I became a columnist at the Dutch Financial Times in August 2014 and have published over 100 columns on topics dear to me in the digital space; you can read all my columns here (in Dutch).

• Kaleidoscopic data-related enforcement in the digital age, with S. Yakovleva and W. Geurssen, Common Market Law Review, 57 (5), pp. 1461-1494, 2020.
• Drie mogelijke boetes van mededingings-, consumenten- en persoonsgegevensautoriteiten voor hetzelfde datagebruik, with S. Yakovleva and W. Geurssen, Tijdschrift Mededingingsrecht in de Praktijk, (2), pp. 30-37, 2020.
• China’s new cybersecurity law – effective as of 1 June 2017, with R. van Staden ten Brink, D. Veldhoen and J. Wang, Trade Security Journal, 2017 (2), pp. 27-29, 2017.
• Securing Private Communications – Protecting private communications security in EU law: fundamental rights, functional value chains and market incentives. Ph.D. thesis, University of Amsterdam, 25 Nov. 2015. Print edition forthcoming with Kluwer Information Law Series in 2016.
• Security Collapse in the HTTPS Market, with H. Asghari, M.J.G. van Eeten, N.A.N.M. van Eijk. Com. of the ACM, Vol. 57(10), Oct. 2014, p. 47-55. Slashdot, Schneier on Security, Reddit, ACM library.
• Loopholes for Circumventing the Constitution: Unrestrained Bulk Surveillance on Americans by Collecting Network Traffic Abroad, with S. Goldberg, 21 MICH. TELECOMM. & TECH. L. REV. 317 (2015). Also: TPRC 42, 13 Sept. 2014 [Presentation slides]. CBS News, ZDnet, Boston Radio, Boston Globe, Network World, Schneier on Security a.o. In the CBS piece, the NSA gave an official reaction to our paper. We respond to the NSA statement in the paper and on Freedom to Tinker.
• Nederland als Internetdokter tussen Cybergrootmachten, OpEd Financieel Dagblad, 30 mei 2014, based on my statement at a Dutch Senate hearing on the NSA revelations (all in Dutch).
• Blauwdruk Cyber Security [pdf], Financieel Dagblad’s Outlook magazine, Sept. 2013. A 13 page dossier on the importance, problems and solutions for cybersecurity breaches that I coordinated. Other contributions by EU-Commissioner Neelie Kroes, Ot van Daalen, Bart Jacobs, Joost Poort, Jeroen van Beek and Jaap van Till.
• Conceptualizing Commucations Security Regulation, TPRC 41, 29 Sept. 2013. Updated paper [pdf link] for the IViR/Berkman workshop on my Ph.D. project at Harvard University, 18 April 2014.
• De wind van Snowden in de Amerikaanse informatieparaplu, with J.V.J. van Hoboken, Mediaforum 2013-7/8.
• Security Economics in the HTTPS Value Chain, with H. Asghari, M.J.G. van Eeten & N.A.N.M. van Eijk, Workshop on the Economics of Information Security 2013, 3 June 2013.
• Praktijken, gevolgen en wettelijke kaders inzake het aftappen van persoonsgegevens, with J.V.J. van Hoboken, Expert Witness Statement, Parliamentary Hearing on Snowden revelations, 26 june 2013.
• Obscured by Clouds or How to Address Governmental Access to Cloud Data From Abroad, with J.V.J. van Hoboken & N.A.N.M. van Eijk, PLSC 2013, 6-7 June 2013, UC Berkeley. Financial Times, Wall Street Journal, De Correspondent, Aftenposten, Weekendavisen (Danish, interview along with James Bamford). Update 16.02.2014: based on our research, two recent ZDnet reports solidly refute false promises by Verizon and Microsoft claiming the legal reality of the Patriot Act and FISA doesn’t affect their users.
• Cloud Computing in Higher Education and Research Institutions and the USA Patriot Act, with J.V.J. van Hoboken & N.A.N.M. van Eijk, Report Commissioned by Surf, 29 Nov. 2012, 12 Sept. 2012 Dutch version. CBS News, Süd Deutsche, NOS Journaal, NOS Journaal, NOS Journaal, Parliamentary Questions, Pre-Snowden ‘I Know Nothing, I’m from Barcelona’ Cabinet Answers.
• with N.A.N.M. van Eijk, Certificate Authority Collapse: Regulating Systemic Vulnerabilities in the HTTPS Value Chain, TPRC 40, 31 Aug. 2012. ZDF, Heise, Informationen.
• Annotatie bij Rb. ‘s-Gravenhage 11 januari 2012 (Brein / Ziggo & XS4ALL), AMI, 2012-3, p. 119-131. Two English blog posts on the issue: Majority of Dutch providers to block The Pirate Bay: game over or next level in copyright wars? 18 may 2012, and Blocking The Pirate Bay: will the Dutch court ruling hold in appeal? 18 jan. 2012.
• Council of Europe. Committee of Ministers: Declaration on internet governance principles, IRIS: legal observations of the European Audiovisual Observatory, 2011(10), 5-6.
• Council of Europe. Committee of Ministers: Recommendation on the protection and promotion of the universality, integrity and openness of the internet, IRIS: legal observations of the European Audiovisual Observatory, 2011(10), 4-5.
• What the European Commission owes 500 million Europeans, keynote 3 Dec. 2010, European Commission conference “Taking on the Data Retention Directive”, published in Privacy & Informatie, nr. 6, 2010.
• Master’s Thesis, Alles onder controle?, Een kritische blik op de door de dataretentierichtlijn in het leven geroepen driehoeksverhouding tussen de Wet Bewaarplicht Telecommunicatiegegevens, de strafvorderlijke toegangsbevoegdheden van opsporingsdiensten en het recht op privacy van de Nederlandse burger, July 2009. The source material in the historical analysis of the legislative debate on the EU Data Retention Directive and its Dutch implementation, along with the art. 8 ECHR analysis may be useful for some. The thesis won a nationwide Internet Thesis Award and the University of Amsterdam Thesis Award.