Annexes to COM(2022)741 - EU position on amending Annex XI (Electronic communication, av services, information society) and Protocol 37 (list of Art. 101) to the EEA Agreement (NIS) - Main contents
Please note
This page contains a limited version of this dossier in the EU Monitor.
| dossier | COM(2022)741 - EU position on amending Annex XI (Electronic communication, av services, information society) and Protocol 37 (list of Art. ... |
|---|---|
| document | COM(2022)741  |
| date | January 30, 2023 |
THE EEA JOINT COMMITTEE,
Having regard to the Agreement on the European Economic Area (‘the EEA Agreement’), and in particular Article 98 thereof,
Whereas:
| (1) | Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union (1) is to be incorporated into the EEA Agreement. |
| (2) | Commission Implementing Regulation (EU) 2018/151 of 30 January 2018 laying down rules for application of Directive (EU) 2016/1148 of the European Parliament and of the Council as regards further specification of the elements to be taken into account by digital service providers for managing the risks posed to the security of network and information systems and of the parameters for determining whether an incident has a substantial impact (2) is to be incorporated into the EEA Agreement. |
| (3) | For the EEA Agreement to function well, Protocol 37 to the EEA Agreement is to be extended to include the Cooperation Group set up by Directive (EU) 2016/1148. |
| (4) | Annex XI and Protocol 37 to the EEA Agreement should therefore be amended accordingly, |
HAS ADOPTED THIS DECISION:
Article 1
The following is inserted after point 5cp (Regulation (EU) No 526/2013 of the European Parliament and of the Council) of Annex XI to the EEA Agreement:
| ‘5cpa. | 32016 L 1148: Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union (OJ L 194, 19.7.2016, p. 1). Modalities for association of the EFTA States in accordance with Article 101 of the Agreement: The EFTA States shall participate fully in the Cooperation Group and shall within it have the same rights and obligations as EU Member States, except for the right to vote. |
| 5cpaa. | 32018 R 0151: Commission Implementing Regulation (EU) 2018/151 of 30 January 2018 laying down rules for application of Directive (EU) 2016/1148 of the European Parliament and of the Council as regards further specification of the elements to be taken into account by digital service providers for managing the risks posed to the security of network and information systems and of the parameters for determining whether an incident has a substantial impact (OJ L 26, 31.1.2018, p. 48).’. |
Article 2
The following point is added in Protocol 37 to the EEA Agreement:
| ‘43. | The Cooperation Group (Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union).’. |
Article 3
The texts of Directive (EU) 2016/1148 and Implementing Regulation (EU) 2018/151 in the Icelandic and Norwegian languages, to be published in the EEA Supplement to the Official Journal of the European Union, shall be authentic.
Article 4
This Decision shall enter into force on […], provided that all the notifications under Article 103(1) of the EEA Agreement have been made (*1).
Article 5
This Decision shall be published in the EEA Section of, and in the EEA Supplement to, the Official Journal of the European Union.
Done at Brussels,
For the EEA Joint Committee
The President
The Secretaries
To the EEA Joint Committee
(1) OJ L 194, 19.7.2016, p. 1.
(2) OJ L 26, 31.1.2018, p. 48.
(*1) [No constitutional requirements indicated.] [Constitutional requirements indicated.]