10 Jul 2018

DIGITALEUROPE welcomes the adoption of ITRE report on cybersecurity act

DIGITALEUROPE welcomes several aspects of the Parliament’s Cybersecurity Act Report, adopted today in the Committee on Industry, Research and Energy (ITRE), which significantly improves the proposal of the Commission.

“The most significant improvements of the Parliament’s work are the integration of coordinated vulnerability disclosure best practices, and the strong mechanisms for stakeholder engagement, such as the new ad-hoc committees that will help ensure that the new certification schemes rely on industry know-how and expertise and are well designed for the market in a transparent way. This is important for the industry as it will help ensure that certification is fit for purpose and builds on existing best practices”, said Cecilia Bonefeld-Dahl, Director-general of DIGITALEUROPE.

DIGITALEUROPE also recognises the MEPs’ attempt to ensure that the adopted schemes would be compatible with global mutual recognition arrangements, and we call on the developers of specific schemes to honour this ambition.

The Parliament and the Council have expanded the means by which companies can certify their products or services under the EU framework, allowing them to use self-declaration of conformity. This is good news, even though limiting this instrument to cases that present basic cybersecurity risks is likely to significantly impede market adoption. Self-declaration of conformity must be more commonly accepted as it works well in practice. It is widely used for compliance with technical regulations, such as EU safety legislation for which self-declaration of conformity is used in 90% of cases, added Cecilia Bonefeld-Dahl.

DIGITALEUROPE urges the co-legislators to keep the voluntary nature of the framework in the upcoming trilogue negotiations. Determining that certifications for certain operators should be mandatory deviates from the existing national and international practice, where certification is voluntary. It will also create market access barriers for smaller players, who would need to undergo costly and time-consuming certification before launching a product or service on the market.

For more information please contact
Alberto Di Felice
Director for Infrastructure, Privacy & Security Policy
alberto.difelice@digitaleurope.org +32 471 99 34 25
Back to Cybersecurity
View the complete
PDF
Our resources on Cybersecurity
05 Jun 2023 Policy Paper
DIGITALEUROPE’s roadmap for Europe’s energy ecosystem digital transformation - The time to transform is now
Read more
PDF
05 Jun 2023 Policy Paper
DIGITALEUROPE's views on upcoming proposal for EU REACH restriction of flame retardants
Read more
PDF
01 Jun 2023 Publication & Brochure
Sandboxing the AI Act: testing the AI Act proposal with Europe's future unicorns
Read more
PDF
View all resources
Hit enter to search or ESC to close
This website uses cookies
We use cookies and similar techonologies to adjust your preferences, analyze traffic and measure the effectiveness of campaigns. You consent to the use of our cookies by continuing to browse this website.
Decline
Accept