EDPB-EDPS Joint Opinion on Cybersecurity Act 2 and NIS 2 Directive Amendments
Summary
The European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) have issued a joint opinion on proposed amendments to the Cybersecurity Act 2 and the NIS 2 Directive. This opinion provides recommendations on the legislative proposals concerning cybersecurity certification and network and information security.
What changed
The EDPB and EDPS have released a joint opinion (4/2026) offering recommendations on two key EU legislative proposals: the Cybersecurity Act 2 and amendments to the NIS 2 Directive. The opinion addresses the implications of these proposals for data protection and cybersecurity frameworks within the European Union, likely focusing on aspects related to data processing, certification schemes, and incident reporting.
This document is a consultation response and serves to inform the legislative process. While non-binding, it signals the data protection authorities' perspective on these critical cybersecurity initiatives. Regulated entities, particularly those in the technology and telecommunications sectors, should review the opinion to understand potential future regulatory directions and ensure their compliance strategies align with evolving EU cybersecurity and data protection requirements.
What to do next
- Review EDPB-EDPS Joint Opinion 4/2026 for insights into proposed cybersecurity legislation.
- Assess potential impacts of the Cybersecurity Act 2 and NIS 2 Directive amendments on data protection practices.
- Incorporate feedback from the opinion into ongoing cybersecurity and data privacy compliance strategies.
Source document (simplified)
An official website of the European Union How do you know?
EDPB-EDPS Joint Opinion 4/2026 2.4MB Download
- Certification
- Cybersecurity and data breach
- EU Legislative proposal and strategy
- GDPR
Latest publications
19 March 2026
- EDPB/EDPS Joint Opinion
EDPB-EDPS Joint Opinion 3/2026 on the Proposal for a European Biotech Act
12 March 2026
- EDPB/EDPS Joint Opinion
EDPB letter to the European Commission on the privacy implications of recent proposed legislative changes regarding entry conditions to the United States for EEA citizens
12 March 2026
- Letters
Data brokers market study
4 March 2026
- Support Pool of Experts projects
Report on stakeholder event on anonymisation and pseudonymisation of 12 December 2025
18 February 2026
- Other
Named provisions
Related changes
Source
Classification
Who this affects
Taxonomy
Browse Categories
Get Data Privacy & Cybersecurity alerts
Weekly digest. AI-summarized, no noise.
Free. Unsubscribe anytime.
Get alerts for this source
We'll email you when EDPB Documents (GDPR) publishes new changes.