NIS 2 Directive Article 42 – Amendment of Regulation (EU) No 910/2014

Introduction

The NIS 2 Directive, also known as the Directive (EU) 2021/1937, brings significant changes to the cybersecurity landscape in the European Union. One of the key amendments under this directive is the revision of Regulation (EU) No 910/2014, which pertains to electronic identification and trust services for electronic transactions in the internal market. In particular, Article 42 of the NIS 2 Directive addresses the deletion of Article 19 from Regulation (EU) No 910/2014, with the amendment set to take effect from 18 October 2024.

1. Understanding Regulation (EU) No 910/2014: Regulation (EU) No 910/2014, also known as eIDAS Regulation, was established to create a framework for electronic transactions within the EU. It aimed to facilitate trusted electronic interactions between businesses, citizens, and public authorities while ensuring the security and integrity of digital transactions. The regulation recognizes electronic signatures, electronic seals, time stamps, and other electronic trust services as legally binding across all EU member states.

2. The Deletion of Article 19: Article 19 of Regulation (EU) No 910/2014 pertained to the mutual recognition of electronic identification means within the EU. This article set out the rules for member states to recognize and accept electronic identification schemes issued by other member states. However, with adopting the NIS 2 Directive, Article 19 is being deleted, marking a significant change in the landscape of electronic identification and trust services.

3. Implications of the Deletion: The deletion of Article 19 signifies a shift in the EU's approach to electronic identification. While the mutual recognition of electronic identification means was aimed at promoting cross-border digital interactions, its removal suggests a reevaluation of the existing mechanisms and the need for a more robust and harmonized approach to electronic identification and trust services.

4. Amendments under NIS 2 Directive Article 42: Article 42 of the NIS 2 Directive lays out the provisions for amending Regulation (EU) No 910/2014, particularly the deletion of Article 19. The directive emphasizes the importance of ensuring the security and reliability of electronic transactions while adapting to the evolving cybersecurity landscape. By revising the existing framework, the EU aims to enhance the trustworthiness and effectiveness of electronic identification and trust services.

5. Timeline and Implementation: Deleting Article 19 from Regulation (EU) No 910/2014 is scheduled to take effect from 18 October 2024. This timeline allows member states and stakeholders to adapt to the changes and implement the necessary measures to align with the amended regulations. It also provides a transition period to ensure the continuity of electronic identification services within the EU.

Conclusion

The NIS 2 Directive Article 42 significantly amends Regulation (EU) No 910/2014 by deleting Article 19, which focused on the mutual recognition of electronic identification means. This change reflects the EU's commitment to enhancing cybersecurity and trust in electronic transactions while embracing technological advancements. As the implementation date approaches, stakeholders are encouraged to stay informed and prepare for the new regulatory framework to ensure compliance and seamless digital interactions within the EU.