Challenges of Cyber Security Legislation – On the New Draft Cybersecurity Law

Date: 

Sun, 25/11/2018 - 12:00 to 18:30

Location: 

The Israel Democracy Institute, 4 Pinsker Street, Jerusalem

New Cyber Law Logo

The Israel National Cyber Directorate in collaboration with the Hebrew University Cyber Law Center, the Israel Democratic Institute and the Israel Tech Policy Institute will hold an international workshop on legal frameworks to promote cybersecurity.
The workshop will include government representatives from Israel, US, EU, from private practice and academy.

The Workshop's Summary May Be Read Here.

Pictures from the workshop can be found here.

Background on the Draft Law

This bill is part of Israel's domestic cybersecurity strategy setting up a new national body to deal with cyber attacks. The bill aims to define the INCD's powers to deal with cyber attacks, whilst distinguishing it from law enforcement or other national security authorities.

The INCD today operates the Israeli National CERT, and in this sense the bill is similar to the EU NIS directive. The national CERT today conducts incident response, early warning and information sharing activities, aims at locating and mitigating attacks. During the infamous Wannacry event the INCD coordinated mitigation efforts in Israel (as well as proactive activities taken before the attack happened through repeated security bulletins as to the underlying vulnerability). In this context the mission of the INCD is to secure computers and networks and collect information about attacks and vulnerabilities (and not people).

The bill sets up the national cybersecurity regulatory scheme, defining the INCD as the national regulatory cybersecurity standard setter, and defining the relationship between the INCD and sector specific regulators. It complements regulation of Critical Information Infrastructures (such as the Israeli Electric Company), already conducted in Israel under legislation from 2003.

It should be stressed that as part of the Israeli strategy the INCD will not be empowered to conduct criminal investigations, and the draft bill does not aim to affect existing law enforcement or national security powers. The INCD is not and will not be tasked with collecting PII as such, set up databases about individuals, investigate suspects or follow them, deal with cybercrime or collect digital evidence. These tasks of collecting information and intelligence for national security or law enforcement are regulated under different and existing legislation.

Click here for the Reading Material

Agenda:

12:00-12:15 – Greetings
Yuval Shany
, The Hebrew University of Jerusalem
Liron Tzur, Israel Tech Policy Institute

12:15-12:30 – Cyber Security: Challenges and Solutions
Yigal Unna,
Director General, National Cyber Directorate

12:30-13:30 – Lunch

13:30-14:45 – Domestic Cybersecurity Regimes
Laurent Bernat, Policy Analyst, OECD
Gabriel Taran, Assistant General Counsel for Cybersecurity, DHS Office of the General Counsel 
Amit Ashkenazi, Legal Advisor, National Cyber Directorate 
Lokke Moerel, Tilburg University and the Dutch Cyber Security Council
Mark Brauer, BSI

14:45-15:00 – Coffee Break

15:00-16:30 – Cybersecurity and Privacy – Dilemmas and Solutions
Moderator: Maury Shenk, Steptoe and Johnson
Limor Shmerling Magazanik, Israel Tech Policy Institute
Rachel Aridor-Hershkovitz, The Israel Democracy Institute
Dennis-Kenji Kipker, University of Bremen

Open Public Discussion:

16:30-17:00 – Coffee Break

17:00-18:30 – Public Discussion – Promoting Cybersecurity and the Law
Moderator: Tehilla Shwartz Altshuler, The Hebrew University of Jerusalem and the Israel Democracy Institute

For Registration Please contact us at hcsrcl.conferences@mail.huji.ac.il

Reading Materials:

ISRAEL
Government Resolution No. 2443 (Advancing National Regulation and Governmental Leadership in Cyber Security, 15.02.2015) Government Resolution No. 2444 (Advancing the National Preparedness for Cyber Security, 15.02.2015)  
Cyber Event Readiness Team Operating Principles (Hebrew) Eldar Haber & Tal ZarskyProtecting Israel’s Critical Infrastructure in the Cyber Realm, 18(1) Mishpat Umimshal 99 (2017) (Hebrew)
Descriptions of the Draft Bill: By Amir Cahane By Deborah Housen-Couriel
  By Yuval Shany By Shoshanna Solomon
US
Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure
Division N of the Consolidated Appropriations Act of 2016 (Public Law 114-113 of December 18, 2015; 129 STAT. 2242) Cybersecurity Information Sharing Act – Frequently Asked Questions
EU
The Directive on security of network and information systems (NIS Directive) European Union Agency for Network and Information Security
OECD
Digital Security Risk Management for Economic and Social Prosperity – OECD Recommendation and Companion Document
Cybersecurity and Data Protection – EU Perspectives
Incident Response: Protecting Individual Rights Under the General Data Protection Regulation ePrivacy Regulation: Better News for Online Security
Incident Response, Logfiles and the GDPR A Fragmentation of EU/ECHR Law on Mass Surveillance: Initial Thoughts on the Big Brother Watch Judgment
General
Eldar Haber & Tal Zarsky, Cybersecurity for Infrastructure: A Critical Analysis, 44 Florida State University Law Review, 515 (2017)

 

Poster Open Part 25-11-18