Sarah Johansson

Sarah Johansson is a Graduate Scholar with the Cyber Program at MEI. Her previous work has considered the international legal remits of state perpetrated and sponsored cyberattacks. She received her LL.B. in Law with a Public International Law focus from Queen Mary, University of London.

The Latest from Sarah Johansson

Sort by

Newest First

Photo by Christopher Pike/Bloomberg/via Getty Images.

Dust in the Cloud: The Future of Data Governance in the GCC

As the countries of the Gulf Cooperation Council (GCC) work to transform from hydrocarbons-driven to data-driven economies, they will need to make significant and well-planned invest-ments in digital infrastructure, particularly when it comes to the complex issue of data govern-ance. They must take the lead in establishing regulatory and legal frameworks aligned with international standards in terms of data gathering, processing, and storing procedures. This report highlights the existing laws and regulations that govern data protection in the GCC while addressing their potential and limitations, along with the similarities and differences between the GCC’s legislative frameworks and the EU’s General Data Protection Regulation, and the impact of the GCC’s current data protection laws on individuals, the private sector, regulators, and governments.

Repairing regional and global relationships through cyber diplomacy

Under mounting pressure to define and execute its foreign policy to “restore U.S credibility,” the Biden administration needs to carefully consider its focal points in the Middle East, especially in light of the region’s recent realignment following the signing of the Abraham Accords. Luckily, through cyber diplomacy and norm setting, the administration can restore its credibility without abandoning its core ideals, while also nurturing relationships in the Middle East and beyond. Such cyber diplomacy could involve both engaging with partners to strengthen rules-based frameworks around acceptable state behavior in cyberspace and using cyber to leverage wider diplomatic aims.

Photo by Morteza Nikoubazl/NurPhoto via Getty Images

Definitional doom: How Iran and Israel derail legal application in cyberspace

Despite the importance of cyberattacks, little has been written about the relationship between these attacks and the applicable law. States are still struggling with controversies involving definitions, even though there is wide applicability of both laws and norms in this context. As a result, cyberspace remains relatively anarchic and the continued controversies have impeded further progress. Although the global discussion has only just begun, it is clear that the rising prevalence of state-led cyber operations warrants a thoughtful, innovative, and immediate regulatory response. Pressure has been building on the governments of the Middle East to join the conversation as their relevance and power in the cyber domain grows.