POLICY
European Proposals, Regulations and Initiatives 2023
From a distance, the plethora of regulations, directives and supranational organisations in Europe focussed on identity, cybersecurity and privacy often appears confusing. Over the last ten years the European Union (EU) has been driving a digital transformation strategy that will work for people and businesses.
In the context of data alone, there is a bewildering array of inter-related regulatory initiatives starting with the Data Act, but embracing the Data Governance Act, the Digital Services Act, the Digital Marketing Act and the European Health Data Space. In addition, on top of the 2018 eIDAS regulation providing EU-wide electronic identification, authentication and trust services, in 2021 the European Commission (EC) proposed a framework for a European Digital Identity which will be available to all EU citizens, residents and businesses in the EU.
In parallel the EU is adopting a wide range of cybersecurity, trust and privacy-related measures to protect infrastructure, governments, businesses and citizens.
- The revised directive on security of network and information systems (NIS)
- The EU Cybersecurity Act, including the strengthened role of ENISA (the European Union Agency for Cybersecurity) and the introduction of the European Cybersecurity Certification Framework
- The Cyber Resilience Act On horizontal cybersecurity requirements for products with digital elements
- The EU blueprint for coordinated responses to large scale cyber incidents
- The European Cybersecurity industrial, technology and research competence centre (in Bucharest), together with the network of national cybersecurity centres
Last but not least, the General Data Protection Regulation (GDPR) introduced in 2018 has spawned similar regulations in many other jurisdictions worldwide and sits alongside the newer proposed ePrivacy regulation.
During this last period of the current European Commission, TDL will provide a regular update on the progress of the proposals, initiatives and amendments to existing regulations. The baseline for the scope of regulations can be found here:
The regular updates to the information contained in this document can be found here:
In conjunction with the regular update reports on European legislation and legislative activities, TDL also maintains a library of the accompanying documentation
Resource Library
In conjunction with the regular update reports on European legislation and legislative activities, TDL also maintains a resource library of some of the relevant accompanying documentation
Proposals
- AI Act
- Cryptocurrencies
- Cyber Resilience Act (CRA)
- Data Act
- Data Governance Act
- Data Protection Law Enforcement Directive
- eIDAS 2.0
- e-Privacy
- EU Interoperability Framework
- Open Finance Framework
Regulations
- Digital Operational Resilience for Financial Sector (DORA)
- Digital Markets Act (DMA)
- Digital Services Act (DSA)
- General Data Protection Regulation (GDPR)
- NIS Directive (Review)
Initiatives
Other Mechanisms