Cybersecurity Act - DIGITALEUROPE urges co-legislators to ensure certification schemes do not lead to more market fragmentation in Europe
DIGITALEUROPE welcomes the swift adoption of the Council General Approach to the “Cybersecurity Act” that paves the way towards the creation of a EU single market for cybersecurity certification.
However, “relying mainly on third-party certification will have a big impact on the time and cost to place a product or service on the market and will limit the access for smaller industry players. The use of selfdeclaration of conformity, a recognised and tested approach used by manufacturers should be extended” voiced Cecilia Bonefeld-Dahl, Director-General of DIGITALEUROPE.
We warn against the new provision opening the possibility for individual countries to make the certification mandatory through national legislation. This goes against the objective of the Regulation and may lead to market fragmentation.
DIGITALEUROPE urges ITRE MEPs to build on the improvement made in the IMCO opinion. It is now the role of the European Parliament to stand for the single market, avoiding further fragmentation via national legislation, and keeping the voluntary approach to certification across the EU and allowing for a flexible and inclusive certification framework. This requires industry participation and possibility for self-declaration of conformity.
“While the Council gives a role to the industry to propose certification schemes, it still doesn’t provide for a structured and formal industry involvement in the prioritisation, elaboration, and implementation of such schemes” insisted Cecilia Bonefeld-Dahl, Director-General of DIGITALEUROPE.
“The digital industry has a long experience in dealing with cybersecurity, in finding solutions and in designing products and services that protect both their devices and users. This experience will be valuable for the elaboration of future-proof certification schemes and each scheme should benefit from the most relevant set of expertise” she added
To boost the industry competitiveness, DIGITALEUROPE believes that the reference to global standards should prevail and any deviation from this principle, as introduced by the Council, may create uncertainty for market players.
For more information please contact
Alberto Di Felice
Director for Infrastructure, Privacy & Security Policy