10 Jul 2018

DIGITALEUROPE welcomes the adoption of ITRE report on cybersecurity act

DIGITALEUROPE welcomes several aspects of the Parliament’s Cybersecurity Act Report, adopted today in the Committee on Industry, Research and Energy (ITRE), which significantly improves the proposal of the Commission.

“The most significant improvements of the Parliament’s work are the integration of coordinated vulnerability disclosure best practices, and the strong mechanisms for stakeholder engagement, such as the new ad-hoc committees that will help ensure that the new certification schemes rely on industry know-how and expertise and are well designed for the market in a transparent way. This is important for the industry as it will help ensure that certification is fit for purpose and builds on existing best practices”, said Cecilia Bonefeld-Dahl, Director-general of DIGITALEUROPE.

DIGITALEUROPE also recognises the MEPs’ attempt to ensure that the adopted schemes would be compatible with global mutual recognition arrangements, and we call on the developers of specific schemes to honour this ambition.

The Parliament and the Council have expanded the means by which companies can certify their products or services under the EU framework, allowing them to use self-declaration of conformity. This is good news, even though limiting this instrument to cases that present basic cybersecurity risks is likely to significantly impede market adoption. Self-declaration of conformity must be more commonly accepted as it works well in practice. It is widely used for compliance with technical regulations, such as EU safety legislation for which self-declaration of conformity is used in 90% of cases, added Cecilia Bonefeld-Dahl.

DIGITALEUROPE urges the co-legislators to keep the voluntary nature of the framework in the upcoming trilogue negotiations. Determining that certifications for certain operators should be mandatory deviates from the existing national and international practice, where certification is voluntary. It will also create market access barriers for smaller players, who would need to undergo costly and time-consuming certification before launching a product or service on the market.

For more information please contact
Alberto Di Felice
Director for Infrastructure, Privacy & Security Policy
Back to Cybersecurity
View the complete
Our resources on Cybersecurity
17 Nov 2023 Position Paper
Transitioning from Open Banking to Open Finance: DIGITALEUROPE’s position on the Financial Data Access Regulation (FIDA)
16 Nov 2023 Position Paper
One Data Act to rule them all? Avoiding competing data sharing rules: DIGITALEUROPE’s views on the European statistics regulation revision
10 Nov 2023 resource
Key policies for digitalization during the Spanish Presidency: The AI Act and the Data Act
Hit enter to search or ESC to close
This website uses cookies
We use cookies and similar techonologies to adjust your preferences, analyze traffic and measure the effectiveness of campaigns. You consent to the use of our cookies by continuing to browse this website.