New EU cybersecurity regulations may force Internet giants to tighten up their security protocols in order to keep authorities in the loop about breaches, Reuters reported.
Reuters reported that it obtained documents last week detailing a Network and Information Security Directive that has been initiated between member states and EU lawmakers. The details of the security plans, however, remain a subject of debate as some regulators aren’t sure which companies should be bound by the rules.
The regulations are aimed at having search engines, social networks, eCommerce sites and cloud-computing providers keep authorities informed about potential breaches. While some are arguing to include more companies, some members of the European Parliament suggest that it should only be implemented for major sectors, including energy, transport and finance, Reuters reported.
Now, however, the Internet platforms have been tossed back into the discussion, according to details listed in the documents. Digital platforms would be subject to the EU law, according to recent updates that reportedly came after months of negotiations. Those platforms might be able to be held at a lesser standard than the other sectors listed though since they aren’t as linked to physical infrastructure and national security issues.
“We’re pleased to see digital service platforms subject to a different regime, but we’re disappointed at the lack of recognition that it is the use of cloud that determines the security risk, not the service itself,” Chris Gow, senior manager of government affairs at Cisco, told Reuters.