Belgium has positioned itself as one of the first countries to proactively publish a draft of the much-anticipated “NIS2 Law.” This move signifies a crucial step in the nation’s commitment to enhancing cybersecurity and digital infrastructure. The draft law is now open for public consultation, with stakeholders invited to submit their comments by December 21st.
Bereas’ Involvement in the Consultation Process
In response to this development, Bereas is eager to play a role in the consultation process. We recognize the importance of this legislation and its potential impact on the domain name and cybersecurity sectors. We are committed to working alongside our members to provide insightful feedback and suggestions for improvements to the draft.
Key Concerns and Focus Areas
Our focus in reviewing the draft law centers on a couple of pivotal concerns:
Application Scope for Domain Sellers: The draft currently encompasses all domain name registrars and resellers, regardless of their size. We seek clarity, assuming the intent is to apply “Article 28” from the original NIS/2 directive universally to all registrars and resellers, while tailoring other aspects like cyber security requirements according to the size and scope, just like for companies not selling domain name registrations.
Addressing Regulatory Shopping Risks: A critical issue in the draft is the potential for regulatory shopping, particularly concerning non-Belgian TLDs. We aim to collaborate with lawmakers to ensure the law can not be easily by-passed by cybercriminals while inadvertently creating anti-competitive conditions.
The draft NIS2 Law is accessible for review at Public Consultation on Preliminary Draft NIS2 Law.