The triple helix: markets, fundamental rights, and security in EU digital law
Marco Almada, Niovi Vavoula, Giacomo Zampieri β European Law Open
Full text
Abstract Digital policymaking in the European Union (EU), once seen as an internal market concern, is increasingly shaped by non-economic aims, such as the pursuit of security and the protection of fundamental rights. Recent pieces of legislation, such as the AI Act or the Cyber Resilience Act, have nominally acknowledged the relevance of such factors, but serious concerns have been raised about security considerations de facto trumping all others. In this article, we argue that, despite its predominance, security does not displace fundamental rights or the internal market as the foundations of EU digital law. Instead, we propose a framework to explain how the interaction among rationales for security promotion, rights protection, and market-making goes beyond mere opposition. Applying this framework to three case studies of post-GDPR regulation, we show that the deepening of fundamental rights safeguards in digital regulatory instruments offers, at most, a limited check to creeping securitisation β and sometimes even allows the EU legislator to extend the reach of security measures in the name of protecting certain rights. Understanding the logics and actors that shape the triple helix of markets, rights, and security is therefore crucial for properly understanding β and responding to β security overreach in cyberspace.