Governance & Risk Management , Privacy , Security Operations

New EU Laws: An Opportunity for Threat Actors?

Proposed EU Legislation Raises InfoSec Fears, Says Victoria Baines
Dr. Victoria Baines, visiting fellow, Bournemouth University

Two major EU pieces of legislation - the Digital Markets Act and the Digital Services Act - are about to change the digital landscape. Academic Victoria Baines discusses how the proposed legislation might be problematic for information security.

See Also: Using the Netskope HIPAA Mapping Guide

The Digital Markets Act and the Digital Services Act are "really about renovating the e-Commerce Directive," which dates back to 2000, Baines says.

She says that part of the Digital Services Act obliges "gatekeepers" - which include platforms such as Microsoft, Amazon and Google - to "refrain from combining personal data sourced from core platform services with personal data from any other services that they offer." This essentially means that these platforms cannot conduct cross-platform investigations, she says.

Baines warns that this could potentially leave the door open to threat actors. "If Big Tech is unable to do cross-platform investigation and analysis, that means that more threats will go unidentified that use their platforms as vectors," she says.

In a video interview with Information Security Media Group, Baines discusses:

  • An overview of the Digital Markets Act and Digital Services Act and the current status of the legislation;
  • How the proposed EU legislation could change the InfoSec landscape;
  • How these laws shift the balance between privacy, security and safety.

Previously, Baines was trust and safety manager for Europe, the Middle East and Africa at Facebook, and before that she was responsible for threat analysis and industry outreach at the EC3's strategy and prevention team. Prior to that, she was principal analyst at the U.K. Child Exploitation and Online Protection Center, a command of the National Crime Agency, where she was responsible for the U.K.’s threat assessment of online child abuse.


About the Author

Anna Delaney

Anna Delaney

Director, Productions, ISMG

An experienced broadcast journalist, Delaney conducts interviews with senior cybersecurity leaders around the world. Previously, she was editor-in-chief of the website for The European Information Security Summit, or TEISS. Earlier, she worked at Levant TV and Resonance FM and served as a researcher at the BBC and ITV in their documentary and factual TV departments.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.