La gestión de riesgos en la constelación digital ? una perspectiva constitucional (parte I)
| Autor | Ingolf Pernice |
| Cargo | Director del Alexander von Humboldt Institute for Internet and Society, DE |
| Páginas | 83-94 |
IDP no. 26 (February, 2018) I ISSN 1699-8154 Journal promoted by the Law and Political Science Department
Ingolf Pernice
www.uoc.edu/idp
Universitat Oberta de Catalunya
Submission date: November 2017
Accepted date: January 2018
Published in: February 2018
ARTICLE
Risk management in the digital
constellation - a constitutional
perspective (part I)*
Ingolf Pernice
Humboldt-Universität zu Berlin
Abstract
The digital revolution is creating new risks, together with multiple opportunities for communication,
commerce and political participation. What Ulrich Beck described as the world risk society and – from
another perspective – Jürgen Habermas calls the “postnational constellation” is a challenge to our
concepts of society and democracy. Digitisation is pushing this development towards a new dimension
that allows us to speak of the “digital constellation”. Social relations are denser across borders and
continents; what happens there matters here, as if it were happening on our own doorstep. New kinds of
risks are arising as a side-effect of the increasing use of information technologies, while the internet also
offers – for the first time – an infrastructure that makes formerly unrealistic concepts of cosmopolitan
democracy (David Held) a real option. This includes the establishment of a constitutional framework
for normative processes aiming at, among other global challenges, effectively managing cyber-risks at
national, supra-national and global levels in a coherent way. Multilevel Constitutionalism is proposed as
a means of providing a normative theory for conceptualising the constitutional structure of a layered
system of governance that ensures a maximum degree of self-determination for the individual and,
thus, for the democratic legitimacy of decisions made at each level, from local to global. Thus, the
constitution for democratically legitimate action at the global level does not question democracy at
other levels, but should be complementary, based upon functioning states, and designed to deal with
issues that are beyond their reach, including cyber-security.
Keywords
risk society, democracy, postnational constellation, digitization, cybersecurity, risk management, digital
constellation, global citizen, multilevel constitutionalism, shared sovereignty, subsidiarity, multiple
identities, global constitutionalism
Topic
Law, constitutional theory
83
Ingolf Pernice
* This paper is an extended and updated version of a key-note given at the Congrés IDP 2017 ‘Managing Risk in the
Digital Society. Internet, Dret i Política’, in Barcelona 30 June 2017. (Part II to be found in the next issue of this Journal).
I would like to express my deep gratitude to Dr Christian Djeffal and Jörg Pohle, research assistants at the HIIG, for
their invaluable comments and observations on an earlier version of this paper.
Eloi Puig
IDP no. 26 (February, 2018) I ISSN 1699-8154 Journal promoted by the Law and Political Science Department
Ingolf Pernice
84
www.uoc.edu/idp
Universitat Oberta de Catalunya
Risk management in the digital constellation - a constitutional perspective (part I)*
La gestión de riesgos en la constelación digital
— una perspectiva constitucional (parte I)
Resumen
La revolución digital está creando nuevos riesgos y, a la vez, múltiples oportunidades para la comuni-
cación, el comercio y la participación política. Lo que Ulrich Beck describió como la sociedad mundial
del riesgo y —desde otra perspectiva— lo que Jürgen Habermas llama la «constelación postnacional»
es un desafío a nuestros conceptos de sociedad y democracia. La digitalización está impulsando este
desarrollo hacia una nueva dimensión que nos permite hablar de la «constelación digital». Las relacio-
nes sociales son más densas a través de las fronteras y los continentes; lo que ocurre ahí importa como
si ocurriera en nuestra propia puerta. Surgen nuevos tipos de riesgos como efecto secundario del uso
creciente de las tecnologías de la información, mientras que Internet también ofrece — por primera vez
— una infraestructura que hace de los conceptos hasta ahora poco realistas de democracia cosmopolita
(David Held) una opción real. Esto incluye el establecimiento de un marco constitucional para los pro-
cesos normativos que trata, entre otros desafíos mundiales, de gestionar de manera coherente y eficaz
los riesgos cibernéticos a nivel nacional, supranacional y mundial. El constitucionalismo a varios niveles
se propone como un medio de aportar una teoría normativa para conceptualizar la estructura constitu-
cional de un sistema de gobernanza en capas que garantice el máximo grado de autodeterminación del
individuo y, por tanto, la legitimidad democrática de las decisiones tomadas en cada nivel, desde lo local
hasta lo global. Por lo tanto, la constitución para una acción democráticamente legítima a nivel global
no cuestiona la democracia en otros niveles, sino que debe ser complementaria, basada en estados que
funcionen y diseñada para tratar temas que están fuera de su alcance, incluyendo la ciberseguridad.
Palabras clave
sociedad del riesgo, democracia, constelación postnacional, digitalización, ciberseguridad, gestión del
riesgo, constelación digital, ciudadano global, constitucionalismo a varios niveles, soberanía comparti-
da, subsidiariedad, identidades múltiples, constitucionalismo global
Tema
Derecho, teoría constitucional
Introduction
The digital revolution is a revolution affecting all our
societies, one which is creating great opportunities and
great risks. The result is an emerging digital society that
differs from industrial society in many respects. Talking
about risk management today necessarily involves
explaining what the new risks in this digital society are
before considering the tools and processes to deal with
these risks, and this seems particularly interesting in a
constitutional theory and law perspective.
