The proposed Network and Information Security (NIS) Directive could create significant barriers to the creation of a true Digital Single Market (DSM). In an open letter to Commissioners, their cabinets, and MEPs, the Security Alliance for Europe (SAFE) Coalition has highlighted the worrying shortfalls in the current Directive text.
The SAFE coalition comprises industry associations from along the entire Internet value chain, including EuroISPA. EuroISPA and its SAFE partners welcomes the EU’s increased policy focus on network and information security, as considerable cybersecurity gaps exist across the EU today.
However, SAFE is concerned by proposals to extend the scope of the NIS Directive beyond those services and infrastructures that are truly critical for the functioning of the state and the economy. Under the proposed text, Member States may retain the right to define those “essential” services and infrastructure falling under the new measures. Moreover, under the EU Council’s preferred text, individual Member States will have liberty to choose the technical security standards governing the Directive’s implementation. Ultimately, as Member States will almost certainly differ in their definitions and standards, Internet enablers will be forced to contend with a patchwork of different obligations, severely hampering their ability to effectively operate in a cross-border context.
As the date for the unveiling of the Commission’s Digital Single Market strategy draws nearer, it is crucial that the potential shortcomings in the current NIS Directive be corrected in order to ensure the strategy’s effectiveness. Indeed, while the Commission’s efforts to improve cross-border e-commerce, cloud computing and other pan-European services are commendable, the NIS Directive risks creating an environment where these goals are unobtainable.
SAFE believes that as the first European-level legislation in the field of cybersecurity, the NIS Directive has the potential to ensure effective and efficient security measures that benefit citizens and innovators. In that context, we call on policymakers in the EU Council and Parliament to adopt a text that both ensures trust in online services and allows Internet enablers to help create a true digital single market.