The Czech Republic’s implementation of the EU’s NIS2 cybersecurity directive has been strongly criticised by mobile operators, who claim that the Czech legislation is among the most stringent in Europe and would put their business at risk.

According to mobile operators active in the market, the proposed law would give too much power to the cybersecurity authority – the National Cyber and Information Security Agency (NUKIB).

Mobile operators argue that new legislation would allow NUKIB to ban selected suppliers based on the agency’s decision. This could apply, for example, to technology suppliers from non-democratic countries such as China.

“A super-agency will be created that will independently determine the scope of regulation in the form of its own decree, independently set the evaluation criteria for supplier security, carry out the evaluation based on its own methodology and independently decide on the restriction or exclusion of a particular supplier,” Jiří Grund, president of the Czech Association of Mobile Service Providers (APMS), told Euractiv Czechia.

According to Grund, such a high concentration of power is unacceptable in a democratic state governed by the rule of law.

Vodafone Czech Republic Vice-President Jan Klouda also told Euractiv Czechia that the bill is much stricter than required by the EU’s NIS2 directive or the European Commission’s 5G network security guidelines.

NUKIB rejects the accusation of creating a “super-agency”.

“NUKIB will not evaluate the democratic character of individual countries,” Marek Vala, the NUKIB spokesman, told Euractiv Czechia. According to Vala, potential supplier restrictions would be made in cooperation with other state authorities.

“Simply put, NUKIB, along with other partners, will look into whether a given vendor meets the set and necessary security parameters for entry into systems of critical or strategically important national infrastructure,” Vala explained.

A spokesman for the Cyber Agency also rejected the claim that the Czech Republic would have stricter rules than other EU member states. He said the draft law was within the scope of the European NIS2 regulation.

However, other organisations have joined the mobile operators in their criticism. The Czech Union of Towns and Municipalities argues that NUKIB has been unable to calculate the new law’s costs.

The association complained that the proposal creates a “confusing, opaque and thus very challenging situation”. City representatives also said that meeting all the security obligations would be beyond their financial and human capacity.

(Dávid Pásztor, Aneta Zachová | Euractiv.cz)

Source