Some preliminary general questions need to be answered
nevertheless. First of all, we need to understand what we
mean by the terms “risk” or “risk society”, and what the
concept of “Digital Society” denotes. Secondly, managing
1. Habermas (2001, p. 58).
risks is about more than risk assessment, precaution,
protection or defence, in particular in the digital age. This
paper takes a broader view and discusses governance
aspects, as well as political and, in particular, normative
instruments with the aim of exploring a constitutional
approach to the choice and implementation of appropriate
strategies for cyber-risk management.
Here is my first proposition: As we talk about the new
risks that are being created by digitisation, which, in
turn, is creating a multitude of opportunities regarding
governance at large, we have to deal with a new kind of risk
in a new kind of “constellation”, to use a term coined by
Jürgen Habermas. Developing his concept of “postnational
constellation”,
1
the internet today is carrying us one step
further to what I would call the “digital constellation”. This
will be discussed in the first part of the present paper.
Eloi Puig
IDP no. 26 (February, 2018) I ISSN 1699-8154 Journal promoted by the Law and Political Science Department
Ingolf Pernice
85
www.uoc.edu/idp
Universitat Oberta de Catalunya
Risk management in the digital constellation - a constitutional perspective (part I)*
In the “digital constellation”, we are confronted with new
risks and threats on a global level, regardless of borders
and geographical distances. There are great opportunities
too, offered by the internet for developing new concepts
of governance that seem to be particularly relevant also
for risk-management. As has been mentioned in earlier
studies, digitisation has the particular potential to make
democratic regulation possible at the global level and also
to manage risks of the kind involved by the worldwide
application of ICT.
2
In other words, the global dimension
of the internet and, consequently, of the risks it entails
for digital society at large is comparable to the global
dimension of other great challenges like climate change,
mass migration, nuclear power, genetic engineering or
international terrorism. These risks are somehow inherent
products of our society, and so are the cyber-risks.
3
In
order to manage them, instruments of the state and
international cooperation in most cases will not suffice.
Global solutions are necessary, and one such solution is
global regulation – global cyber security regulation that is
democratically decided and globally effective.
Here is my second proposition – perhaps still a bit utopian:
establishing mechanisms of democratically legitimised
regulation at the global level as part of a multilayer
system of governance organised in accordance with
“multilevel constitutionalism”. Some thoughts on this will
be presented in Part II of this paper.
I. Risk Society and the Digital
Constellation
There is a correlation between the problem as I see it and
the solution I envisage: With the progressive use of the
internet, the risk society has assumed a new character
and proportions with new, so far unknown risks; this is
the problem. On the other hand, modern information
technologies and, in particular, the internet are opening
up new possibilities for managing the risks we are facing;
this is the solution. A first question is this: with regard to
the risks that are accompanying the digital revolution,
what kinds of risk exactly are making the risk society in
the digital age different from the risk society of the kind
2. Pernice (2016, pp. 151-206; 2017, pp. 27-52; forthcoming).
3. See already Pernice (2017, note 2, p. 5).
4. Beck (1986, pp. 17-18, 25-30, 48, 52-58).
5. Ibid., p. 26.
6. Beck (1999, 2008) and particularly pp. 40-42, where he emphasises the “cosmopolitan momentum” of the world risk society; and Beck
(2009, pp. 3-22).
7. Ibid., pp. 29-30, 36, 42-43.
described by Ulrich Beck? It appears that the (world) risk
society described by Ulrich Beck (infra 1) corresponds
in many respects to the “postnational constellation”
of Jürgen Habermas in that it faces the challenges of
globalisation and is compelled by a need to rethink
democracy (infra 2). However, an answer to the open
question of how to organise democracy beyond the state
at the global level seems to be possible as a result of the
opportunities presented by the digital revolution only.
Besides its concomitant new risks, therefore, digitisation
is also fundamentally changing the conditions for political
processes in such a way that it is fair to conceptualise
the new situation as the “digital constellation” (infra 3).
Thus, with the internet it seems to be possible to develop
an answer. And yet only the new risks and opportunities
presented by digitisation and the internet seem to compel
us – but also allow us – to conceptualise and establish a
system of democratic norm-setting as required under the
new circumstances (infra 4).
1. Risk Society and World Risk
Society (Ulrich Beck)
We owe the term “risk society” to Ulrich Beck’s works on the
society of the 1980s, which presented new risks of a kind
and magnitude hitherto unknown and equally affecting all
members of society.
4
In contrast to the industrial society
described by Marx and Weber, the question is not how
best to utilise nature, to release men from traditional
constraints and to produce and redistribute wealth in a
society of inequalities. The risk society has to deal with
problems arising from socio-economic development, the
risks produced by industrialisation and new technologies:
nuclear accidents, genetic engineering, climate change,
air pollution and the dying forests, to name but a few.
These risks are man-made, and they are transnational, in
part global.
5
This is why Beck extended his concept of risk
society to “World Risk Society”.
6
The risks are unintended
and “implicit” side-effects of industrialisation, “risks of
modernisation”; they are universal and affect the poor as
much as the rich, they are “self-referential”, unpredictable
and difficult to attribute to particular individuals.
7
And
they produce inequalities at all levels, including the
Eloi Puig
IDP no. 26 (February, 2018) I ISSN 1699-8154 Journal promoted by the Law and Political Science Department
Ingolf Pernice
86
www.uoc.edu/idp
Universitat Oberta de Catalunya
Risk management in the digital constellation - a constitutional perspective (part I)*
international one.
8
Ulrich Beck distinguishes these risks
from personal risks, such as those taken by Columbus when
discovering new continents and having the connotation of
adventure and courage. Instead, the new risks are general,
they have the potential to cause mankind to destroy itself.
