The European Commission (EC) has published a new Standardization Strategy outlining the EU's approach to standards within the Single Market as well as globally. The Strategy is accompanied by a proposal for an amendment to the Regulation on standardization, a report on its implementation, and the 2022 annual Union work programme for European standardization. This new Strategy aims to strengthen the EU's global competitiveness, enable a resilient, green, and digital economy, and to enshrine democratic values in technology applications. The new Standardization strategy illustrates the EU approach to standards concerning the Single Market and globally proposes five main actions:

• Anticipate, prioritize and address standardization needs in strategic areas

• Improve the governance and integrity of the European standardization system

• Enhance European leadership in global standards

• Support innovation

• Enable the next generation of standardization experts

European Committee for Standardization (CEN) and European Committee for Electrotechnical Standardization (CENELEC), two of the three officially recognized European Standardization Organizations, welcome the new European Standardization Strategy which reinforces the common efforts to deliver on the ambitions of the twin transition.

The Strategy, newly released by the European Commission, aims to respond to the need for Europe to strengthen the strategic role standards play in the Single and the Global Market. It sets the pathway to better support Europe’s competitiveness and strategic autonomy, facilitate the dissemination of European innovations and ensure that European and international standards are in line with the EU's interests and values. CEN and CENELEC share the value the Strategy gives to standards as a key tool to contribute to a resilient green and digital transformation of the EU’s industrial ecosystem.

As part of the European Standardization Package, the Commission presented a proposal for an amendment to Regulation (EU) No 1025/2012 – which sets the principles for how the European Standardization Organizations (ESOs) support European legislation – and subjected it to a consultation process to receive input from interested stakeholders. In particular, the proposed amendment concerns the decisions of ESOs concerning European standards and European standardization deliverables.

Given the relevance of the topic and their commitment to contribute to the reflection on the future of the European Standardization System (ESS), CEN and CENELEC, as two of the officially recognized ESOs, issued a response. In particular, the two organizations welcome the proposed amendment of Regulation 1025/2012 and the fact that it emphasizes the national delegation principle.

The Commission proposed new rules on who can use, and access data generated in the EU across all economic sectors. The Data Act will ensure fairness in the digital environment, stimulate a competitive data market, open opportunities for data-driven innovation and make data more accessible for all. It will lead to new, innovative services and more competitive prices for aftermarket services and repairs of connected objects. This last horizontal building block of the Commission's data strategy will play a key role in the digital transformation, in line with the 2030 digital objectives. 

In addition, the Data Act reviews certain aspects of the Database Directive, which was created in the 1990s to protect investments in the structured presentation of data. Notably, it clarifies that databases containing data from Internet-of-Things (IoT) devices and objects should not be subject to separate legal protection. This will ensure they can be accessed and used.

Privacy and personal data protection are essential in our current society as our offline and digital experiences are increasingly entwined. To ensure that these essential values are taken into account early on in the development of products and services, newly developed EN 17529 ‘Data protection and privacy by design and by default’ provides manufacturers and service providers with requirements before, or independently of, any specific application integration.

EN 17529 was developed in response to a request from the European Commission and is a perfect example of how European standards can be developed to complement international adoptions to address European values. Under this same mandate, there are also two Technical Reports that are currently being finalized which contain recommendations on how to integrate the principle of ‘data protection and privacy by design’ during the entire lifecycle of biometric access-control products and services, in order to achieve ‘data protection and privacy by default’. EN 17529 was developed by CEN-CLC/JTC 13 ‘Cybersecurity and Data Protection’, the Secretariat of which is currently held by DIN. JTC 13 is currently working on more standards to address similar issues, notably through its Working Group 5 ‘Data Protection, Privacy and Identity Management’.

The Commission proposed new rules to establish common cybersecurity and information security measures across the EU institutions, bodies, offices and agencies. The proposal aims to bolster their resilience and response capacities against cyber threats and incidents, as well as to ensure a resilient, secure EU public administration, amidst rising malicious cyber activities in the global landscape. 

