Internet Governance
Netnod believes that the act named Cybersecurity risk management & reporting obligations for digital infrastructure, providers and ICT service managers will not lead to the intended effect.
Netnod believes that the white paper does not take into account the design and architecture of the Internet and does not recognise the importance of the Internet for society.
At a high level Netnod has three main concerns with the NIS2 directive and its Swedish implementation in a cybersecurity context.
Netnod sees several problems with introducing yet another definition of critical and important services, this one in the context of foreign ownership.
On 2 September 2023, Netnod was given the opportunity by Sweden’s Ministry of Defence to comment on an inquiry into models for contingency supply and planning (SOU 2023:50). Netnod is critical that the investigation did not thoroughly investigate the issue of long term infrastructure investments and costs.
On the 23th of February 2023 the European Commission invited actors to comment on the exploratory consultation of “The future of the electronic communications sector and its infrastructure”.
On 19 September 2022, Netnod was given the opportunity by the EU to comment on the EU Commission’s adoption of the Cyber Resilience Act at the EU-level.
Netnod provides expert input in policy, regulatory and governance discussions that directly impact the context within which we operate.
Netnod has responded to the final report of the investigation on secure and cost-efficient IT operations (SOU 2021:97) and sees two issues: the report considers existing legislation as a strict environment; and it does not cover the current needs of the public sector.
Netnod does not recommend moving forward with the current proposal related to the localisation principle for municipal broadband expansion.
Netnod have responded to an open consultation on SOU 2021:63 “Sveriges säkerhet - behov av starkare skydd för nätverks- och informationssystem. This is in turn based on REGULATION (EU) 2019/881 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 April 2019 on ENISA (the European Union Agency for Cybersecurity) and on information and communications technology cybersecurity certification and repealing Regulation (EU) No 526/2013 (Cybersecurity Act).