9
Also, “external” risks like natural disasters or pandemics,
unforeseeable and unattributable to anyone as they are,
are not the kind of risks that Beck is referring to in his
concept of risk society.
10
Cyber-risks are of a different kind as well. They can be very
explicit, concrete and visible. Cyber-threats, as experienced,
affect individuals, business, public services and authorities,
critical infrastructures, energy grids, nuclear plants, and
whatever is connected to the internet
11
or depends on its
operation. These threats are not unintended, general and
implicit but intended and focused. Cyber-risks can have a
global dimension, like the risks Ulrich Beck is concerned
with. Cyber-threats, however, are not from diffuse sources,
as in the case of air pollution or dying forests, but always
arise from a well-determined source, often individuals, but
also from groups, businesses or states. As attribution is
not technically possible; for the potential victims they give
the appearance of natural disasters. However, they are not
“external” to the society, but “internal”. They are “risks
of modernisation” like the risks described by Ulrich Beck.
In contrast to those, however, they arise from intentional
planned attacks on IT systems, starting with smartphones
and individual computers up to critical infrastructures. In
this respect, cyber-risks are distinct from risks qualified
as unintended side-effects, if they are not the unintended
side-effects of digitisation at large.
Interestingly, in his book on the “World Risk Society”,
Beck places particular emphasis on the global dimension
of the new risks: “they destroy national borders and
mix the domestic with the foreign”.
12
With regard to the
environment, he observes a de-coupling of the social
8.
Ibid., pp. 54-58.
9.
Ibid., p. 28.
10.
Ibid., p. 300, where he emphasises that an essential characteristic of the risk society is the fact that we cannot make external factors
accountable for the risk situations (“Unmöglichkeit externer Zurechenbarkeit von Gefahrenlagen”).
11.
Stuxnet is said to be a case where the attack was possible even when there was no connection to the internet, see: Kushner (2013).
12.
Beck (1999, note 6, p. 40), mentioning the “cosmopolitical moment” as an indication for a “meta-change” of the society of the 21st
century: ibid., p. 41 (my translation). See also ibid., pp. 287-91.
13.
Ibid., p. 288.
14.
Ibid., p. 288-89.
15.
Ibid., p. 291.
16.
Ibid., p. 322-23. For his understanding of the term “cosmopolitan” see also ibid., p. 314.
17.
Ibid., p. 326.
18.
Ibid., p. 339-40; in English: Ulrich Beck, Critical Theory of World Risk Society: A Cosmopolitan Vision, in: 16 Constellations (2009,
p.5).
location of the responsible decision-maker from the
place and time where foreign people become the object
of the physical and social injury the decisions cause.
13
The complexity of the interaction and accumulation of
disorders and destructions, he concludes, are challenging
the survival of the planet itself, while international risk
management is becoming progressively necessary and
influential.
14
Cyber-risks may not be challenging the
survival of the planet, but they do stretch across borders
and continents because of the global reach of the internet
itself.
With regard to civil society, Beck detects approaches
supporting a “world-risk-civic right”. In a new social
theory, he states, society must be de-coupled from the
state. What he strives to sketch out is a historico-empirical
social theory of the world-risk-society.
15
Beck also takes a
cosmopolitan view of sociology, based upon the insight
that reality is no longer national or international, but
borderless and global: decision-makers have to take
account of the people their decisions potentially affect,
wherever they are in the world.
16
He shares the call made
by David Held for the establishment of institutions for
global coordination, while emphasising that, prior to
institutionalisation, global norms are emerging merely
from the general indignation felt about facts that are
considered to be simply unacceptable: norms, he says, do
not only emerge “positively” from legislative processes
but also “negatively” from an evaluation of crisis and
threats.
17
But he goes one step further. The ethical
principle of hospitality in the sense meant by Immanuel
Kant, who regarded the duty to welcome strangers as a
key feature of his normative cosmopolitanism, for Beck
would not be applicable in what he calls “the global
space or responsibility of global risks”.
18
The category
of hospitability would not be “appropriate to expressing
the inescapability of moral proximity over geographical
distance”. For Beck, the global risks trigger a kind of
Eloi Puig
IDP no. 26 (February, 2018) I ISSN 1699-8154 Journal promoted by the Law and Political Science Department
Ingolf Pernice
87
www.uoc.edu/idp
Universitat Oberta de Catalunya
Risk management in the digital constellation - a constitutional perspective (part I)*
“compulsory cosmopolitanism” instead, “in a world whose
boundaries are as porous as Swiss cheese, at least as
regards communication and economics”.
19
The global
risks create a “globalised neighbourhood” among people
worldwide, though unequally because of the different
vulnerabilities in different regions of the world. “In legal
terms” he says, “the ethical principle of recognition involves
a kind of cosmopolitan law of global risk”. It is “the ‘living
side effects’ of the risk decisions of others”, in his view,
that create the right to have a say in these decisions.
20
These are the external effects of national policies in an
interconnected world, and many of the global risks analysed
by Beck are the result. This leads to the normative claim:
Global risks produce harms that transcend national
borders. Thus the cosmopolitan law of risk is possible only
if the boundaries of moral and political communities can be
redefined so that the others, strangers and outsiders, are
included in the key decisions which jeopardise and violate
their existence and dignity.
21
Consequently, for him, the future of politics is cooperation:
“no nation can master its problems alone”. Beck calls
this “an insight of political realism”, and he qualifies it
as the “fundamental law of cosmopolitan Real politik”.
22
As will be shown below, all this applies to cyber-risks, the
management of which requires more than cooperation.
2. The Postnational Constellation
(Jürgen Habermas)
Beck’s analysis, after all, draws attention to important
aspects of globalisation. The risks include environmental,
economic and terrorist risks. They are distinct from each
other, and each of them requires different responses.
