Skip to main content

DSI Publications

DSI Industrial & Policy Recommendations Series (IPR)

Konferenz Digitale Identitäten [Digital identity conference]

DSI Industrial & Policy Recommendations Series (IPR)
Martin Schallbruch, Tanja Strüve, Isabel Skierka (2020)
Subject(s)
Information technology and systems; Strategy and general management
Keyword(s)
Digitale Identitäten, E-Governance, Innovation, Digitalpolitik
Am 4. März 2020 war das Digital Society Institute der ESMT Gastgeber der Konferenz Digitale Identitäten 2020, die unter der Schirmherrschaft des Bundesministeriums des Innern, für Bau und Heimat sowie des Bundesministeriums für Wirtschaft und Energie an der ESMT ausgerichtet wurde. Ziel der Konferenz war es, gemeinsam mit Stakeholdern aus Politik, Wissenschaft und Wirtschaft der Frage nachzugehen, wie eine sektorübergreifende Strategie für digitale Identitäten aussehen kann. Im Plenum und in vier sektoralen Workshops – in den Bereichen Bildung, Gesundheit, Mobilität und öffentlicher Verwaltung – diskutierten die Teilnehmerinnen und Teilnehmer über Anforderungen an digitale Identitäten, innersektorale Strategien zur Flächendeckung innerhalb des Sektors sowie über eine Strategie für eine sektorübergreifende digitale Identität.


Pages
7
DSI Industrial & Policy Recommendations Series (IPR)

Europas dritter Weg im Cyberraum [Europe's third way in cyberspace]

DSI Industrial & Policy Recommendations Series (IPR)
Annegret Bendiek, Martin Schallbruch (2019)
Subject(s)
Economics, politics and business environment; Information technology and systems; Technology, R&D management
Keyword(s)
cybersecurity, digital sovereignty
Cybersicherheit ist für Europa zu einer Schlüsselfrage der globalen digitalen Transformation geworden. Mit dem Cybersecurity Act, also der Cybersicherheitsverordnung, hat die EU einen rechtlichen Rahmen mit dem Anspruch globaler Ausstrahlung vorgelegt. Eingebettet in eine Politik, die digitale Souveränität mit strategischer Verflechtung kombiniert, kann die Verordnung das Tor zu einem dritten Weg Europas im Cyberraum sein, der zwischen dem US-amerikanischen Modell der Marktfreiheit und dem chinesischen Modell des autori- tären Staatskapitalismus verläuft. Der Cybersecurity Act wird verbindlicher Handlungsrahmen und Rückenwind für die bundesdeutsche Cybersicherheitspolitik sein.
Pages
7
Report

A new competition framework for the digital economy

Report by the Commission ‘Competition Law 4.0’
Martin Schallbruch, Heike Schweizer, Achim Wambach (2019)
Subject(s)
Information technology and systems; Technology, R&D management
Keyword(s)
Competition law, antitrust law, digital platforms, data access
The Commission “‘Competition Law 4.0’” was set up by the German Federal Minister for Economic Affairs and Energy with the task to draw up recommendations for the further development of EU competition law in the light of the digital economy. The final report with 22 recommendations was handed over in September 2019.
The commission finds that the practical and actual power of consumers to dispose of their own data must be improved, clear rules of conduct for dominant platforms must be introduced, legal certainty for cooperation in the digital sector must be enhanced, and the institutional linkage between competition law and other digital regulation must be strengthened.
Pages
88
DSI Industrial & Policy Recommendations Series (IPR)

Anforderungen an eine "Nationale Blockchain-Strategie" [Requirements for a German "Blockchain Strategy"]

