Rapporteur: Peter Van Roste, CENTR
- FYI: companies outside EU have to choose a representative in EU (DNS, cloud, data centre, search engine)
- Might be worth to further look into or discuss horizontal vs vertical approaches when defining scope and seeking alignment between NIS2 and other instruments (e.g. EECC)
- Multistakeholder bodies rely on multilateral bodies for their support, rather then trying to immediately seek multi-lateral solutions
- Need to educate companies on what is applicable to them, help them and guide them into compliance
- Concerning registration data, GDPR defines the principles that data controllers should follow. NIS2 is compliant with these principles.
- There are existing policies within European ccTLDs to ensure registration data accuracy, dependent on national laws and availability of eID solutions.
- More clarity is needed on accountability and the roles of different entities under the scope of NIS2.