23
He insists, however, that they have two key features in
common: “First, they all promote or dictate a policy of
proactive countermeasures that annuls the basis of the
19.
Ibid., p. 4.
20.
Ibid., p. 6.
21.
Loc. cit.
22.
Ibid., p. 18.
23.
Ibid., p. 13-15.
24.
Ibid., p. 15.
25.
Habermas (2001, note 1, pp. 58-112).
26.
For the construction of democracy beyond the state see already Pernice (1999, pp. 703-9); see also, with a comprehensive analysis,
Peters (2001, pp. 93-166).
27.
Ibid., p. 60.
28.
Ibid., p. 60-61.
existing forms and alliances of international politics,
necessitates corresponding redefinitions and reforms
and calls forth new political philosophies”. Second, they
cannot be understood as “external”, but are “the risks of
civilisation”, as Beck says, that “may give rise to a more
acute global normative awareness, create a public space
and perhaps even a cosmopolitan outlook”.
24
a. Democracy theory revisited
At this point, though from a different perspective, the
analysis corresponds not only to the cosmopolitan
approach of David Held but also to the “postnational
constellation” of Jürgen Habermas. Habermas, too, paves
the way towards a revisited and extended approach to
democracy as a democratic necessity.
25
His concept not
only offers an opening-up of democracy theory,
26
but also
indicates a number of fundamental points for democratic
risk management at the global level. In contrast to the
“historical constellation” that has existed since Rousseau
and Kant, in which the democratic process assumed the
more or less convincing institutional form of the territorial
state or the nation, faced with the effects of globalisation,
27
Habermas looks for “appropriate forms for the democratic
process to take beyond the nation-state”. There is what he
calls a “paradoxical situation”, described as follows:
The idea that one part of a democratic society is capable
of a reflexive intervention into society as a whole has, until
now, been realised only in the context of nation-states. Today,
developments summarised under the term ‘globalization’
have put this entire constellation into question.
28
Democracy organised within nation-states is limited
to the borders of each state: The state is regarded as
the home of sovereignty. The self-determination of the
“sovereign” people cannot reach beyond these borders,
except for international cooperation or war. The former is
ineffective, the latter unacceptable. Though the external
effects of national politics have always existed in history,
Eloi Puig
IDP no. 26 (February, 2018) I ISSN 1699-8154 Journal promoted by the Law and Political Science Department
Ingolf Pernice
88
www.uoc.edu/idp
Universitat Oberta de Catalunya
Risk management in the digital constellation - a constitutional perspective (part I)*
the world has changed with the progress of globalisation.
With a reference to Claus Offe David Held stated in 1992
that “national communities by no means exclusively make
and determine decisions and policies for themselves, and
governments by no means determine what is appropriate
exclusively for their own citizens”.
29
On the basis of
this observation he argued that traditional concepts of
democracy have to be rethought and to this end “a new
agenda will have been created for democratic theory and
practice”.
30
As he demonstrates, the interdependence
and interconnectedness of states, the external effects of
national political decisions on other countries and the
need for instruments for effective joint decision-making at
the global level on common problems exceeding the reach
of national politics have notably increased; hence his call
for “cosmopolitan democratic law”
31
in a “cosmopolitan
democracy”.
32
In the same vein, in “The Postnational
Constellation” (2001) Habermas envisages that politics in
future will become a substantial part of “world domestic
politics” implemented in the name of, for and by the
“citizens of the world”.
33
Whether the responsible political leaders of the world
have learned from these analyses or not, we still have
no appropriate institutional settings for exercising
democracy beyond the state at the global level. Would
their establishment be a threat to the democracy of the
nation-state? In his book on the crisis of the European
Union, taking the EU as a model for his propositions on
the establishment of a global regulatory capacity to meet
global challenges, Habermas argues that establishing
institutions and processes for regulation at the global
level would not be at odds with democracy, but in fact the
opposite: it is a requirement of democracy:
In view of a politically unregulated growth in the complexity
of the world society which is placing increasingly narrow
systemic restrictions on the scope for addition of nation
states, the requirement to extend political decision-making
29.
Held (1995, p. 17), quoting Offe (1985, pp. 286) who explains this ibid., p. 283-4, with regard to the nation state.
30.
Held (1995, pp. 16-23); see also Beck (note 4, p. 310), as an aspect of politics losing boundaries (“Entgrenzung von Politik”, ibid.,
p.300).
31.
Held (1995, note 30, p. 31, 239-266), based upon a brilliant description of five “disjunctures” of the modern society, ibid. p. 99-140.
32. Ibid., p. 267-286.
33.
See Habermas (2001, note 1, p. 104-112): “make a change of course toward a world domestic policy possible without a world
government”.
34.
Habermas (2012, p. 15); see also ibid., p. 55.
35.
Ibid., p. 2, p. 53-70.
36.
Habermas (2001, p. 69-76).
37.
Habermas, (2012, p. 55).
38. Ibid., p. 60-66.
39.
Ibid., p. 56.
capabilities beyond national borders follows from the
normative meaning of democracy itself.
34
In some way, the EU can indeed be taken as a model
for a democratic constitution of such decision-making
capabilities. Habermas develops some important thoughts
on a politically constituted world society and on designing
institutions and processes along these lines at the global
level.
35
Globalisation, interconnectedness, environmental
imbalances, the external costs of national politics and
the economic crisis, as described in the emerging world
society with all its complexities, are taken as a challenge
to the traditional, nation-state-related democratic system.
