Traditionally, August has been the silly season where legal
news is thin on the ground and for a while we thought we would have to satisfy
ourselves with the public spat between Elon Musk and Mark Zuckerberg regarding
the future of AI.
However, this year August saw the Government make
announcements concerning two fundamental pieces of tech law legislation that
would have been easy to miss if you’ve been away. Firstly, was a ‘statement
of intent’ to introduce a new Data Protection Bill followed a day later by
publication of a consultation on how to implement the EU
Network & Information Services (NIS) Directive.
Now it may be that these announcements slipped out in August
because they concern what are, in reality, EU initiatives that must be
implemented before we Brexit, and that might not be a look the Government wants
at the moment. Or it may just be that time is running out (which of course it
is). Whatever the reason, one consequence is that we have only until 30
September to formulate SCL’s response to the NIS
consultation.
This is an important initiative, regardless of its origin.
The Directive requires the Government to answer awkward questions of who are
essential service providers, what duties can be imposed on them and how the
legislation will function post Brexit. Many of those we advise in utilities and
banking and beyond could be affected by the Directive.
So of course we should do what we can to ensure that the
resulting legislation is both fit for purpose and proportionate so that our
clients and the wider public can be confident in the new regime. Being an
informed voice is one of the many reasons that the SCL exists.
Specifically, the Government is seeking views on:
- the essential services the Directive needs to cover
- penalties
- the competent authorities to regulate and audit specific
sectors - security measures imposed
- timelines for incident reporting, and
- how this affects Digital Service Providers.
Consultation responses are at the heart of SCL’s mission to
inform and educate so I’d urge any member with a view on cybersecurity and who
is in London on 13
September to join us at DLA Piper to formulate our response. Stewart
James will chair the session and is acting as our rapporteur so please come
along to ensure that our response encompasses our expertise.
I look forward to seeing you there but if you cannot make it
then send in any written comments as soon as possible to the SCL
team who will collate them for discussion. This is your chance to
contribute so please do make the most of it.