A Genealogy of EU Cyber Security Governance: Redefining the Role of the Single Market

In this paper, I conduct a genealogy of how EU cyber security governance emerged and stabilized. Tracing EU digital security policy over four decades allows for an investigation of how the link between digital technologies and security has been brought into being in at various stages and sites. The paper thereby advances our understanding of the changing conditions of possibility for the EU to conduct security governance in a digital age. In doing so, I engage in a conversation with theories of securitization, emphasizing the particularity of the EU as a security actor. The paper concludes that the development of EU cyber security governance has been an important driver for further integration and expansion of the Single Market. Based on that, I argue that we are witnessing a redefinition of the role of the Single Market: From being as a means to create peace, security is increasingly becoming a means to protect and expand the now digital Single Market. Furthermore, the analysis shows that securitization – in the context of the EU – is inseparable from negotiations and struggles over what cyber security is, and where European security governance authority and responsibility is and should be located.