DSI Industrial & Policy Recommendations Series (IPR)
Isabel Skierka, Martin Schallbruch (2018)
Subject(s)
Economics, politics and business environment; Information technology and systems; Technology, R&D management
Keyword(s)
Blockchain, distributed ledger, strategy, policy, innovation
In its 2018 coalition agreement, the German federal government has set itself the goal of adopting a "Blockchain strategy" in this legislative period. As part of the planned promotion of Distributed Ledger and Blockchain technologies, the government wants to create a framework for the development and application of these technologies and test them in public administration. The Federal Ministry of Economics and Energy and the Federal Ministry of Finance are jointly in charge of developing the strategy. On this occasion, in a workshop on 3 July 2018 at the Digital Society Institute of ESMT Berlin, 35 experts from politics, business and science discussed how a national blockchain strategy can be practically organized. The discussion focused on the questions of what goals such a strategy should have, what the central enablers and appropriate framework conditions for the development and application of Distributed Ledger technologies such as blockchain can be in Germany, and what role the state plays in promoting the technology and managing risks in this technology field. Sarah Basic and André Eid (Federal Ministry for Economic Affairs and Energy), Dr. Christian Hampel (Ernst & Young GmbH), Dr. Jürgen Kohr (Fujitsu), Dr. Manfred Lochter (Federal Office for Security in Information Technology) and Kai Wagner (Jolocom) gave input speeches to the debate. Based on the workshop discussion, this paper outlines requirements for a national blockchain strategy. [Die Bundesregierung hat sich in ihrem Koalitionsvertrag das Ziel gesetzt, in dieser Legislaturperiode eine „Blockchain-Strategie“ zu verabschieden. Im Rahmen der geplanten Förderung von Distributed Ledger und Blockchain Technologien sollen die Rahmenbedingungen für Entwicklung und Einsatz der Technologien verbessert und diese auch in der öffentlichen Verwaltung erprobt werden. Mit der Erarbeitung der Strategie sind federführend das Bundesministerium für Wirtschaft und Energie (BMWi) und das Bundesministerium der Finanzen (BMF) betraut. Aus diesem Anlass erörterten in einem Workshop am 3. Juli 2018 am Digital Society Institute der ESMT Berlin 35 Experten aus Politik, Wirtschaft und Wissenschaft, wie eine nationale Blockchain-Strategie praktisch organisiert sein kann. Im Zentrum der Diskussion standen die Fragen, welche Ziele eine solche Strategie haben sollte, was zentrale Ermöglicher und geeignete Rahmenbedingungen für die Entwicklung und Anwendung von Distributed Ledger Technologien wie Blockchain in Deutschland sein können, und welche Rolle dem Staat bei der Förderung und Bekämpfung von Risiken in diesem Technologiefeld zukommt. Impulsvorträge für die Diskussion hielten Sarah Basic und André Eid (Bundesministerium für Wirtschaft und Energie), Dr. Christian Hampel (Ernst & Young GmbH), Dr. Jürgen Kohr (Fujitsu), Dr. Manfred Lochter (Bundesamt für Sicherheit in der Informationstechnik) und Kai Wagner (Jolocom). Auf der Grundlage der Workshop-Diskussion skizziert dieses Papier Anforderungen an eine nationale Blockchain-Strategie.]
Pages
14
DSI Industrial & Policy Recommendations Series (IPR)

Recommendations for the systematization of IT security law

DSI Industrial & Policy Recommendations Series (IPR) 2018 (2)
Oliver Raabe, Martin Schallbruch, Anne Steinbrück (2018)
Subject(s)
Economics, politics and business environment; Information technology and systems; Technology, R&D management
Keyword(s)
IT security law, state of the art, protection goals, risk definition, systematization
The report deals with the current situation of IT security law and the chance that there are going to be changes in the near future. Further, it explains the system classification of IT security law and that definitions and regulations are different in every field of expertise. Finally, it deals with the state of the art and gives recommendations.
Volume
2018
DSI Industrial & Policy Recommendations Series (IPR)

Cybersecurity 2018-2020: Proposals for action for the CDU/CSU and SPD

DSI Industrial & Policy Recommendations Series (IPR) 2018 (1)
Martin Schallbruch, Sandro Gaycken, Isabel Skierka (2018)
Subject(s)
Economics, politics and business environment; Information technology and systems; Technology, R&D management
Keyword(s)
IT security, cybersecurity
The report gives an overview on the current situation on cybersecurity and the political handling of that topic. It also recaps the goals and failures of the last four years and recommends action areas.
Volume
2018
DSI Industrial & Policy Recommendations Series (IPR)

