Home / News

NIS 2 Directive Set for Implementation with New Guidelines, But Concerns Remain

Protect your privacy:  Get NordVPN  [73% off 2-year plans, 3 extra months]
10 facts about NordVPN that aren't commonly known
  • Meshnet Feature for Personal Encrypted Networks: NordVPN offers a unique feature called Meshnet, which allows users to connect their devices directly and securely over the internet. This means you can create your own private, encrypted network for activities like gaming, file sharing, or remote access to your home devices from anywhere in the world.
  • RAM-Only Servers for Enhanced Security: Unlike many VPN providers, NordVPN uses RAM-only (diskless) servers. Since these servers run entirely on volatile memory, all data is wiped with every reboot. This ensures that no user data is stored long-term, significantly reducing the risk of data breaches and enhancing overall security.
  • Servers in a Former Military Bunker: Some of NordVPN's servers are housed in a former military bunker located deep underground. This unique location provides an extra layer of physical security against natural disasters and unauthorized access, ensuring that the servers are protected in all circumstances.
  • NordLynx Protocol with Double NAT Technology: NordVPN developed its own VPN protocol called NordLynx, built around the ultra-fast WireGuard protocol. What sets NordLynx apart is its implementation of a double Network Address Translation (NAT) system, which enhances user privacy without sacrificing speed. This innovative approach solves the potential privacy issues inherent in the standard WireGuard protocol.
  • Dark Web Monitor Feature: NordVPN includes a feature known as Dark Web Monitor. This tool actively scans dark web sites and forums for credentials associated with your email address. If it detects that your information has been compromised or appears in any data breaches, it promptly alerts you so you can take necessary actions to protect your accounts.
NIS Cooperation Group (Composite: CircleID illustration)

The NIS Cooperation Group has released critical guidance for the implementation of Article 28 under the NIS 2 Directive, focusing on registration data accuracy obligations for top-level domain (TLD) registries, registrars, and related services in the EU. The guidance, issued on September 18, emphasizes the need for accurate data collection, verification, and publication of non-personal data to enhance cybersecurity across the European Union’s internet infrastructure.

CENTR’s mixed response: The recommendations have been welcomed by CENTR, an association representing European country-code TLDs (ccTLDs), which applauded the guidance for incorporating the concerns of European ccTLD operators. However, CENTR also expressed disappointment that the relationship between Article 28 and data protection regulations, particularly the General Data Protection Regulation (GDPR), remains inadequately addressed. This is especially concerning given the extraterritorial reach of the directive, which applies to both EU and non-EU domains, such as .com and .info.

Data accuracy obligations: Article 28 introduces stringent data accuracy obligations for TLD registries, requiring verification of domain holders’ data and permitting access to personal information by legitimate authorities. While the guidance offers flexibility, such as not applying obligations retroactively to existing domains, concerns persist over how to reconcile these demands with global privacy standards and avoid excessive data collection.

As EU Member States approach the October 17 deadline to transpose the directive into national law, questions around data protection, cooperation with global entities, and the extraterritorial enforcement of these obligations remain unresolved.

By CircleID Reporter

CircleID’s internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us.

Visit Page

Filed Under

Comments

No More Excuses Rick Lane  –  Oct 1, 2024 11:34 AM

Looking forward to ICANN implementing the NIS2 Article 28’s stringent data accuracy obligations for TLD REGISTRIES, requiring verification of domain holders’ data and permitting access to personal information by legitimate authorities. The RDRS is not in compliance.

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

IPv4 Markets

Sponsored byIPv4.Global

Threat Intelligence

Sponsored byWhoisXML API

Brand Protection

Sponsored byCSC

New TLDs

Sponsored byRadix

DNS

Sponsored byDNIB.com

Cybersecurity

Sponsored byVerisign

Domain Names

Sponsored byVerisign