European Parliament, Commission, and Council reach deal on draft text of Network and Information Security Directive, the first EU-wide cybersecurity regime

King & Spalding

European authorities reached a provisional agreement on the Network and Information Security Directive, the first-ever EU-wide cybersecurity standards. Press releases from the European Parliament, European Commission, and European Council announced the December 7, 2015 deal. The Directive seeks to improve the cybersecurity capabilities of member states, as well as improve cooperation on cybersecurity issues between EU nations. Moreover, once formally approved, the new rules will require “operators of essential services” and some internet services providers to adhere to minimum cybersecurity standards and report significant cyber-attacks to public authorities. Notably, the Directive will put an end to the current fragmentation of individual cybersecurity systems by the twenty-eight member nations, and will substantially change the regulatory landscape for many businesses that operate within the European Union. This provisional agreement is an outgrowth of the European Commission’s 2013 Cybersecurity Strategy and proposed Directive on Network and Information Security.

Data, Privacy & Security in the EU -

The Network and Information Security Directive comes amidst a flurry of substantial changes to cybersecurity rules and regulations within Europe. The European Union is particularly well known for its stringent privacy laws, and recent developments reflect a commitment to personal privacy protections. The European Court of Justice (“ECJ”), for example, invalidated the Safe Harbor framework on October 6, 2015. The Safe Harbor agreement had allowed US companies to self-certify that they would comply with more stringent EU data protection standards so as to allow for the free transfer of European data to the United States. According to the ECJ ruling, however, data stored on US servers does not meet EU standards, largely due to the US government’s mass surveillance program—thus rendering the agreement illegal.

Please see full Alert below for more information.

LOADING PDF: If there are any problems, click here to download the file.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© King & Spalding | Attorney Advertising

Written by:

King & Spalding

King & Spalding on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.