Description
In the European Commission’s vision for 2019-2024, ‘Europe must lead the transition to a […] new digital world’, by achieving technological and digital sovereignty (Von der Leyen, 2019: 4). This ambition would allow the EU to become a leader in this field, namely by setting cybersecurity, data, technology and infrastructure standards, rather than following those of other regions/ countries. The EU’s Digital Sovereignty agenda sits at the nexus of a number of policy agendas, including the ‘EU Cybersecurity Agenda’ (European Commission, 2020) and an ‘Europe Fit for the Digital Age’ (Von der Leyen, 2019). Following the turmoil of years of institutional instability and political polarisation, alleged cyber-attacks and disinformation circulation by other states, and changing relations with private sector digital infrastructure providers, we are now witnessing a critical juncture in the EU’s approach to the Information Society, one which is yet to be reflected upon in the academic literature on EU cybersecurity (Christou, 2016; Carrapico and Barrinha, 2017; Carrapico and Farrand, 2020). Using a novel combination of historical (Fiorettos et Al., 2018) and discursive (Schmidt, 2020) institutionalisms, this paper argues that the historic understanding of the Internet as a borderless, democratising and ultimately beneficial technology is being reconceptualised. In seeking to reassert its control over cyberspace, impose digital borders and reduce its dependence on private sector actors whose values may not reflect those of the EU order, a new approach to cybersecurity is emerging, in which the private sector can be perceived as much a threat as foreign powers, and from whom digital sovereignty must be secured.
