Within weeks, new EU cybercrime laws are expected to begin a phase of intergovernmental talks. They are likely to undermine essential characteristics of the worldwide web if implemented in the form recommended by the EU Council. The updated Directive on the Security of Network and Information Systems, known colloquially as NIS 2, would replace the EU’s current cybersecurity regulations, with the stated goal of adapting to quickly evolving cyber risks. This Directive aims, among several other things, to boost cybersecurity among emerging sectors, notably internet infrastructures as well as digital carriers, and to increase cooperation between member states’ cybersecurity systems. However, a variety of digital carriers that comprise the foundation of the internet’s infrastructure are included in the planned new laws. These are regulated by a set of collaborative norms that seek to guarantee that services and infrastructure are optimized for user advantage.
Numerous European and global technology industry leaders have expressed concern about how the suggested Directive will impact their corresponding sectors of interest. The line between European as well as worldwide internet infrastructure companies is frequently blurred. Consider how rapidly the web would fracture if each area established its laws to govern worldwide services. The risk of harm is real: global network infrastructure companies, such as domain name system services as well as certificate authorities, may choose to exit the European market to escape the complexities that NIS2 standards would entail, lowering the number of providers. Those who opt to stay but then become non-compliant could find themselves blocked from the marketplace, and their clients may discover that a service on which they rely is no longer accessible.
This might also result in market concentration while stifling the expansion and availability of broadband infrastructures, most of which are now offered for free by non-profit organizations. Companies in Europe might find it harder to cope with than their international counterparts that continue to have a greater range of alternative suppliers in their distribution chains. Pressing digital European enterprises at a time when economic expansion is most necessary, is counterintuitive to digital development aims. NIS 2 will also have ramifications for the EU’s worldwide internet regulation credibility. Because of the global character of the internet infrastructure, it is impossible to govern it in one country without causing extraterritoriality difficulties in other places.
This may result in unforeseen confrontations between distinct laws, resulting in unpredictability and ambiguity. The EU’s measures will inspire other nations or regions to enforce their top-down ideals on institutional arrangements, as they did in the past. When this happens, the EU will lose its legitimacy and will be unable to fight these measures. NIS 2 would enable other nations free rein to mold the web as they see fit, including for the purposes of local censorship, monitoring, or control purposes. The EU’s commitment to a single internet agenda will make room for a variety of local internal networks that are mostly unconnected from one another.