News

In a nutshell: November was a fruitful month for negotiations in the EU bubble, with both the Council of the EU and the European Parliament adopting the NIS 2 Directive, and the European Parliament adopting the CER Directive. Co-legislators also reached a political agreement on the e-Evidence proposal. The Council adopted its General Approach on the EUID proposal, whilst the IMCO Committee issued its Opinion on the file. As for geographical indications, the AGRI Committee issued its Draft Report on the proposal for agricultural products and received numerous amendments, which was also the case for IMCO and JURI regarding amendments on the craft and industrial products proposal. The EDPS released its Opinion on the Cyber Resilience Act.

In a nutshell: The European Commission revealed its Work Programme for 2023 and issued its proposal for a Council Recommendation on a coordinated approach to strengthen the resilience of critical infrastructure, whilst the Council released its conclusions on ICT supply chain security. The Digital Services Act was published in the Official Journal of the EU. Parliamentary committees released documents on the reform of the geographical indications’ framework in the EU for craft and industrial products. Commissioner Johansson confirmed that blocking orders under the CSAM Regulation would not apply to DNS4EU. The European Court of Justice’s Advocate General stated that national authorities should be able to access data linked to IP addresses where no other means to identify holders of addresses suspected of copyright infringement is available.

In a nutshell: The President of the European Commission issued her State of the Union Letter of Intent for 2022, whilst the Czech Presidency outlined its priorities to committees of the European Parliament. The European Commission released its proposal for a Cyber Resilience Act and for an Artificial Intelligence Liability Act. The CJEU reaffirmed the prohibition of the general and indiscriminate retention of electronic communications data. IMCO released its opinion on the EUID proposal and the European Parliament issued a Study on Updating the European digital identity framework. The AGRI Committee published a Working Document on the proposal for the reform of geographical indications for wine, spirits drinks and agricultural products. The British National Cyber Security Centre issued guidance on the taking down of malicious content to protect brands.

In a nutshell: The Council of the EU and the European Parliament reached a provisional agreement on the ‘Path to the Digital Decade’ 2030 policy programme. The Council of the EU released its Conclusions on EU Digital Diplomacy. The European Parliament issued a Study on internet fragmentation and on Europe’s PegasusGate. The Council of the EU issued its compromise text on the EUID proposal, while ITRE’s Draft Report received numerous amendments. Further information was provided on the political agreement on the CER Directive.

In a nutshell: the Czech Republic unveiled its Presidency Programme. Progress was made on many important legislative files for internet infrastructure actors: the European Parliament adopted the Digital Services Act, the Council of the EU published its political agreement on NIS 2, and political agreements were reached on the CER Directive and on core elements of the e-Evidence package. As for the EUID Regulation, ITRE issued its draft report, and Members of the European Parliament suggested amendments to the proposal within several Parliamentary committees.

In a nutshell: The Council adopted its position for the ‘Path to the Digital Decade’ 2030 policy programme. The European Parliament and the Council of the EU reached a political agreement on the NIS 2 Directive and continued negotiating for consensus on the CER Directive. The European Data Protection Supervisor issued its opinion on the Proposal for a Regulation on cybersecurity measures in the EU institutions. The European Commission issued its proposal for a CSAM Regulation and its Strategy for a better internet for kids. Europol published a report on misleading invoice fraud targeting the owners of intellectual property rights. The 2^nd Additional Protocol to the Budapest Convention opened for signature in Strasbourg, whilst the European Union and the United States issued a Joint Statement at the Trade and Technology Council in Paris.

In a nutshell: The European Commission opened a public consultation on the cross-border enforcement of consumer protection law and issued proposals to reform the EU framework on geographical indications. The European Court of Auditors published the conclusions of its report on intellectual property rights in the EU. The CJEU reaffirmed the prohibition of the general and indiscriminate retention of electronic communications data and held that online content-sharing service providers’ obligation to monitor content under the Copyright Directive is compatible with freedom of expression. The European Parliament and the Council of the EU reached a political agreement on the DSA. The European Parliament adopted the Data Governance Act in plenary, and JURI issued its Draft Opinion on the proposal for an EUID. ENISA issued its report on Coordinated vulnerability disclosure policies in the EU. The EU, the US and other international partners issued a Declaration for the Future of the Internet.

In a nutshell: March was a particularly busy month in the cybersecurity sphere. The European Commission issued a call for evidence for an impact assessment on the upcoming Cyber Resilience Act and released a proposal for a Regulation laying down measures for a high common level of cybersecurity at the EU institutions, bodies, offices and agencies. In parallel, the NIS Cooperation Group issued its Technical Guidelines on Security Measures for Top-Level Domain Name registries, ENISA published a report on Security and Privacy for public DNS resolvers, and EU Ministers called for a strengthening of the EU's telecommunications and cybersecurity resilience. New documents were released regarding the trilogue negotiations on e-Evidence and the EUID proposal, and a political agreement between co-legislators was found on the Digital Markets Act. The European Commission and the United States agreed on a new Trans-Atlantic Data Privacy framework. Europol and the EUIPO issued a joint Intellectual Property Threat Assessment.

In a nutshell: The European Commission kickstarted the year with a set of publications of relevance for ccTLDs, such as the DNS Abuse Study and the Communication on an EU Strategy on Standardisation. The Commission also released proposals for a European Declaration on Digital Rights and a Data Act. Regarding intellectual property, the Commission issued a call for evidence on the upcoming EU Toolbox against Counterfeiting, whilst the European Parliament published a Study on the Cross Border Enforcement of Intellectual Property Rights in the EU. Co-legislators reached a provisional agreement on amending the Europol regulation, and IMCO published its Draft Report on the EUID proposal. The EDPB launched a coordinated enforcement action on the use of cloud services by the public sector.

In a nutshell: The upcoming months look busy on the legislative and policy front. France took over the presidency of the Council of the EU until the end of June with an ambitious digital agenda and the aim to finalise key legislative initiatives such as the DSA and NIS 2 before the national elections. The Council of the EU approved its General Approach on the CER Directive. The European Parliament adopted its position on the DSA and is ready to enter trilogue negotiations with the Council of the EU and the European Commission. The European Commission published its long-awaited call for proposals for the deployment of DNS4EU and is looking into proposing new legislative initiatives in the fields of cybersecurity, child protection and hate speech online. It is also expected to put forward an EU Toolbox against counterfeiting, and to publish its study on DNS abuse.