Cybersecurity Regulation: The proposed Cybersecurity Regulation will put in place a framework for governance, risk management and control in the cybersecurity area. It will lead to the creation of a new inter-institutional Cybersecurity Board, boost cybersecurity capabilities, and stimulate regular maturity assessments and better cyber-hygiene. It will also extend the mandate of the Computer Emergency Response Team for the EU institutions, bodies, offices and agencies (CERT-EU), as a threat intelligence, information exchange and incident response coordination hub, a central advisory body, and a service provider.

The European Standards Organizations (ESOs), CEN, CENELEC and ETSI, joined forces with ENISA, the European Union Agency for Cybersecurity, to organize their 6th annual conference. The virtual conference focused on ‘European Standardization in support of the EU cybersecurity legislation’. The event opened with the European Standards Organizations, ENISA and the European Commission giving an overview of the EU cybersecurity standardization landscape. 

The purpose of the conference was twofold. First of all, the event presented current developments in the area of cybersecurity standardization. It also fostered a dialogue among policy makers, industry, research, consumer associations, standardization, and certification organizations, including all of those involved in the development of the ICT certification framework in Europe.

The EU Agency for Cybersecurity seizes the opportunity of the standardization conference to issue two new reports on standardization in support of cybersecurity policy. The first is overview of existing standards in relation to risk management describing methodologies & tools used to meet standards’ requirements. The second report focuses on 5G cybersecurity and analyzes standards contributing to the mitigation of technical and organizational risks in the 5G ecosystem. Both reports identify standardization gaps, and provide recommendations to enhance standards coverage in these areas, based on the needs of stakeholders.

ICT standardization plays an important role for interoperability and innovation and its practice remains a topic that is not easily accessible. To try to remedy this situation and prepare the next generation of standards professionals, ETSI has developed comprehensive teaching materials on education about ICT standardization. Written by a team of professors, researchers, and standards professionals, the first edition of the textbook was published in 2018 with the support of the European Commission and the EFTA Secretariat. We are now launching a fully revised and enriched edition of these teaching materials. These are targeted at third-level education, primarily for students of engineering or scientific subjects. The book and the slide set are structured in a modular form so that components can be used in business or law courses, or the whole can be used as a course on standardization in engineering degrees.

Due to the rapid technological advances in ICT, ICT standardization seems to become increasingly restricted to the expert, while remaining mysterious to the non-expert. Thus, the textbook is an attempt to remove the accessibility barriers related to the understanding of ICT standardization. The 1st Edition and the associated slides have already been used by many universities and students throughout Europe. The textbook and a comprehensive set of slides are available from the ETSI website free of charge at https://www.etsi.org/media-library/education

The Commission proposed to update the EU consumer rules to empower consumers for the green transition. The updated rules will ensure that consumers can take informed and environment-friendly choices when buying their products. Consumers will have a right to know how long a product is designed to last for and how, if at all, it can be repaired. In addition, the rules will strengthen consumer protection against untrustworthy or false environmental claims, banning ‘greenwashing' and practices misleading consumers about the durability of a product.

The European Commission presented proposals to update and modernize the Industrial Emissions Directive, key legislation to help prevent and control pollution. Updated rules will help guide industrial investments necessary for Europe's transformation towards a zero-pollution, competitive, climate-neutral economy by 2050. They aim to spur innovation, reward frontrunners, and help level the playing field on the EU market. The revision will help provide long-term investment certainty, with first new obligations on industry expected in the second half of the decade.  

The revision builds on the overall approach of the existing Industrial Emissions Directive, which currently covers some 50,000 large industrial installations and intensive livestock farms in Europe. These installations need to comply to emissions conditions by applying activity specific ‘Best Available Techniques'. These techniques are determined together by industry, national and Commission experts, and civil society. The new rules will cover more relevant sources of emissions, make permitting more effective, reduce administrative costs, increase transparency, and give more support to breakthrough technologies and other innovative approaches.