From 16-17 February, CENTR’s Legal and Regulatory Working Group, that brings together ccTLD legal experts from all over Europe and beyond, met in Brussels for a day and a half of discussions, focusing in particular on cybersecurity and the upcoming implementation of the NIS 2 Directive. The group welcomed guest speakers from the European Commission and ENISA, and focused on the impact of NIS 2 on digital infrastructure actors, such as TLD registries, and the role of the EU institutions/agencies within the implementation phase.
During this meeting, the Legal & Regulatory Working Group (L&R WG) also appointed Julie Michel (.eu) as Chair and Andreia Brito (.pt) as Vice-Chair, both for a period of two years. We would like to take this opportunity to thank Ann-Cathrin Marcussen (.no), the outgoing L&R WG Chair for her dedication and support over the years and welcome the new team!
The theme of NIS 2 was particularly topical as the NIS 2 Directive officially entered into force at the end of 2022, and so the implementation phase has now begun within EU Member States. The representatives from the European Commission and ENISA provided invaluable insights into the thinking behind the original Commission proposal and the changes that have come about as a result of this reform. Discussions between the EU representatives and CENTR members were fruitful, focusing on the repercussions of the NIS 2 Directive for European ccTLDs and upcoming guidelines to help with its implementation.
One of the main conclusions from the discussions is that there is still some uncertainty on how each Member State will implement NIS 2, for example in terms of clear definitions of terms such as the verification and accuracy obligation applicable to TLD registries and entities providing registration services, which makes it hard to predict how resource intensive the transposition will effectively be for European registry operators.
CENTR members shared their own approaches to compliance efforts with the NIS 2 Directive, highlighting the existing processes and reporting procedures they have in place, the main stakeholders they are working with and the work they still have to do. The general feeling is that European registry operators are generally well-equipped for the upcoming compliance with the NIS 2 Directive. See CENTR’s White paper on the existing practices and challenges regarding registration data accuracy in European national domain registries.
The new Chair of the working group, Julie Michel, reflected on the importance of CENTR members continuing to meet and exchange, in particular on topics such as this. “I’m deeply honoured to have been elected as Chair of the Legal & Regulatory Working Group and thrilled to continue assisting the CENTR Secretariat! Increasing online safety and the interconnectivity between cybersecurity mechanisms across the EU is legitimate (if not needed) however, taking into account the national environment of each ccTLD registry operator is essential. With a constantly evolving legislative landscape imposing new requirements (such as cybersecurity risk-management measures, reporting obligations etc.), our role as legal counsels within ccTLD registries is becoming increasingly complex and requires new technical / security skills and resilience. I’m deeply convinced that CENTR is the best existing place to learn from each other, to exchange our positions with stakeholders and to identify the good practices that will lead to shaping our role as ccTLD registries for the future. Together with Andreia de Brito, we intend to maintain the legendary conviviality of our working group, to contribute to ensure a varied representation during our exchanges and to promote cross-working group exchanges.”
Andreia de Brito shared the sentiment, adding that: “attending to the challenging regulatory times we are all facing, I believe this is the perfect time frame for me to be more actively involved and participative in the many discussions ahead of the L&R WG. It’s really important to motivate all members to participate more actively in our meetings (in person and online) and to keep sharing relevant information with each other. Lastly, off course, we shall not forget to continue developing our friendship, to network, built trust and (also) have fun!”
From left to right: Polina Malaja (CENTR), Ann-Cathrin Marcussen (.no), Andreia de Brito (.pt), Julie Michel (.eu)