10 Jul 2018

DIGITALEUROPE welcomes the adoption of ITRE report on cybersecurity act

DIGITALEUROPE welcomes several aspects of the Parliament’s Cybersecurity Act Report, adopted today in the Committee on Industry, Research and Energy (ITRE), which significantly improves the proposal of the Commission.

“The most significant improvements of the Parliament’s work are the integration of coordinated vulnerability disclosure best practices, and the strong mechanisms for stakeholder engagement, such as the new ad-hoc committees that will help ensure that the new certification schemes rely on industry know-how and expertise and are well designed for the market in a transparent way. This is important for the industry as it will help ensure that certification is fit for purpose and builds on existing best practices”, said Cecilia Bonefeld-Dahl, Director-general of DIGITALEUROPE.

DIGITALEUROPE also recognises the MEPs’ attempt to ensure that the adopted schemes would be compatible with global mutual recognition arrangements, and we call on the developers of specific schemes to honour this ambition.

The Parliament and the Council have expanded the means by which companies can certify their products or services under the EU framework, allowing them to use self-declaration of conformity. This is good news, even though limiting this instrument to cases that present basic cybersecurity risks is likely to significantly impede market adoption. Self-declaration of conformity must be more commonly accepted as it works well in practice. It is widely used for compliance with technical regulations, such as EU safety legislation for which self-declaration of conformity is used in 90% of cases, added Cecilia Bonefeld-Dahl.

DIGITALEUROPE urges the co-legislators to keep the voluntary nature of the framework in the upcoming trilogue negotiations. Determining that certifications for certain operators should be mandatory deviates from the existing national and international practice, where certification is voluntary. It will also create market access barriers for smaller players, who would need to undergo costly and time-consuming certification before launching a product or service on the market.

For more information please contact
Alberto Di Felice
Policy and Legal Counsel
Back to Cybersecurity
View the complete
Our resources on Cybersecurity
30 Apr 2024 Position Paper
Contribution to public consultation on white paper on export controls
29 Apr 2024 Publication & Brochure
The Download: Funding Europe's Digital Transition - Investing in the future not the past
06 Mar 2024 resource
DIGITALEUROPE’s response to the Joint European Supervisory Authorities’ public consultation on the second batch of policy mandates under DORA
Hit enter to search or ESC to close
This website uses cookies
We use cookies and similar techonologies to adjust your preferences, analyze traffic and measure the effectiveness of campaigns. You consent to the use of our cookies by continuing to browse this website.