Many EU member states are set to miss the October 17 deadline to implement the Network and Information Security Directive (NIS 2), aimed at enhancing cybersecurity for critical sectors. Only Belgium, Croatia, Italy, and Lithuania have made partial progress, while others like Germany and the Netherlands have pending legislation, and countries such as Ireland and Spain lag further behind. The directive, approved in 2022, expands protections for sectors like energy, transport, banking, and water, and replaces the previous NIS1 directive, which failed to boost cyber resilience.
Businesses are concerned about the fragmented implementation and compliance challenges, particularly for companies operating across multiple markets. The European Federation of National Associations of Water Services (EurEau) warned that delays create uncertainty for water operators, who may need financial support to meet cybersecurity requirements. Similarly, the software lobby group BSA criticised the lack of guidance on incident reporting, a key aspect of NIS 2.
The European DIGITAL SME Alliance expressed worries for small and medium enterprises that might be impacted if they are part of larger companies’ supply chains under NIS 2. The directive mandates penalties for non-compliance, including fines of up to €10 million or 2% of global revenue, and holds senior management accountable for security breaches, signaling a shift in responsibility beyond IT departments.
The EU recently adopted a directive that modernises civil liability laws, aligning them with contemporary economic models influenced by technological advancements and the principles of the circular economy. That update broadens the definition of a ‘product’ to include digital manufacturing files and software, recognising the increasing prevalence of digital product features.
Additionally, the directive addresses the implications of circular economy business models by ensuring that individuals or companies responsible for repairing or upgrading products outside the original manufacturer’s control can be held liable for any defects that may arise from these modifications. Consumer protection is a core focus of this directive, enhancing the rights of injured parties while providing clarity for producers.
The updated rules stipulate that online platforms will now share liability for defective products sold on their sites, similar to traditional economic operators. The change reinforces the responsibility of online marketplaces to ensure the safety and quality of the products they offer.
The directive streamlines compensation by allowing injured individuals access to relevant evidence manufacturers hold. It holds importers or EU-based representatives of non-EU manufacturers liable for damages from foreign products. To promote fairness, courts may permit claimants to demonstrate only the likelihood of defectiveness when proving a product’s defect is challenging.
Taking effect 20 days after publication in the Official Journal of the European Union, the directive requires member states to transpose it into national laws within two years. The update enhances consumer protection and legal clarity while supporting the adoption of new technologies.
The European Union has postponed the implementation of a biometric entry-check system for non-EU citizens, initially slated for 10 November. Delays stem from concerns raised by Germany, France, and the Netherlands regarding their border computer systems’ readiness. EU Home Affairs Commissioner Ylva Johansson confirmed that no new launch date has been set, though discussions about a phased introduction are ongoing.
The Entry/Exit System (EES) aims to create a digital link between travel documents and biometric data, such as fingerprints and facial scans, thereby removing the need for manual passport stamping at the EU’s external borders. Non-EU citizens arriving in the Schengen area would need to provide biometric information and answer questions regarding their stay.
Digital passports and ID cards are a major step forward, strengthening security in the Schengen area and making travel easier. They will allow border guards to quickly approve genuine travellers and focus better on stopping suspects of crime and terrorism https://t.co/nFu6cg0ndv
Officials from Germany’s interior ministry noted that the three nations represent 40% of the affected passenger traffic and are not yet prepared to implement the EES. They indicated that the EU agency EU-Lisa has yet to deliver the necessary stability and functionality for the central system.
While the French interior ministry acknowledged the EES’s potential benefits, they emphasised the need for proper preparation before its rollout. The Dutch government has not provided a response regarding its stance on the delay.
Dutch economy minister Dirk Beljaarts revealed a plan to form a ‘coalition of the willing’ within the EU to strengthen the bloc’s computer chip industry and compete globally with the US and China. At a G7 industry ministers’ meeting in Rome, he stressed the importance of EU nations working together to set up production, assembly, and packaging facilities. While the Netherlands is home to leading chip tool maker ASML, Beljaarts emphasised that other EU countries must also build their semiconductor industries.
Beljaarts expressed the Netherlands’ readiness to lead this initiative, collaborating with Italian Industry Minister Adolfo Urso to bring the plans to life. Although the Netherlands is not a G7 member, its influence in the tech sector, as the world’s 18th largest economy, secured its invitation to the meeting. The EU’s chip strategy has recently faced challenges, particularly after the departure of Thierry Breton, the former EU Commission industry chief and architect of the EU Chips Act. The act, valued at €43 billion, aims to boost Europe’s share of the global chip market to 20% by 2030.
In a separate meeting, Beljaarts spoke with US Secretary of Commerce Gina Raimondo, discussing potential areas of cooperation. This discussion took place amid anticipated US export restrictions on advanced semiconductor equipment to China, which could impact ASML. However, Beljaarts clarified that the talks focused on collaboration rather than export limitations.
German cartel authorities have closed their investigation into Meta’s data practices following extensive negotiations that led to the US tech giant agreeing to address regulatory concerns. Meta, the owner of Facebook and Instagram, has committed to implementing several measures to change how user data is collected and processed on its platforms, the officials announced on Thursday.
According to Andreas Mundt, the president of the German Federal Cartel Office, one of the most significant changes is that users of Facebook will no longer be required to consent to the unrestricted collection and association of data to their user accounts. This new approach ensures that data not generated through Facebook’s services cannot be automatically linked to a user’s account without specific consent. The decision marks a significant step in limiting the scope of Meta’s data collection and improving user privacy in Germany.
