NordVPN Promotion

Home / News

NIS 2 Directive Set for Implementation with New Guidelines, But Concerns Remain

NIS Cooperation Group (Composite: CircleID illustration)

The NIS Cooperation Group has released critical guidance for the implementation of Article 28 under the NIS 2 Directive, focusing on registration data accuracy obligations for top-level domain (TLD) registries, registrars, and related services in the EU. The guidance, issued on September 18, emphasizes the need for accurate data collection, verification, and publication of non-personal data to enhance cybersecurity across the European Union’s internet infrastructure.

CENTR’s mixed response: The recommendations have been welcomed by CENTR, an association representing European country-code TLDs (ccTLDs), which applauded the guidance for incorporating the concerns of European ccTLD operators. However, CENTR also expressed disappointment that the relationship between Article 28 and data protection regulations, particularly the General Data Protection Regulation (GDPR), remains inadequately addressed. This is especially concerning given the extraterritorial reach of the directive, which applies to both EU and non-EU domains, such as .com and .info.

Data accuracy obligations: Article 28 introduces stringent data accuracy obligations for TLD registries, requiring verification of domain holders’ data and permitting access to personal information by legitimate authorities. While the guidance offers flexibility, such as not applying obligations retroactively to existing domains, concerns persist over how to reconcile these demands with global privacy standards and avoid excessive data collection.

As EU Member States approach the October 17 deadline to transpose the directive into national law, questions around data protection, cooperation with global entities, and the extraterritorial enforcement of these obligations remain unresolved.

BLACK FRIDAY DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]
By CircleID Reporter

CircleID’s internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us.

Visit Page

Filed Under

Comments

No More Excuses Rick Lane  –  Oct 1, 2024 11:34 AM

Looking forward to ICANN implementing the NIS2 Article 28’s stringent data accuracy obligations for TLD REGISTRIES, requiring verification of domain holders’ data and permitting access to personal information by legitimate authorities. The RDRS is not in compliance.

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Cybersecurity

Sponsored byVerisign

Brand Protection

Sponsored byCSC

IPv4 Markets

Sponsored byIPv4.Global

Domain Names

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API

DNS

Sponsored byDNIB.com

New TLDs

Sponsored byRadix

NordVPN Promotion