Digital Single Market - Building Trust across Europe (1)

Posted on: July 27, 2015 by Aljosa Pasic

As the European Commission’s plans for the development of a Digital Single Market (DSM) begin to gather pace, concerns are growing around how the scheme will impact current privacy and cyber security readiness and best practices.

The potential benefits of DSM are huge. Currently, only 15 percent of online shoppers in the EU buy something in another country while only 7 percent of small and medium-sized businesses sell across national borders. As the internet economy becomes more prominent it makes sense to enable cross-border commerce in an environment that provides same guarantees and conditions, including cybersecurity and privacy, across the EU. Aiming to “tear down regulatory walls and finally move from 28 national markets to a single one” - the initiative has certainly noble intentions.

The plans for DSM centre on three key pillars:

  • Providing seamless access to digital services throughout the region
  • Setting the conditions of this access
  • The promotion of economic growth, based on potential of sharing and using data

Unsurprisingly, when it comes to the data-driven economy, security and privacy are crucial. These concerns are consistent across all of the member states, but current status and practices can vary. This is why it is as a matter of urgency that common EU rules and regulations for data protection and cyber security are established.

As the DSM is still in its development, conversations around protection requirements for different categories of cross-border digital services have to remain at a high level of abstraction.

That said, the consensus is beginning to lean towards placing the onus for data protection on market operators; asking member states to agree to a minimum level of security or privacy controls and obligatory notifications of breaches. While these control sets are already adopted and implemented by market operators present in a number of countries, they are often disparate and conflicting which can lead to serious challenges in interoperability.

Coco Cloud project

The standardisation of Service Level Agreements (SLAs), that also address security and privacy metrics, could be an important part of the cyber security perspective of the DSM. There is also work to be done in developing a form of SLA automation that would enable continuous monitoring of DSM related regulation compliance. Using machine-readable language for data sharing part of SLAs, for example, consumers could even be sure that data usage and protection rules are being rigorously enforced, as it was demonstrated in European Coco Cloud project. This also means that should a provider agree to delete third party data (once the service contract is finished) then the action is taken automatically by enforcing data usage rules attached to that data.

Ultimately, a DSM should go some way in reducing the risk of cyber security threats across EU. By setting in place minimum privacy and cybersecurity requirements, it also increases a level of trust between member states.

In my next blog, I’ll be looking at the five steps organisations must take to prepare themselves in a Digital Single Market…

Share this blog article

About Aljosa Pasic
Business Development Director
ALJOSA PASIC current position is Technology Transfer Director in Atos Research & Innovation (ARI), based in Madrid, Spain. He graduated Information Technology at Electro technical Faculty of Technical University Eindhoven, The Netherlands, and has been working for Cap Gemini (Utrecht, The Netherlands) until the end of 1998. In 1999 he moved to Sema Group (now part of Atos) where he occupied different managerial positions. During this period he was participating in more than 50 international research, innovation or consulting projects, mainly related to the areas of information security or e-government. He is member of EOS (European Organisation for Security) Board of Directors, and collaborates regularly with organisations such as ENISA, IFIP, IARIA, and others.

Follow or contact Aljosa