The
European Union (EU) has agreed on the wording of a proposed new cybersecurity directive. Known as the EU Cybersecurity Directive, the document met the approval of the European Parliament and the Presidency of the EU Council of Ministers, the latter of which is currently headed by Luxembourg. The move represents a significant step towards the Directive ultimately becoming European law. The final document will be published on December 18 to meet member state approval.
The European Commission (EC), the “EU's politically independent executive arm”, was involved in a public consultation to establish the EU's cybersecurity policy in 2012. The results of the consultation suggested that 57% of those asked had experienced data, security and hacking issues over a 12-month period before the research took place. The EC proposed a text for the directive the following year. Since then proposals have been discussed culminating in the EU Parliament’s and Council’s agreement on the current wording.
The Directive is expected to require EU members to establish a “national strategy” for data and network security alongside the establishment of a “national authority” that would be in charge of address security issues and assessing cyber risks. It is also likely to include some type of warning strategy to combat cross-border cybercrime. Once the Directive is approved EU members will have 21 months to comply with its requirements and make them national law.
Do you know of cybercrime legislation being brought in elsewhere in the world? Let us know the details. Add your comments below.
