REGULATORY & POLICY UPDATES  SAMENA TRENDS

        EU Charts Cybersecurity Certification Scheme for 5G


        An EU-wide cybersecurity certification scheme for 5G networks   launch of a year-long probe of the bloc’s security standards in the
        will  be rolled out across the bloc in a  bid to patch technical   field. “But from the information gathered so far, member states
        vulnerabilities in  next-generation  mobile communications,  the   seem to be progressing at a different pace as we implement this
        European Commission said. The move comes as part of the EU’s   measure.”  Meanwhile,  the  Commission’s  internal  market  chief,
        cybersecurity act adopted in 2019, which attempts to encourage   Thierry Breton, said in a statement on Wednesday that the new
        market players to bolster the security of their connected devices in   certification framework could bring EU nations closer together on
        order to achieve EU certification. The bloc’s cyber agency, ENISA,   5G security. “Security is at the core of 5G technology roll-out. EU-
        has been tasked with coming up with the standards required to   wide certification, in combination with other types of measures in
        qualify for the certificate. The cybersecurity of 5G networks has long   the EU 5G Toolbox, supports our efforts to optimize 5G security and
        been on the minds of policy workers in the field, as the EU attempts   patch technical vulnerabilities,” he said. “This is why it is important
        to establish a common approach with regards to the security of   that member  states make further progress in implementing
        next-generation  networks in  light of various concerns  about   the  Toolbox.”  For  their  part,  Chinese  telecoms  manufacturer
        third-country operators. EU nations must make urgent progress   Huawei, who has previously been a cause for concern in some
        on mitigating the risks to 5G telecommunications networks posed   member states, including most recently Sweden, welcomed this
        by certain high-risk suppliers, the European Commission said in   week’s news. “A European cybersecurity certification scheme is
        a progress report published on Friday (24 July). In January last   the  backbone  for  safe  and  secure  5G  operations  in  Europe,”  a
        year, the Commission unveiled its 5G Toolbox, in which EU nations   spokesperson from the company told EURACTIV. “We believe this
        were tasked with assessing the risk profile of telecoms providers,   announcement is a positive step as 5G in Europe is critical for the
        with a view to applying restrictions for those vendors considered   continuation of a resilient Digital Society.”
        to be high-risk. A progress report on the plans in July pressed
        member states to make ‘urgent progress’ on mitigating the risks
        to 5G telecommunications networks posed by certain high-risk
        suppliers.  The  announcement  to  establish  a  cyber  certification
        scheme for 5G comes as the EU attempts to bring member states
        closer together on the issue of telecommunications security. In
        January, the European Court of Auditors said that EU countries
        are  ‘progressing  at  different  paces’  in  terms  of  5G  security
        protocols introduced  by  the European Commission as  part  of
        last year’s toolbox. “Member states have developed and started
        implementing necessary security measures to mitigate risks,” the
        European Court of Auditors’ Paolo Pesce said, speaking on the



        Industry Groups Welcome EU Privacy Agreement



        GSMA and ETNO called for further action   work  was  still  needed.  “If  regulatory   technological  and market developments,
        to ensure European operators are able to   asymmetries linked to the discrepancy   including  widespread use of VoIP, web-
        compete  effectively with other  players in   between  e-privacy and GDPR persist,   based email and messaging services, and
        the digital  economy,  as  European  Union   European  players will  face hurdles:  this   emerging techniques to track users’ online
        (EU)  member  states agreed  revised rules   is  both a  matter  of  competitiveness and   behavior.  The draft  legislation will  repeal
        on  e-privacy rules  in the  bloc. In a joint   ability to develop European data services   the existing directive, with the aim to cover
        statement, the  industry  associations   inspired by European values,” they added.   electronic communications using publicly-
        welcomed  the agreement,  which comes   The  statement  was  in response to an   available services and networks, and
        after four years of regulatory  wrangling.   agreement  by  the European Council  to   metadata (such as information on location
        They said the telecoms industry was fully   negotiate a mandate on updated e-privacy   and time) related to the communication. In
        committed to the principle of confidential   rules, which aims to define cases in which   addition, to ensure full protection of privacy
        communications  and  supported  the  service providers are allowed to process   rights, and promote trusted and secure IoT,
        continent’s ambitions to lead the  data   electronic communications  data,  or have   the rules will  cover machine-to-machine
        economy.  They  added the move  was  an   access to data stored on end user devices.   data transmitted via a public network. The
        important  step in  the right direction  in   It  follows  work led by  the Portuguese   Portuguese presidency will now begin talks
        efforts  to  align e-privacy  with  General   presidency to update the existing e-privacy   with the European Parliament to define the
        Data Protection Rules (GDPR), but warned   directive from 2002  to  cater  for new   final text.



                                                                                                    106   FEB-MAR 2021