EU Could Treat E-Commerce Companies as ‘Critical Infrastructure,’ Require Enhanced Network Security
June 29, 2015
Last week, EU ambassadors said they were in favor of European Commission wishes to classify e-commerce platforms, Internet payment gateways, app stores, social networks and other “key Internet services” as critical infrastructure. As such, companies like Google, Twitter and card-not-present payment providers would be subject to the same stringent IT security requirements imposed on banks, energy companies and other strategic services. The EC worked to include Internet companies in its proposed Network and Information Security Directive , but the measure was rejected by European Parliament.
Ambassadors of the EU member states gave their approval for the Council of the EU to continue negotiations with the EC and Parliament on the issue. Those negotiations continue today with parties hoping to come to agreement on the definition of critical infrastructures and how to identify them, rather than on whether Internet companies should be included.