The incapacity of the nation-state to fully meet its original
tasks of providing peace and security in a broad sense,
particularly through an effective risk management in
the postnational constellation, has placed even the self-
determination of people at risk. Whatever democratic
processes the internal constitutional system may look like,
as a consequence of globalisation the classic nation-state
has an increasingly growing democratic deficit.
36
This
deficit needs to be repaired through an extension of the
concept and practice of democracy.
b. “The Political Constitution of World Society”
Though not a purely intellectual construction, “social
reality” is itself imposing a “shift in perspective from
classical international law to the political constitution
of world society”. Habermas, therefore, argues that
“environmental imbalances and the risks generated
by large-scale technology have given rise to a similar
global need for regulation”.
37
The constitutional solution
proposed for the “postnational constellation” is to extend
democracy beyond national borders with a central role for
the (reformed) United Nations and a representation of the
world’s citizens through an elected global parliament.
38
The United Nations “should be reorganised as a politically
constituted community of states and citizens”.
39
With
Eloi Puig
IDP no. 26 (February, 2018) I ISSN 1699-8154 Journal promoted by the Law and Political Science Department
Ingolf Pernice
89
www.uoc.edu/idp
Universitat Oberta de Catalunya
Risk management in the digital constellation - a constitutional perspective (part I)*
regard to the problems of legitimation at this level,
though, Habermas envisages a split between two areas
of competence: tasks of global security, the prohibition of
violence and human rights protection have to be decided
by the “world organisation”, while “tasks of world domestic
politics with distributive implications are not included in the
hierarchically constructed arrangement of competences”;
they must be “negotiated transnationally”.
40
The world
parliament, composed of representatives of the world’s
citizens and states would have a general deliberative
function and would, in particular, “ensure that the
competing justice perspectives of world citizens, on
the one hand, and of national citizens, on the other,
would be taken into account and brought into balance”.
41
Many challenges of globalisation, however, and the
global risks dealt with by Ulrich Beck and recognised
by Habermas, as well as the new cyber-risks, would not
be manageable with such an arrangement. These are
basically questions of world domestic politics in need of
globally applicable and enforceable regulation which,
owing to its limited legitimacy and representation of the
world’s citizens, the UN as an institution, even together
with a world parliament, is unable to ensure.
3. Conceptualising the “Digital
Constellation”
Digitisation not only entails new challenges and risks but
also involves a far more important change that is essential
for what could be called the “digital constellation”. This
change is about organising legitimacy, beyond what
Habermas has already assumed when proposing to extend
the chain of legitimacy to the “world organisation”:
that the global, in part digitally produced, communication
processes extend beyond porous national public spheres
in such a way as to enable all peoples to form a reasoned
judgment about the moral core content of decisions taken at
the UN level.
42
There are three major changes to observe that characterise
the new constellation that can be called the “digital
constellation” and, thus, one step beyond Habermas’
40.
Ibid., p. 67-68.
41.
Ibid., p. 58-59.
42.
Ibid., p. 66.
43.
Held (1995, p. 122).
44.
Ibid., p. 123.
postnational constellation: A new communicative density
of the global society (infra a), new opportunities for
democratic processes (infra b), which could allow the
development of global responses to the new risks of
digitisation (infra c).
a. A New Communicative Density
of the Global Society
The new information and communication technologies do
more than change markets into e-markets, allow financial
transactions globally at lightning speed and on a massive
scale, and change industrial processes, labour markets as
well as administrative structures and processes. Overall,
they are pushing society into a new constellation, with a
new kind of density of social and communicative relations,
and with a so far unknown proximity between people from
all over the globe.
The “globalizing impact of the modern communications
media” has been described by David Held as “part of a
process of ‘cultural globalization’”; it is one of the five
disjunctures he has determined.
43
He observes that
“the development of the new communication systems
creates a world in which the particularities of place and
individuality are constantly mediated by regional and
global communication networks”, with the effect that
“the traditional link between ‘physical setting’ and ‘social
situation’ is broken”.
44
Held could not foresee the dramatic developments of the
internet, which not only confirms his observation but also
carries it to a new dimension. Today, the internet reaches
all points of the globe, we get news from everywhere,
not filtered through established media only, but directly
from people of other continents, in real time. So we can
communicate our ideas, opinions, actively participate in
public debates and influence political processes, wherever
we like. In the “global village” we can observe and have a
greater sense than we could in the past of how politics and
actions at one place in the world potentially affect people
at other places around the globe. The internet allows us
even to have a direct personal voice in politics abroad, in
real time – and not through diplomatic channels only.
Eloi Puig
IDP no. 26 (February, 2018) I ISSN 1699-8154 Journal promoted by the Law and Political Science Department
Ingolf Pernice
90
www.uoc.edu/idp
Universitat Oberta de Catalunya
Risk management in the digital constellation - a constitutional perspective (part I)*
b. A New Infrastructure for a Global Digital
Democracy
With the internet, we can observe the emergence of a
new potential for open, deliberative democracy also at
the global level: Borderless, real-time communication and
information; access to knowledge and education regardless
of geographical distances; social networks, discussion
platforms and deliberative spaces across borders and
continents etc. are allowing the emergence of a global
public sphere, which is one of the conditions of global
democracy. With the new dimension of proximity, social
interrelation and discourse among people worldwide,
opportunities for democratic rule-making at the global
level are thus visible and they need further consideration.
45
The distinction between “them” and “us” is fading away,
like the other distinctions Ulrich Beck says have already
disappeared in the world risk society.
46
Human dignity and
solidarity are felt more and more to apply across borders
and continents too, and the emergence of global norms
arising from the indignation about crises and disasters in
other parts of the world, described by Beck,
47
is increasing.
