European Union adoption of cybersecurity measures delayed

Key countries, such as the U.K., want the measures to be perfected before widespread adoption

The European Union has taken steps to beef up cybersecurity in 2013, approving new rules to outlaw NSA surveillance tactics and codifying a new set of boundaries for what qualifies as personally identifiable information (PII).

But when will the EU put those rules into effect? Only after they are signed into law by each of the EU’s member states… which is taking a lot longer than initially expected and could drag well into 2014.

An EU official who spoke with reporters on Dec. 2 says that some nations have demanded more time to sign off on a law that would provide strong punishments for privacy violations. According to the official, the measures are too complicated and sensitive for the nations to reach a full resolution this week.

According to Bloomberg, the proposed measures are unlikely to be adopted before European Parliament elections in May. This comes after an October announcement that the EU was dropping a planned 2014 deadline in favor of a pledge to introduce the measures in a “timely fashion.”

Members of the European Union committees that developed the frameworks say that widespread adoption was never a realistic option at this stage. However, officials also say that they are hopeful the measures will be adopted soon. “European heads of state and government committed to a ‘timely’ adoption of the new data protection legislation” and ministers “should now deliver on this commitment and adopt the EU’s data protection reform swiftly,” said Mina Andreeva, spokeswoman of EU Justice Commissioner Viviane Reding.

However, some countries have been outspoken in their desire to take their time with the process. The U.K. spearheaded the push to amend the 2014 deadline for introduction, and country officials want the plan to be perfected before anything is introduced. “I want to see us agreeing data protection legislation that works for the U.K.,” U.K. Justice Secretary Chris Grayling told Bloomberg in a statement. “As the Prime Minister has made clear, it is better we take the time to get this right rather than rush into something that proves unworkable and costly.”


For more on the legal wrangling surrounding cybersecurity, check out these InsideCounsel articles:

LabMD latest to challenge FTC’s cybersecurity regulation authority

Big Data comes to the forefront

Why collaborating on technology is important for in-house counsel

Experts voice adoption, privacy concerns over NIST cybersecurity framework

Assistant Editor

author image

Zach Warren

Zach Warren is Assistant Editor of InsideCounsel magazine, where he oversees online content submissions and administers InsideCounsel's enewsletters. Zach specializes in new media and multimedia...

Bio and more articles

Join the Conversation

Advertisement. Closing in 15 seconds.