Recommendations for the development of vulnerability equities processes

DSI Industrial & Policy Recommendations Series (IPR) 2017 (7)
Subject(s)
Technology, R&D management
Keyword(s)
Vulnerability, vulnerability equities processes
The report shows that a reporting of vulnerabilities used by the state for active measures is likely to have only a minor effect on the increase in overall technical IT security. On the other hand, the value of the work of the security authorities is in many cases considered high, due to the high tactical enablement against potential malicious actors. The demand of some, that state authorities should refrain from pro-actively exploiting vulnerabilities for active measures therefore does not seem to make much sense; the net effect in security would be negative. Nevertheless, processes can be introduced that allow a more precise assessment and an informed, accountable and cautious handling of offensively used vulnerabilities.
Volume
2017
DSI Industrial & Policy Recommendations Series (IPR)

Recommendations for safety and IT security in medical devices

DSI Industrial & Policy Recommendations Series (IPR) 2017 (6)
Subject(s)
Health and environment; Information technology and systems; Technology, R&D management
Keyword(s)
IT security, cybersecurity, e-health, IoT, safety, medical devices
The healthcare industry is undergoing great technological transformations. Hospitals are going digital and medical devices – whether implanted in patients’ bodies or stationed in hospitals – are equipped with increasing computing power and wireless connectivity. Connected healthcare can offer safer, more efficient, and timely medical service delivery. It also presents great economic opportunities – according to a Roland Berger consultancy firm study, the digital healthcare market is set to grow at average annual growth rates of 21 percent until 2020. Yet, the integration of computing and communication technologies in safety-critical medical systems will expose them to the same network and information security (cyber security) threats as other information technology (IT) systems. Research and real-world incidents have shown that IT security risks in healthcare are systemic. Cyber attacks’ impact on the privacy of patient data has already been established. More recently, their potential impact on patient health and safety has been raising concerns for healthcare organizations, regulators, and medical device manufacturers alike. The management and governance of related risks requires comprehensive standardization, regulation, and best practices to encompass both IT security and safety. DSI has analyzed the convergence of safety and security risks in healthcare and the Internet of Things through a review of the relevant literature, as well as expert interviews and a workshop with representatives from health organizations, medical device manufacturers, IT security experts, safety engineers, regulators, and certification bodies. On this basis, DSI has developed recommendations for policy and industry, which are presented by this paper after a short analysis of the current status of security in connected healthcare.
Volume
2017
DSI Industrial & Policy Recommendations Series (IPR)

Security record of open source and free software

DSI Industrial & Policy Recommendations Series (IPR) 2017 (5)
Martin Schallbruch (2017)
Subject(s)
Economics, politics and business environment; Information technology and systems; Technology, R&D management
Keyword(s)
Open source software, free software, IT security, cybersecurity
In April 2017, the Digital Society Institute hosted a workshop entitled "How secure is free software? Security record of open source and free software." The report summarizes the findings of the workshop and gives recommendations for companies and public agencies as well as policy recommendations.
Volume
2017
DSI Industrial & Policy Recommendations Series (IPR)

Recommendations for safety, security and data policy in automotive IT

DSI Industrial & Policy Recommendations Series (IPR) 2017 (4)
Sandro Gaycken, Martin Schallbruch, Georg T. Becker (2017)
Subject(s)
Technology, R&D management
Keyword(s)
Automotive IT, safety, security, data policy, vehicle safety
The DSI has carried out stakeholder workshops with the automotive sector, mobility digital startups, automotive insurers, and vehicle inspectors and, on this basis, has developed the recommendations for safety, security and data policy in automotive IT. The car of the future will collect a wide range of data. Ownership and usage of those data must be clarified, and legal and technical characteristics have to be established in order to endure data protection, data security, vehicle safety, and a fair market.
This issue contains German text and English translation in one file.
Volume
2017