The term “digital constellation”, therefore, corresponds
to the digital society, which is global like the risk society.
It reflects a level of social and communicative relations
among people that is comparable to those at the local,
regional, national and supranational levels of society,
though still more informal and with less attachment. Its
potentials, however, include the formation of a global
political will across continents, as is already practiced in
the areas of internet governance and as can be further
developed as a fundamental part of a global order
that is capable of meeting global challenges through
democratically established rules and concepts.
48
Among
these challenges are the new risks that need to be
managed at all levels, and for which regulation is required
also at the global level: One example is cyber-security.
45.
Pernice (2016).
46.
Beck (1999, p. 335-36).
47.
See supra n 16.
48.
For the theoretical concept and a model of global regulation along these lines see Pernice (2016).
49.
See the study by the Swedish Minister of Defence (1976).
50.
Precious insights into the issue and methodology are provided by Finneran Dennedy, Fox and Finneran (2014).
51.
For the history see Burkeman (2009).
52.
For an analysis based upon the RFC’s of 10 years’ previous development see Braman (2011).
53.
For one of the most striking examples, see the 2001 Report (Gerhard Schmid) of the European Parliament, on the existence of a global
system for the interception of private and commercial communications (ECHELON interception system) of the ‘Five Eyes’, running since
the 1960s until its discovery in 1990 at: www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+REPORT+A5-
2001-0264+0+DOC+PDF+V0//EN> [Accessed: 12/08/17]. Today, based upon a comparative analysis, Richard Morgan recommends
the ‘Five Eyes’ model as an international norm for intelligence oversight: Goldman and Rascoff (eds) (2016).
54.
For a comparative analysis see: Goldman and Rascoff (eds) (2016).
c. New Risks and Challenges
The risks attending the use of computers and the
progressive digitisation of our societies were observed
early on,49 but with the changing context and spread
of the technologies the proportions they assume are
somewhat unexpected and surprising. New products and
applications are often put on the market without sufficient
care being taken over security. The producers need to
learn that a sound security and privacy engineering50 is
part of the deal. The internet grew out of efforts in military
and academic circles to allow computers to connect and
to ensure safe communication within the army or easy
communication among students. As Oliver Burkeman of
the Guardian newspaper says in an article commemorating
forty years of the internet in 2009, “hobbyists” played a
major role in the early developments of the internet in civil
contexts, and safety of the net or cyber security was not
among the concerns leading their work.51 Early warnings
on privacy issues52 however, and the revelations about
mass surveillance by intelligence services53 received little
public attention or had only little impact in real terms on
enhanced oversight.54
In the internet’s early stages of development it was difficult
to foresee the enormous threats we are discussing today
as a by-product of digitisation. Here are but four issue
areas that are far from being resolved:
a. Privacy is one of the major concerns in the public debate
on the new techniques of data collection, storage,
transfer and processing, including big data analysis and
profiling. Human dignity and personal rights are also
threatened by hacking-attacks on private computers,
e-mailing systems or databases. Last but not least,
individual surveillance by law enforcement authorities
and mass surveillance by intelligence agencies, as known
from the Snowden revelations in 2013, have been made
possible in the age of digitisation and have reached an
Eloi Puig
IDP no. 26 (February, 2018) I ISSN 1699-8154 Journal promoted by the Law and Political Science Department
Ingolf Pernice
91
www.uoc.edu/idp
Universitat Oberta de Catalunya
Risk management in the digital constellation - a constitutional perspective (part I)*
intensity, depth and extent that have changed the very
nature of intelligence. Espionage among states and
governments was broadly accepted in the past, but what
we are seeing now is intelligence activities affecting the
whole of society. Such systematic threats to privacy
affect everybody’s private life and human dignity, they
produce chilling effects on the exercise of fundamental
rights and freedoms and, in particular, of the freedom
of expression. They can, at least indirectly, even harm
democratic processes.
b. Democratic processes, including elections and
democracy at large, are also threatened by other
kinds of cyber-attack, such as massive disinformation
campaigns through fake news in social media, botnets
and systematic manipulation of people on the basis of
individualised profiles and psychographic targeting. The
case of Cambridge Analytica is a striking example.
55
Such threats may come from inside a country, but
equally from abroad, as in the case of the alleged
Russian activities in the latest American election
campaign. Hate speech, xenophobia, extremist and
populist postings in social media risk poisoning political
discourse and culture in western democracies. As it is
not possible to determine with certainty the origins
of these actions, the platforms and intermediaries are
made responsible. Compelling internet platforms to take
down illegal content, as the German legislator is doing
with the new “Netzdurchsetzungsgesetz”, however,
is only a very partial and limited solution, which itself
raises many questions.
56
c. Security, from the personal computer or smartphone
up to nuclear power plants, traffic systems or the entire
energy grid, is under increasing threat from private or
state hacking or cyber attacks. 284,000 cyber attacks
against its IT equipment were registered by the German
Ministry of Defence within the first nine weeks of 2017
alone. The yearly damage in Germany is estimated to
cost 50 billion euros per year. But more importantly,
in the case of the crash of a nuclear plant or the
breakdown of the energy supply system, the damage can
55.
For an account of the method see: Grassegger and Krogerus (2016); for attempts by Cambridge Analytica to calm down the discussion,
see Beuth (2017).
56.
See also the critical remarks of Donahoe (2017). See also Scott and Cerulus (2017).
57.
See Hay Newman (2017); Steger (2017); Solon and Hern (2017).
58.
See also Leuschner (forthcoming).
be unimaginable – not to mention the damage caused
by cyber war, given the new capacities established in
many countries, including Germany, not only for cyber-
defence troops but also with offensive cyber-weapons.
