On 26 November 2021, the Council of the European Union published a draft compromise proposal for a NIS 2.0 Directive. The document also identifies as main political issues: the scope of the NIS 2.0 proposal, the inclusion of public administration under the scope of NIS 2.0, the exclusion clause of Art. 2(3)(a) NIS 2.0 proposal, the interaction with sectorial legislation, the peer-learning mechanism, jurisdiction and territoriality, mutual assistance and the reporting obligations with the risk of over-reporting.
On 3 December 2021, the Council adopted the position on measures for a high common level of cybersecurity across the EU as its ‘general approach’, to further improve the resilience and incident response capacities of both the public and private sector and the EU as a whole.
The general approach reached in December will allow the Council presidency to start negotiations with the European Parliament. Both the Council and the European Parliament will need to agree on the final text.