The investigation into Meta was part of a larger initiative by European regulators to closely examine and regulate the data practices of major tech firms. Meta’s cooperation with German authorities highlights its readiness to comply with regulatory standards and could set a precedent for similar cases across Europe. The agreed changes aim to enhance privacy protections for users and increase transparency in how tech platforms manage and utilise personal data.
The European Commission has announced a significant investment in the continent’s digital infrastructure through its second work program under the Connecting Europe Facility (CEF) Digital, allocating €865 million in funding from 2024 to 2027. That initiative will target large-scale projects promoting the rollout of 5G and gigabit networks in key sectors such as healthcare, transport, logistics, and manufacturing.
By focusing on these industries, the EU aims to drive the integration of advanced technologies to meet increasing digital demands. The program also seeks to expand Europe’s digital backbone by strengthening quantum communication networks and laying new submarine cables to enhance connectivity with third countries.
Additionally, it will develop digital platforms for transport and energy, optimising ICT energy use while minimising environmental impact and ensuring seamless integration with existing European data, cloud, and connectivity infrastructures.
That initiative supports the EU’s ambitious 2030 Digital Decade goals, which aim to provide all citizens and businesses access to 5G and gigabit-speed internet. Margrethe Vestager, Executive Vice-President for Europe Fit for the Digital Age, emphasised the importance of enhancing connectivity to foster innovation and connect more citizens and businesses.
With a total budget of €2 billion until 2027, the broader CEF Digital program has already funded 65 projects, including 5G Smart Communities and cross-border 5G corridors. It plans to launch a fourth call for project proposals to accelerate digital transformation further.
Elon Musk’s platform, X (formerly known as Twitter), will not be classified as a ‘gatekeeper’ under the EU’s Digital Markets Act (DMA), a landmark set of tech regulations that impose strict obligations on major digital players. According to sources familiar with the situation, the European Commission, which has been investigating X since May, is expected to confirm this decision in the coming week.
The DMA prevents dominant tech companies from abusing their market power, particularly in messaging apps and pre-installed software. Platforms designated as gatekeepers must comply with rules to promote competition, such as ensuring their messaging systems are interoperable with rival apps and allowing users to choose which apps to install by default on their devices.
Despite meeting the user-base threshold for a gatekeeper, X argued that it does not meet the additional criteria of being a key intermediary between businesses and consumers. This claim led the Commission to launch its investigation to clarify whether the platform should face the extra obligations imposed by the DMA.
As the Commission’s ruling draws near, it highlights the ongoing scrutiny faced by tech giants under EU regulations to curb their influence over the digital economy. For Musk’s X, this is a significant reprieve amid growing regulatory pressure on Big Tech worldwide.
South Korea is preparing to impose foreign exchange rules on cross-border transactions involving stablecoins, especially those tied to the dollar. The Ministry of Economy and Finance revealed plans to ensure the security of stablecoin transactions, focusing on cross-border uses. The Financial Services Commission will address these regulations in the upcoming phase of the country’s Virtual Asset User Protection Act.
The regulatory framework will initially focus on stablecoins tied to South Korea’s won before expanding to include foreign currency-backed tokens. It mirrors recent regulatory moves in Japan and the EU. With a strong emphasis on user protection, South Korea’s new laws will enforce stricter security standards for virtual asset service providers, including insurance mandates and penalties for non-compliance.
A new independent body in Ireland will allow social media users in the European Union to challenge content moderation decisions made by platforms like Facebook, TikTok, and YouTube. Established under the EU Digital Services Act (DSA), this Appeals Centre aims to provide users with an alternative to the courts when disputing content decisions. Supported by Meta’s Oversight Board Trust and certified by Ireland’s media regulator, the centre is expected to begin operations by the end of the year. It will expand to include more platforms over time.
Thomas Hughes, CEO of the Appeals Centre, emphasised the body’s independence from governments and companies, ensuring that social media content policies are applied fairly. The centre’s team of experts will review cases within 90 days to determine if the platforms’ actions align with their stated policies. The European Commission has expressed support for the initiative, with spokesperson Thomas Regnier highlighting the importance of uniform development across the EU to strengthen online user rights.
Located in Dublin, the Appeals Centre will operate on a funding model that charges social media companies fees for each case. At the same time, users will incur a nominal fee that is refundable if their appeal is successful. However, platforms are not obligated to participate, as the centre lacks the power to enforce binding settlements. The centre will be governed by a board of seven non-executive directors.
Coinbase announced on Friday that it will delist certain stablecoins in the European Economic Area (EEA) by the end of the year as the cryptocurrency industry prepares for stricter regulations in the region. The EU‘s new Markets in Crypto-Assets (MiCA) regulation, introduced in early 2023, will be fully implemented by December. This framework mandates that stablecoin issuers adhere to stringent transparency, liquidity, and consumer protection standards.
In line with its commitment to compliance, Coinbase intends to restrict services for EEA users concerning stablecoins that do not comply with MiCA requirements by 30 December 2024. The exchange will provide affected customers with options to switch to authorised stablecoins, including USDC and EURC from fintech firm Circle, which are pegged to the US dollar and euro, respectively.
Stablecoins have gained significant popularity in recent years, particularly as major financial institutions like PayPal adopt them. This growth reflects the increasing integration of the once-nascent digital assets sector into mainstream finance.