New incidents like WannaCry and NotPetya hitting
thousands of internationally active companies and even
public hospitals are but the latest of the publicly visible
cyber attacks rolling around the globe.
57
The digital revolution with its power, spread and intensity,
including the new threats as we are experiencing them
today, has changed public awareness of the risks and the
need for action. As we can see, all the values at stake, as
listed above, are closely linked with fundamental rights
or principles, including cyber-security.
58
As the risks we
are facing in the digital society are not external, from
outside like a thunderstorm, but self-made risks produced
by society itself, it is our joint social responsibility to find
appropriate ways of managing them.
National legislation can strive to limit these risks,
but threats from sources outside the country, even if
detected, are difficult to counter. The country of origin
may have different laws and allow the activities that
create the threats, and in any event, sanctions cannot be
imposed on other countries. Attacks ranging from those
on the dignity of the person and privacy to the integrity of
information systems, private property or the democratic
system and the whole of society at large can vary in scope
and gravity. The internet allows attacks across borders
from any place in the world, striking targets in any other
part of the world. Even if one knew where the attack had
originated, the law of the country struck by it would not
be applicable to an attacker situated abroad. The rules on
state responsibility under international law are difficult to
enforce. The risks characterising the digital constellation
cannot be managed with the traditional toolbox of
national politics. Along with the progressively creative
and universal application of the internet, creative and
universal strategies for risk management in the digital
constellation are needed.
Eloi Puig
IDP no. 26 (February, 2018) I ISSN 1699-8154 Journal promoted by the Law and Political Science Department
Ingolf Pernice
92
www.uoc.edu/idp
Universitat Oberta de Catalunya
Risk management in the digital constellation - a constitutional perspective (part I)*
References
BECK, U. (1986). Risikogesellschaft. Auf dem Weg in eine andere Moderne. Frankfurt am Main: Surkamp.
BECK, U. (1999). World Risk Society. Cambridge: Polity Press
BECK, U. (2008). Weltrisikogesellschaft. Auf der Suche nach der verlorenen Sicherheit. Frankfurt a.M:
Surkamp.
BECK, U. (2009). “Critical Theory of the World Risk Society”. Constellations, vol. 16, no. 1, pp. 3-22.
[Accessed: 17/07/17] .jus.uio.no/smr/om/aktuelt/arrangementer/2015/urlich-beck-
cosmopolitan-view.pdf> org/10.1111/j.1467-8675.2009.00534.x>
BEUTH, P. (2017). “Die Luftpumpen von Cambridge Analytica”. Zeit Online. [Accessed: 14/08/17]
www.zeit.de/digital/internet/2017-03/us-wahl-cambridge-analytica-donald-trump-widerspruch>
BRAMAN, S. (2011). “Privacy by Design: Networked Computing, 1969-1979”. New Media Society, Vol 14,
Issue 5. [Accessed: 13/08/17] nms.sagepub.com/content/early/2011/12/25/1461444811426741>
BURKEMAN, O. (2008). “Forty Years of the Internet: How the World Changed For Ever”. The Guardian,
23 October 2009. [Accessed: 27/06/17] .theguardian.com/technology/2009/oct/23/
internet-40-history-arpanet>
DONAHOE, E. (2017). “Protecting Democracy from Online Disinformation Requires Better Algorithms,
Not Censorship”. Council of Foreign Relations. [Accessed: 22/09/17]
protecting-democracy-online-disinformation-requires-better-algorithms-not-censorship>.
FINNERAN DENNEDY, M.; FOX, J.; FINNERAN, T. (2014). The Privacy Engineer’s Manifesto. Getting from
Policy to Code to QA to Value. New York: Apress Open/Springer.
4302-6356-2>
GRASSEGGER, H.; KROGERUS, M. (2016). “Ich habe nur gezeigt, dass es die Bombe gibt. Der Psychologe
Michal Kosinski hat eine Methode entwickelt, um Menschen anhand ihres Verhaltens auf Facebook
minutiös zu analysieren. Und verhalf so Donald Trump mit zum Sieg”. Das Magazin. N.°48 – 3.
[Accessed: 14/08/2017] www.dasmagazin.ch/2016/12/03/ich-habe-nur-gezeigt-dass-es-die-
bombe-gibt/>
HABERMAS, J. (2001). “The Postnational Constellation and the Future of Democracy”. In: The
Postnational Constellation. Political Essays. Cambridge: Polity Press, p. 58.
HABERMAS, J. (2012). The Crisis of the European Union. Response (Polity Press, Cambridge 2012).
HAY NEWMAN, L. (2017). “The Ransomware Meltdown Experts Warned About Is Here”. WiRED 12
May 2017. [Accessed: 17/07/17] wired.com/2017/05/ransomware-meltdown-experts-
warned/>
HELD, D. (1995). Democracy and the Global Order. From the Modern State to Cosmopolitan Governance.
Stanford University Press.
KUSHNER, D. (2013). “The Real Story of Stuxnet. How Kaspersky Lab tracked down malware that stymied
Iran’s nuclear-fuel enrichment program”. IEEE Spectum. [Accessed: 08/08 2017]. spectrum.
ieee.org/telecom/security/the-real-story-of-stuxnet> doi.org/10.1109/MSPEC.2013.6471059>
LEUSCHNER, S. (2017). “Vom Grundrecht zum Grundsatz. Sicherheit als Schutzgut der europäischen
Grundrechtecharta – eine grundrechtsdogmatische Rekonstruktion und ihre Folgen für die
Sicherheit im Cyberraum”. Diss Berlin 2017. Tübingen: Mohr Siebeck.
