Netnod comments on the Danish NIS Directive

On the 24th November 2017, Netnod sent a response to the Danish Government related to the proposed implementation of the EU Directive on Security of Network and Information Systems (NIS) in Denmark.

Netnod have provided comments on "Udkast til forslag til lov om sikkerhed i net- og informationssystemer for operatører af væsentlige internetudvekslingspunkter m.v.". A link to Netnod's full response can be found below. In the comments Netnod specifically provide two points:

1. The contact point for certain services depends on the implementation of Directive 2016/1148 in another member state. In the case of Sweden and IXPs, it might not be the CSIRT, but instead the regulator PTS as IXPs are covered by the implementation of relevant portions of Directive 2002/21/EC.

2. If an organization in one member state provide services in also other member states it is our view that the legislation applies that is implemented in the member state where the organization resides. In the case of Netnod that is Sweden, and oversight over Netnod operation is the The Swedish Post and Telecom Authority (PTS) and specifically in this case PTSFS 2015:2 Post- och telestyrelsens föreskrifter om krav på driftsäkerhet.

To view the full response, see the attached document.