European legislators have reached an important agreement today, as they sign first cyber-security rules for the Union.
The rules, comprised in the Network and Information Security Directive have, among other things, asked tech giants such as Google and Amazon to be more open and transparent about their security, as that will help protect EU’s essential infrastructure, such as air and road traffic control systems and the electricity grid, from cyberattacks.
"Today, a milestone has been achieved [told you]: we have agreed on the first ever EU-wide cyber-security rules, which the Parliament has advocated for years," said a clearly delighted Parliament rapporteur Andreas Schwab.
"Parliament has pushed hard for a harmonised identification of critical operators in energy, transport, health or banking fields, which will have to fulfil security measures and notify significant cyber incidents. Member states will have to cooperate more on cybersecurity - which is even more important in light of the current security situation in Europe."
According to a report by The Inquirer, the European Parliament has long pressed for cloud services to be included in the legislation. "Moreover, this directive marks the beginning of platform regulation,” Schwab said.
"Whilst the Commission's consultation on online platforms is still on-going, the new rules already foresee concrete definitions - a request that Parliament had made since the beginning in order to give its consent to the inclusion of digital services."
The directive cannot be forced upon EU member states, though – they will need to pass new or amended legislation in their individual parliaments.