MORGAN, R. (2016). “Oversight through Five Eyes. Institutional convergence and the structure and
oversight of intelligence activities”. In: Z. K. GOLDMAN and S. J. RASCOFF (eds). Global Intelligence
Oversight. Governing Security in the Twenty-First Century. Oxford: Oxford University Press.
OFFE, C. (1985). Disorganized Capitalism. Cambridge: Polity Press.
PERNICE I. (1999). “Multilevel Constitutionalism and the Treaty of Amsterdam: European Constitution-
Making Revisited”. Common Market Law Review, no. 36, p. 703-9. [Accessed:25/07/17]
whi-berlin.eu/documents/whi-paper0499.pdf>. org/10.1023/A:1018744426756>
Eloi Puig
IDP no. 26 (February, 2018) I ISSN 1699-8154 Journal promoted by the Law and Political Science Department
Ingolf Pernice
93
www.uoc.edu/idp
Universitat Oberta de Catalunya
Risk management in the digital constellation - a constitutional perspective (part I)*
PERNICE, I. (2016). “Global Constitutionalism and The Internet. Taking People Seriously”. In: R.
HOFMANN and S. KADELBACH (eds.). Law beyond the State. Past and Futures, p. 151-206. Frankfurt
am Main:
PERNICE, I. (2017). “E-Democracy, the Global Citizen, and Multilevel Constitutionalism”. In: C. PRINS,
C. CUIJPERS, P. L. LINDSETH, M. ROSINA (eds.). Digital Democracy in a Globalised World. p. 27-52,
Cheltenham: Edward Elgar.
PERNICE, I. (forthcoming). “Cybersecurity Governance. A Constitutional Analysis”. Global
Constitutionalism 2018, available as HIIG Discussion Paper Series No. 2017-05 at: <https://ssrn.com/
abstract=3012136>.
PETERS, A. (2001). Elemente einer Theorie der Verfassung Europas. Berlin: Duncker & Humblot.
SCHMID, G. (2001). European Parliament report on the existence of a global system for the interception
of private and commercial communications (ECHELON interception system). [Accessed: 12/08/17]
<http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+REPORT+A5-2001-
0264+0+DOC+PDF+V0//EN>
SCOTT, M.; CERULUS, L. (2017). “Europe struggles to find united tron to combat illegal content online”.
Politico of 20 September 2017. [Accessed: 22/09/17]
speech-jihad-terrorist-propaganda-theresa-may-google-facebook/>
SOLON, O.; HERN, A. (2017). “‘Petya’ ransomware attack: what is it and how can it be stopped?”. The
Guardian, 28 June 2017. [Accessed: 17/07/17]
jun/27/petya-ransomware-cyber-attack-who-what-why-how>
STEGER, J. (2017). “Der nächste Erpresser-Virus kommt bestimmt”. Handelsblatt 14 July 2017, at <http://
www.handelsblatt.com/unternehmen/it-medien/petya-wannacry-und-co-der-naechste-erpresser-
virus-kommt-bestimmt/20057630.html> [Accessed: 17/07/17]
SWEDISH MINISTER OF DEFENCE (1976). “Vulnerability of the Computer Society”. Summary given
by the U.S. Goverrnment Accountability Office. [Accessed: 12/08/17] /
products/100059>
Recommended citation
PERNICE, Ingolf (2018). “Risk management in the digital constellation - a constitutional perspective
(part I)”. IDP. Revista de Internet, Derecho y Política. No. 26, pp. 83-94. UOC [Accessed: dd/mm/
yy]
The texts published in this journal, unless otherwise indicated, are subject to a Creative
Commons Attribution-NoDerivativeWorks 3.0 Spain licence. They may be copied, distributed
and broadcast provided that the author, the journal and the institution that publishes
them (IDP Revista de Internet, Derecho y Política; UOC)are cited. Derivative works are not
permitted. The full licence can be consulted onhttp://creativecommons.org/licenses/by-
nd/3.0/es/deed.en.
IDP no. 26 (February, 2018) I ISSN 1699-8154 Journal promoted by the Law and Political Science Department
Eloi PuigEloi Puig
Jose R. Agustina
www.uoc.edu/idp
Universitat Oberta de Catalunya
94
Eloi PuigEloi Puig
Risk management in the digital constellation - a constitutional perspective (part I)*
Ingolf Pernice
About the author
Ingolf Pernice
pernice@hiig.de
Director of the Alexander von Humboldt Institute for Internet and Society
Ingolf Pernice served as principle administrator at the European Commission’s Legal Service before
he became Professor for Public, European and International Law at the Johann Wolfgang Goethe-
Universität, Frankfurt and, from 1996 to 2015, at the Humboldt-Universität of Berlin. Here he founded
the Walter Hallstein-Institut for European Constitutional Law. He directed the DFG-funded junior
research program “Multilevel Constitutionalism – European Experiences and Global Perspectives“ from
2006 to 2015. He was visiting professor at Paris II (Panthéon-Assas) in 1998. In 2008/9 he was a
LAPA-fellow at the Woodrow Wilson School for Public and International Affaires and Visiting Professor
at the Princeton University. He acted as the agent of the German Bundestag in case 2 BvE 2/08 und 2
BvR 1010/08 (Treaty of Lisbon). Since 2013 he is co-director of the Alexander von Humboldt Institute
for Internet and Society at the Humboldt-University of Berlin. His main research areas are European
constitutional law, privacy and data protection, cyber security law, smart government as well as global
constitutionalism and the internet.
Hiig
Französische Straße 9
10117 Berlin
