Talk:Scenario 08: Certificate authority hack

From International cyber law: interactive toolkit
Revision as of 17:48, 29 April 2019 by Uncleistvan1BBB (talk | contribs) (→‎Re: L8-L9 comments: new section)
Jump to navigation Jump to search

This is a sample comment. Kubomacak (talk) 18:35, 17 October 2018 (UTC)

Comments of reviewer

Executive summary - clear, concise

Keywords - reflect the content of scenario

Factual Narrative - very clear

Legal Analysis - I have nothing substantive to add; one surprising information for me was the mention of automatic prohibition of bulk surveillance in EU (fn 56) - I have to admit I have read these two decisions many times and never noticed any such ruling. CJEU admits it would be extremely difficult to pass the test of proportionality with any bulk scenario without specific and credible threat (not "general" such as crime or terrorism), but never read it such an extreme way that authors of scenario mention.

Re: L8-L9 comments

We are unsure as to how incident 2 can be regarded as a usurpation of an inherently governmental function. The man in the middle attack is directed against individuals (not the state or one of its governmental functions) in order to intercept communications - this isn't enforcement jurisdiction, it is surveillance.

In light of our previous comment, this sentence needs revising. It is our view that violations of state sovereignty do not turn on the intention or goal of the offending state.

Retrieved from "https://cyberlaw.ccdcoe.org/wiki/Talk:Scenario_08:_Certificate_authority_hack?oldid=1640"