Exchange with policy-makers: Government hacking for surveillance

Track 02: [In]security by Design

This session will bring European and national policy-makers and experts to discuss emerging efforts to regulate government hacking as a form of surveillance.

Presentations on some of the key challenges surrounding government hacking will be followed by a Q&A.


  • Ralf Bendrath, Senior Policy Adviser, European Parliament
  • Juraj Sajfert, Policy Officer, European Commission, DG Justice and consumers
  • Kees Verhoeven, Dutch MP, Democrats 66 [TBC]
  • RaphaĆ«l Vinot CERT Operator, CIRCL – Computer Incident Response Center Luxembourg


  • Scarlet Kim, Legal Officer, Privacy International

Among the questions to be addressed:

  • Why do governments hack?
  • How do we conceptualise cybersecurity? What are the challenges in defending cybersecurity? How do we embed cybersecurity into discussions about government hacking?
  • What are the challenges in regulating government hacking?
  • Are some methods of acquiring vulnerabilities and exploits off-limits or should they be? Which ones?
  • Should governments ever use zero-days to hack? Should they be limited to using known vulnerabilities? Should they be permitted to impersonate known and trusted third parties?
  • What should the relationship be between vulnerability disclosure and government hacking?
  • What recourse should there be for those who have been collaterally affected?