EC Welcomes Adoption of Digital Services Package
The European Commission (EC) welcomes the adoption of the Digital Services Package, which includes the Digital Services Act and the Digital Markets Act proposed by EC in December 2020. Also published was a summary of the opinion of the European Data Protection Supervisor on the proposed EC regulation for a high common level of cybersecurity at the entities and agencies in European Union.
Digital Services Package. The Digital Services Act sets out a standard for accountability of online platforms and its scope covers various online intermediary services. These online intermediary services include cloud computing services; online platforms such as online marketplaces, app stores, collaborative economy platforms and social media platforms; and very large online platforms that reach over 10% of the 450 million consumers in EU. Also part of this package is the Digital Markets Act, which will apply to gatekeepers—companies that create bottlenecks between businesses and consumers and sometimes even control entire ecosystems—made up of different platform services such as online marketplaces, operating systems, cloud services, or online search engines. The Digital Markets Act establishes a set of narrowly defined objective criteria for qualifying a large online platform as a “gatekeeper.” These gatekeepers will be subject to a number of clearly defined obligations and prohibitions. The adoption of the Digital Services Package in the first reading by the European Parliament follows the political agreement that has been reached by the co-legislators on the Digital Markets Act on March 24, 2022 and the Digital Services Act on April 23, 2022. EC will enforce these rules for the largest online platforms active in EU. Following this adoption, text for both the Acts must now be formally adopted by the European Council. Finally, the Digital Services Act and the Digital Markets Act are expected to be published in the Official Journal of the European Union in Autumn 2022.
Opinion on Proposed Cybersecurity Rules. The European Data Protection Supervisor welcomes the aim of the EC proposal to improve the cybersecurity posture of the Union Institutions, bodies, offices and agencies. The European Data Protection Supervisor recommends adding in the proposal that its minimum security requirements should be at least equal or higher than the minimum security requirements of the entities of Directive on security of network and information systems (NIS Directive) and NIS 2.0 proposal. Further, the European Data Protection Supervisor strongly advises that the proposal, or at the very least a delegated act to be adopted subsequently by EC, must clearly provide a legal ground for the processing of personal data by Cybersecurity Center (CERT-EU) and the EU entities. The European Data Protection Supervisor also advises that the proposal provide for close cooperation between the CERT-EU and the European Data Protection Supervisor, when addressing incidents resulting in personal data breaches, or when addressing any significant vulnerabilities, incidents, or major attacks, that have the potential to result in personal data breaches. The European Data Protection Supervisor also strongly recommends that the proposal provide for the supervisor's participation in the Interinstitutional Cybersecurity Board (IICB).
Related Links
- Press Release on Digital Services Package
- Digital Services Act
- Digital Markets Act
- Opinion on Proposed Cybersecurity Rules
Keywords: Europe, EU, Banking, Insurance, Securities, Digital Services Act, Digital Markets Act, Regtech, NIS, CERT-EU, Cyber Risk, Online Marketplaces, Cloud Computing, Data Providers, Platform Businesses, European Parliament, EC
Previous Article
SRB Outlines Upcoming Work Priorities, Issues MREL DashboardRelated Articles
APRA Publishes Results of Climate Risk Self-Assessment Survey
The Australian Prudential Regulation Authority (APRA) has published the findings of its latest climate risk self-assessment survey conducted across the banking, insurance, and superannuation industries.
ACPR Publishes Updates Related to CRD IV and Covered Bonds
The French Prudential Supervisory Authority (ACPR) published a notice related to the methods for calculating and publishing prudential ratios under the Capital Requirements Directive (CRD IV) and the minimum requirement for own funds and eligible liabilities (MREL).
BIS Paper Contributes to Debate on Regulating NBFIs and Big Techs
The Financial Stability Institute (FSI) of the Bank for International Settlements recently published a paper proposing a framework for classifying financial stability regulation as either entity-based or activity-based.
EIOPA Publishes Guidance on Climate Change Scenarios in ORSA
The European Insurance and Occupational Pension Authority (EIOPA) published the risk dashboard based on Solvency II data and the final version of the application guidance on climate change materiality assessments and climate change scenarios in the Own Risk and Solvency Assessment (ORSA).
EBA and ECB Respond to Proposals on Sustainability Disclosures
The European Banking Authority (EBA) and the European Central Bank (ECB) published their responses to the consultations of the International Sustainability Standards Board (ISSB) and the European Financial Reporting Advisory Group (EFRAG) on sustainability-related disclosure standards.
BIS Report Notes Existing Gaps in Climate Risk Data at Central Banks
A Consultative Group on Risk Management (CGRM) at the Bank for International Settlements (BIS) published a report that examines incorporation of climate risks into the international reserve management framework.
EBA Publishes Multiple Regulatory Updates for Regulated Entities
The European Banking Authority (EBA) published the final guidelines on liquidity requirements exemption for investment firms, updated version of its 5.2 filing rules document for supervisory reporting, and Single Rulebook Question and Answer (Q&A) updates in July 2022.
EIOPA Issues SII Taxonomy and Guide on Sustainability Preferences
The European Insurance and Occupational Pensions Authority (EIOPA) published Version 2.8.0 of the Solvency II data point model (DPM) and XBRL taxonomy.
EESC Opines on Proposals on CRR and European Single Access Point
The European Union published, in the Official Journal of the European Union, an opinion from the European Economic and Social Committee (EESC); the opinion is on the proposal for a regulation to amend the Capital Requirements Regulation (CRR).
HM Treasury Publishes Multiple Regulatory Updates in July 2022
HM Treasury published a draft statutory instrument titled “The Financial Services (Miscellaneous Amendments) (EU Exit) Regulations 2022,” along with the related explanatory memorandum and impact assessment.