While Member States have just reached an agreement on the Network and Information Security (NIS2) Directive, they have not made as much progress on the Critical Entities Resilience Directive, which was also proposed in late 2020 (see EUROPE 12624/2).
The text aims to better protect essential infrastructure and services such as energy, transport, drinking water, and the digital sector from terrorist attacks, natural disasters, and other unexpected events.
The directive requires local authorities to designate a single point of contact in charge of communicating with other Member States and to create a new Critical Entities Resilience Group in order to facilitate communication. Early on, Member States had been concerned about competences and their sovereignty being respected.
In a progress report submitted to the home affairs ministers meeting on 9 December, the Slovenian Presidency of the Council of the EU explains that it has prepared a fifth compromise text and that it was notably necessary to clarify the elements of this proposal with those contained in the Network and Information Security Directive and the rules on digital operational resilience for the financial sector (DORA).
“In this complex multi-sector file, the Presidency attaches great importance to coordination with other ongoing negotiations”, the report indicates. It has, for example, developed various references in the ‘critical entities’ text in order to foster better cooperation between the national authorities concerned by the latter and those concerned by NIS2 and DORA. The Presidency followed the line of the European Commission that establishes that many articles in this text on critical entities do not apply to the sectors of banking, financial market infrastructures, and digital infrastructure.
The report goes on to say, “The Presidency considers vital that this Directive should not be an obstacle for the Member States to safeguard national security and defence. At the same time, references to security issues should be shaped in a way so as to not undermine the harmonisation effect of the Directive”.
Link to the latest compromise: https://bit.ly/2ZPITKb
Link to the report: https://bit.ly/32QvRx7 (Original version in French by Solenn Paulic)