Find out today what the legal world will be talking about tomorrow.
IT security: Higher requirements for cloud providers, search engines, and online marketplaces
Providers of these services will be required to establish technical and organizational measures to meet security risks of network and information systems used to provide the digital services. According to the draft law, providers additionally need to take precautionary measures to prevent or minimize the impact of security incidents on the digital services and must report security incidents to the Federal Office for Information Security (BSI).
In case of indications of a violation of the security requirements, the draft law provides for an authorization of the BSI to require evidence of security and the elimination of detected safety deficiencies by the service providers. Accordingly, non-compliance of the new provisions will be punishable as an administrative offense.
It remains to be seen whether the Parliament will discuss the draft law in the current legislative period and adopt the transposition act. EU Member States have until May 9, 2018 to transpose the NIS Directive into national law.