Year: 2022
Author: Müllmann, Dirk, Hoffmann, Julia
Die Verwaltung, Vol. 55 (2022), Iss. 4 : pp. 467–496
Abstract
The integration of extra-legal knowledge into legal regulations poses a particular challenge, especially in the context of regulating new techniques and technologies. This also applies to digital and networked facilities and services of so-called critical infrastructures. Due to their vulnerability, the regulation of legal IT-security requirements for information technology systems is becoming socially relevant. In order to regulate this complex and constantly changing area of technology, the legislator is resorting less to the classic forms of sub-legislative standardization and more to a variety of forms of involving external expertise. In doing so, the legislative introduces new forms of cooperation in the BSIG, such as the regulation of so-called industry-specific standards. However, when the state and the private sector work together, the question arises as to whether the requirements of the rule of law are being observed and to what extent the legislature is fulfilling its responsibility to guarantee the quality and general welfare of the regulations. Environmental law has had to face this problem early on and has found ways to strike a balance between flexibility and specificity of standards on the one hand and regulatory control and comprehensive involvement of all relevant actors on the other. This paper analyzes the possibilities of integrating extra-legal knowledge in environmental and IT security law and develops from their comparison a proposal for an improved development and incorporation.
You do not have full access to this article.
Already a Subscriber? Sign in as an individual or via your institution
Journal Article Details
Publisher Name: Global Science Press
Language: German
DOI: https://doi.org/10.3790/verw.55.4.467
Die Verwaltung, Vol. 55 (2022), Iss. 4 : pp. 467–496
Published online: 2022-10
AMS Subject Headings: Duncker & Humblot
Copyright: COPYRIGHT: © Global Science Press
Pages: 30
Author Details
| Section Title | Page | Action | Price |
|---|---|---|---|
| Julia Hoffmann und Dirk Müllmann: Das Standardsetzungsmodell des IT-Sicherheitsrechts im Kontext kritischer Infrastrukturen | 467 | ||
| I. Einleitung und allgemeine Hinführung | 467 | ||
| II. Technische Standardsetzung im Allgemeinen Verwaltungsrecht und im Umwelt- und Technikrecht | 469 | ||
| 1. Die Bedeutung außerrechtlichen Wissens für das Recht | 469 | ||
| 2. Die rechtstechnische Verweisung und der Einsatz unbestimmter Rechtsbegriffe | 470 | ||
| 3. Der Rückgriff auf technische Standards – Vorzüge und Schwächen | 471 | ||
| 4. Rechtsstaatliche Grenzen technischer Standardsetzung | 472 | ||
| 5. Lösungsansätze aus dem Umwelt- und Technikrecht | 473 | ||
| III. Gesetzliche Anforderungen an den Technikstand kritischer Infrastrukturen | 475 | ||
| 1. Zum „Stand der Technik” im Sinne von § 8a Abs. 1 BSIG | 476 | ||
| 2. Die Formulierung konkreter Mindestanforderungen in § 8a Abs. 1a BSIG | 477 | ||
| 3. Besondere Anforderungen an Anbieter digitaler Dienste | 478 | ||
| 4. Spezialgesetzliche Regelungen zum Technikstand kritischer Infrastrukturen | 478 | ||
| IV. Das Standardsetzungsmodell des BSIG | 480 | ||
| 1. Standardsetzung im Rahmen des BSIG | 481 | ||
| 2. Kategorisierung des BSI-Grundschutzes | 486 | ||
| 3. Das Standardisierungsmodell des BSIG im Vergleich | 487 | ||
| 4. Bewertung | 489 | ||
| V. Fazit und Ausblick | 493 | ||
| Abstract | 495 |