The European Union (EU) has adopted its first Cybersecurity Certificate scheme to boost cybersecurity in products and services sold within the EU states, amid ongoing investigations of alleged corruption in Brussels.
The European Cybersecurity Scheme on Common Criteria (EUCC) drafted by the European Union Agency for Cybersecurity (ENISA) was adopted on Wednesday as the first scheme within the EU cybersecurity certification framework. ENISA is also already developing two additional cybersecurity certification schemes: EUCS on cloud services and EU5G on 5G security.
But the announcement coincided with another press release published by the EU on the same day. On Wednesday, Jan 31st, 2024, the Committee on Civil Liberties also endorsed the draft negotiating mandate for stronger rules against corrupt decision-makers across all levels in the EU. Members of the European Parliament (MEPs) amended the draft anti-corruption provisions to cover “any person entrusted with tasks of public interest or in charge of a public service”, with top EU decision-makers, European Commissioners, the President of the European Council and MEPs to be added to the category of “high-level officials” who will now be subjected to more severe rules than in the past.
€900k in alleged bribes found in Vice-President possession
High-level corruption coupled with its deepening economic problems has been undermining the EU’s global credibility for decades. In the 1990s it was revealed that organized crime in Southern Europe was skimming billions of euros from EU subsidies. But despite the efforts of the EU’s in-house policing agency, Europol, endemic corruption in Brussels still appears to thrive. As recently as December 2022, police found €900,000 in alleged bribes from Qatar and Morocco stuffed into bags at the home of the European Parliament’s vice-president, Greek MEP Eva Kaili. Kaili and three others were subsequently placed under arrest in what is still an ongoing investigation.
Astonishingly, data collected by The Journal, Noteworthy and other European media partners also reveals that 25 percent of sitting MEPs have been involved in some type of misbehavior or public outrage on a national or international level.
At a time when its credibility is severely under threat, the EU is trying its hardest to extend its regulatory authority beyond Europe’s shores, despite the fact that a growing number of tech companies are increasingly skeptical of Brussels’ ability to administer the new international cyber regulations honestly.
To achieve this, the EU is stealthily building a stringent regulatory framework that will heavily impact any companies, even those on the other side of the Atlantic in the US, wishing to sell digital products and/or online services in countries anywhere within the EU block. In December 2023, for example, the EU reached an agreement on the Cyber Resilience Act (CRA), which aims to introduce security requirements for all connected device manufacturers within the Union.
