EU to Require Cybersecurity Certification of all Information Products and Services?

Nov 30

From: European Commission

Cybersecurity Package

About this initiative

Reference

COM(2017)477

Type

Proposal for a regulation

Regulations are binding legal acts that are directly applicable in all EU countries. Therefore, EU countries do not need to take further steps to incorporate them into their national legislation. Proposals are made by the Commission and must be adopted by the legislator via one of the legislative procedures.

Any related corrigenda are available on the Registry of Documents or Eur-LEX.

Full title

Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on ENISA, the “EU Cybersecurity Agency”, and repealing Regulation (EU) 526/2013, and on Information and Communication Technology cybersecurity certification (”Cybersecurity Act”)

Department

Directorate-General for Communications Networks, Content and Technology

Proposal for a regulation – COM(2017)477/947932

English (1.3 MB – PDF – 92 pages)

Available languages (23)

Annex – COM(2017)477/948192

English (114.5 KB – PDF – 4 pages)

Available languages (23)

Impact assessment – SWD(2017)500/948161 – Part 1

English (2.5 MB – PDF – 141 pages)

Impact assessment – SWD(2017)500/948161 – Part 2

English (5.2 MB – PDF – 204 pages)

Impact assessment – SWD(2017)500/948161 – Part 3

English (276.1 KB – PDF – 5 pages)

Impact assessment – SWD(2017)500/948161 – Part 4

English (2.7 MB – PDF – 54 pages)

Impact assessment – SWD(2017)500/948161 – Part 5

English (3.7 MB – PDF – 132 pages)

Impact assessment – SWD(2017)500/948161 – Part 6

English (2.7 MB – PDF – 131 pages)

Summary of impact assessment – SWD(2017)501/948163

English (247.9 KB – PDF – 5 pages)

Available languages (23)

Staff working document – SWD(2017)502/948196

English (843.9 KB – PDF – 28 pages)

Give your feedback

Feedback period

13 September 2017 – 6 December 2017

Feedback status: Open

The Commission would like to hear your views.

Once the Commission has decided on a legislative proposal and put it forward for adoption by the EU Parliament and Council, you can respond to the proposal and accompanying impact assessment. The feedback period will close 8 weeks after the proposal is made available in all EU languages. You can choose between having your feedback:

published with your personal details or organisation’s details, or
published anonymously (make sure attachments don’t contain any personal details)

Once submitted, your feedback will be immediately published on this site. We’ll review published feedback to check it complies with the rules for feedback and suggestions. If it doesn’t, it will be removed. You will not receive an individual response, but the Commission will present a summary of the feedback received to the Parliament and Council so that your views can be part of the legislative debate.