New challenges for the European cybersecurity legislations - New report from

Home » News » New challenges for the European cybersecurity legislations - New report from

Europeans have set high standards for cybersecurity and digital privacy. The General Data Protection Regulation (GDPR), introduced in May 2018, provides new rules to give citizens more control over their personal data, and a competitive edge to compliant business. The National and Information Security (NIS) Directive on the other hand, is the cornerstone of the EU’s cybersecurity architecture. It provides legal measures to boost the overall level of cybersecurity in the EU. The two legislative instruments are strictly intertwined, with the NIS Directive provides legal measures to boost the overall level of cybersecurity in the EU as a necessary complementary set of rules to the GDPR.

A new report from the EC-funded project offers insight into the supporting role between the regulatory framework that has been implemented within the EU and the market that needs to apply it to the activities it carries out.  The document discusses the interplay of the two legal frameworks, in order to state their requirements, and to help the policy-makers understand their intricacies.

The report also looks at the impact of the GDPR on emerging technologies. The broad scope of GDPR has raised fresh challenges, in the face of emerging technologies such as Artificial intelligence (“AI”), IoT and blockchain. Such technologies are now key competitive factors for businesses in boosting performance, productivity and the European Digital Single Market.

AI for example, is component of the future of technology and cyberspace, which can be implemented in the systems, software and devices of different sectors. [1] From a data protection perspective, AI is typically utilized as a tool for automated decision-making and profiling, by leveraging algorithms to process a large volume of data.[2] The challenges arise where the processing done by the AI is of such nature that it creates significant effects for the data subjects.

The report provides a set of recommendations for European policy makers, drawing on discussions from Europe’s leading cybersecurity and privacy R&I projects at the second Concertation meeting held in June.

Recommendations include a call for greater guidelines on emerging technologies in relation to data protection and data minimization so that  companies do not fall foul of the law. Greater funding for more research to provide tools and services to address this and other challenges is also required.  

To find out more on this, blockchain and also insurability of GDPR-related risks, then download the report here.

You can also check the recorded webinar video on "GDPR Compliance in the age of emerging technologies".


CyberSolace, has added a new niche capability to its portfolio of cybersecurity consulting services in the form of Crypto-Currency traceability services in Cybercrime cases.  Especially in relation to ransomware attacks and extorted funds tracing and recoverability.

Future Events

The sec4dev Conference & Bootcamp is a Vienna-based security event which targets one very specific group: people involved in software development.

From February 24-27 2020 experts will gather in the TU Wien to discuss and promote, among other things, secure coding, security testing, automation and continuous integration.

24/02/2020 to 27/02/2020

As Europe’s largest legal technology conference and exhibition, The British Legal Technology Forum 2020 will bring together the most respected professionals from both the legal and commercial technology sectors to examine and explore the systems, strategies, processes and platforms that will drive law firms and legal businesses into the next decade and beyond.