to be able to think creatively and flexibly about solutions for potential problems. This course will provide students with an understanding of the complexity of some of the fundamental legal and regulatory issues in relation to cybersecurity, and it will equip them for the multidisciplinary dialogue with policy makers and ICT specialists that is necessary to tackle these issues.

Course objectives

Participants have:

  • basic knowledge of regulation theory and the many means and ends of regulating human behaviour, of the web of key concepts in the fields of law and regulation that are relevant for the cybersecurity domain

  • advanced knowledge and understanding of the fundamental legal and regulatory issues that have emerged in relation to cybersecurity, and the relevance of design choices in the architecture of the network for both the creation and solution of these issues

  • advanced knowledge of the intricacies of specific regulatory security domains of the Internet, including social network sites (SNS), online marketplaces and Internet forums

  • awareness of the limitations of regulation in general, and of regulating cybersecurity in particular

Participants are able to:

  • present arguments pro and contra regulating security on the internet in general, to weigh good and bad outcomes when choosing specific regulatory solutions in particular cases and and to present a best possible solution

  • translate complex regulatory issues, into a comprehensible, practical set of regulatory options and tools

  • engage in a multidisciplinary dialogue with policy makers and ICT specialists to tackle the regulatory issues that are raised by and on the internet, with a special focus on cybersecurity


7 days from 9.30 until 17.00

Thursday December 7, 2017
Friday December 8, 2017
Friday December 15, 2017
Friday December 22, 2017
Friday January 12, 2018
Friday January 19, 2018
Friday January 26, 2018 (assessment)

Mode of instruction

Lectures, seminars, exercises, class discussion
Lecturers: dr. Bibi van den Berg and others

Course Load

5 EC

Assessment method

Assignment (20%), written exam (80%)
No compensation is possible for assignments of 30% or more.


Yes, for posting slides of lectures, relevant literature and assignments

Reading list

Compulsory literature and literature for further consultation will be announced via Blackboard


No registration is required for lectures and exams.


Dr. Bibi van den Berg Drs. Mireille Snels, programme manager


For more information, see the website of the Cyber Security Academy