CANVAS White Papers

Canvas White Paper 1 – Cybersecurity and Ethics

This White Paper outlines how the ethical discourse on cybersecurity has developed in the scientific literature, which ethical issues gained interest, which value conflicts are discussed, and where the “blind spots” in the current ethical discourse on cybersecurity are located. The White Paper is based on an extensive literature with a focus on three reference domains with unique types of value conflicts: health, business/finance and national security. For each domain, a systematic literature search has been performed and the identified papers have been analysed using qualitative and quantitative methods. An important observation is that the ethics of cybersecurity not an established subject. In all domains, cybersecurity is recognized as being an instrumental value, not an end in itself, which opens up the possibility of trade-offs with different values in different spheres. The most prominent common theme is the existence of trade-offs and even conflicts between reasonable goals, for example between usability and security, accessibility and security, privacy and convenience. Other prominent common themes are the importance of cybersecurity to sustain trust (in institutions), and the harmful effect of any loss of control over data. Download the paper at:

Canvas White Paper 2 – Cybersecurity and Law

This White Paper explores the legal dimensions of the European Union (EU)’s value-driven cybersecurity. It identifies main critical challenges in this area and discusses specific controversies concerning cybersecurity regulation. The White Paper recognises that legislative and policy measures within the cybersecurity domain challenge EU fundamental rights and principles, stemming from EU values. Annexes provide a review on EU soft-law measures, EU legislative measures, cybersecurity and criminal justice affairs, the relation of cybersecurity to privacy and data protection, cybersecurity definitions in national cybersecurity strategies, and brief descriptions of EU values. Download the paper at:

Canvas White Paper 3 – Attitudes and Opinions Regarding Cybersecurity

This White Paper summarises currently available empirical data about attitudes and opinions of citizens and state actors regarding cybersecurity. The data emerges from reports of EU projects, Eurobarometer surveys, policy documents of state actors and additional scientific papers. It describes what these stakeholders generally think, what they feel, and what they do about cyber threats and security (counter)measures. For citizens’ perspectives, three social spheres of particular interest are examined: 1) health, 2) business, 3) police and national security. Download the paper at:

Canvas White Paper 4 – Technological Challenges in Cybersecurity

This White Paper summarizes the current state of discussion regarding the main technological challenges in cybersecurity and impact of those, including ways and approaches to addressing them, on key fundamental values. It provides an overview on current cybersecurity threads and countermeasures and focuses on ethical dilemmas that emerge when counteracting those threads. It also points to the fact that the cybersecurity community relies much more on interpersonal relations when sharing intelligence and data than in explicit national or supranational regulations. Furthermore, the White Paper presents advanced cryptographic techniques and data anonymization techniques that may help to solve or minimize some of the ethical dilemmas. Download the paper at:

Other CANVAS Publications

Below you find a list of papers that have been published by members of the CANVAS consortium and that directly relate to issues discussed within CANVAS. If the papers are open access, a direct link to the paper is provided, if not, please contact the authors for a copy.

Christen M, Bangerter E (2017): Is Cyberpeace possible? In: Demont-Biaggi F (ed.): The Nature of Peace and the Morality of Armed Conflict, Palgrave: 243-263 (contact author)

Christen M, Gordijn B, Weber K, van de Poel I, Yaghmaei E (2017): A Review of Value-Conflicts in Cybersecurity. Proceedings of CEPE/ETHICOMP 2017 (June 5-8 2017). Reprinted in in Orbit, 05/06/2017, (go to paper)

Jasmontaite L (2017): Building a cybersecurity culture in the EU through mandatory notification of data breaches and incidents. Proceedings of the 13th International Conference on Internet, Law & Politics on “Managing Risks in the Digital Society” (Barcelona, 29-30 June 2017) (contact author)