EC Welcomes Adoption of Digital Services Package

By Regulatory News

July 05, 2022

The European Commission (EC) welcomes the adoption of the Digital Services Package, which includes the Digital Services Act and the Digital Markets Act proposed by EC in December 2020. Also published was a summary of the opinion of the European Data Protection Supervisor on the proposed EC regulation for a high common level of cybersecurity at the entities and agencies in European Union.

Digital Services Package. The Digital Services Act sets out a standard for accountability of online platforms and its scope covers various online intermediary services. These online intermediary services include cloud computing services; online platforms such as online marketplaces, app stores, collaborative economy platforms and social media platforms; and very large online platforms that reach over 10% of the 450 million consumers in EU. Also part of this package is the Digital Markets Act, which will apply to gatekeepers—companies that create bottlenecks between businesses and consumers and sometimes even control entire ecosystems—made up of different platform services such as online marketplaces, operating systems, cloud services, or online search engines. The Digital Markets Act establishes a set of narrowly defined objective criteria for qualifying a large online platform as a “gatekeeper.” These gatekeepers will be subject to a number of clearly defined obligations and prohibitions. The adoption of the Digital Services Package in the first reading by the European Parliament follows the political agreement that has been reached by the co-legislators on the Digital Markets Act on March 24, 2022 and the Digital Services Act on April 23, 2022. EC will enforce these rules for the largest online platforms active in EU. Following this adoption, text for both the Acts must now be formally adopted by the European Council. Finally, the Digital Services Act and the Digital Markets Act are expected to be published in the Official Journal of the European Union in Autumn 2022.

Opinion on Proposed Cybersecurity Rules. The European Data Protection Supervisor welcomes the aim of the EC proposal to improve the cybersecurity posture of the Union Institutions, bodies, offices and agencies. The European Data Protection Supervisor recommends adding in the proposal that its minimum security requirements should be at least equal or higher than the minimum security requirements of the entities of Directive on security of network and information systems (NIS Directive) and NIS 2.0 proposal. Further, the European Data Protection Supervisor strongly advises that the proposal, or at the very least a delegated act to be adopted subsequently by EC, must clearly provide a legal ground for the processing of personal data by Cybersecurity Center (CERT-EU) and the EU entities. The European Data Protection Supervisor also advises that the proposal provide for close cooperation between the CERT-EU and the European Data Protection Supervisor, when addressing incidents resulting in personal data breaches, or when addressing any significant vulnerabilities, incidents, or major attacks, that have the potential to result in personal data breaches. The European Data Protection Supervisor also strongly recommends that the proposal provide for the supervisor's participation in the Interinstitutional Cybersecurity Board (IICB).

Related Links

Keywords: Europe, EU, Banking, Insurance, Securities, Digital Services Act, Digital Markets Act, Regtech, NIS, CERT-EU, Cyber Risk, Online Marketplaces, Cloud Computing, Data Providers, Platform Businesses, European Parliament, EC

SRB Outlines Upcoming Work Priorities, Issues MREL Dashboard

OSFI Proposes Pillar 3 Disclosure Guideline for Small and Medium Banks

News

APRA Publishes Results of Climate Risk Self-Assessment Survey

The Australian Prudential Regulation Authority (APRA) has published the findings of its latest climate risk self-assessment survey conducted across the banking, insurance, and superannuation industries.

August 04, 2022 WebPage Regulatory News

News

ACPR Publishes Updates Related to CRD IV and Covered Bonds

The French Prudential Supervisory Authority (ACPR) published a notice related to the methods for calculating and publishing prudential ratios under the Capital Requirements Directive (CRD IV) and the minimum requirement for own funds and eligible liabilities (MREL).

August 03, 2022 WebPage Regulatory News

News

BIS Paper Contributes to Debate on Regulating NBFIs and Big Techs

The Financial Stability Institute (FSI) of the Bank for International Settlements recently published a paper proposing a framework for classifying financial stability regulation as either entity-based or activity-based.

August 03, 2022 WebPage Regulatory News

News

EIOPA Publishes Guidance on Climate Change Scenarios in ORSA

The European Insurance and Occupational Pension Authority (EIOPA) published the risk dashboard based on Solvency II data and the final version of the application guidance on climate change materiality assessments and climate change scenarios in the Own Risk and Solvency Assessment (ORSA).

August 02, 2022 WebPage Regulatory News

News

EBA and ECB Respond to Proposals on Sustainability Disclosures

The European Banking Authority (EBA) and the European Central Bank (ECB) published their responses to the consultations of the International Sustainability Standards Board (ISSB) and the European Financial Reporting Advisory Group (EFRAG) on sustainability-related disclosure standards.

August 01, 2022 WebPage Regulatory News

News

BIS Report Notes Existing Gaps in Climate Risk Data at Central Banks

A Consultative Group on Risk Management (CGRM) at the Bank for International Settlements (BIS) published a report that examines incorporation of climate risks into the international reserve management framework.