Highlighting Key Strategies for EU’s Digital and Cyber Security Challenges
Both economic and cyber security have increased in significance in Europe. How does the EU respond to this? And how can the EU become a digital powerhouse? Senior Advisors Miia Lindell and Joonas Mikkilä from Technology Industries of Finland answer.
You have said that the European single market has experienced a legislative tsunami in recent years. What is your message to the next EU leaders?
Simply put, it is now crucial to focus on implementation, not new regulation. The digital and data regulations prepared during the current EU term, such as the Data Act and the Artificial Intelligence Act, will have a significant impact on companies. During the next term, EU decision-makers and Member States will have to work with industry to ensure the successful roll-out of these rules.
New regulation should only be considered in exceptional cases and after a thorough impact assessment which should make use of tools based on flexible experimentation and extensive cooperation, such as regulatory sandboxes. They will ensure that legislation is innovation-friendly and future-proof, and help businesses adapt to new requirements.
The EU will continue to focus on curbing climate change and biodiversity loss. How could the EU’s Digital Agenda also support the green transition?
The answer to this can be divided into three parts. Firstly, digitalisation is a key means of promoting, for example, the circular economy in industry. Data and its efficient sharing play a key role in this. Practical solutions are provided by digital product passports based on European standards and data spaces across industries. These solutions provide important information such as product sustainability, raw materials, and safety. In addition, they enable the development of new, environmentally friendly business models.
Secondly, it is still important to increase understanding of the environmental impacts of digitalisation at EU level, whether it concerns energy consumption or material efficiency. At the same time, we need workable solutions and cooperation between Member States.
Thirdly, the Nordic countries have a lot to offer in all of this. EU-funded supercomputer investments should continue to be targeted at countries such as Finland, whose cool climate has the lowest environmental footprint of data processing and where waste heat can be reutilized.
The EU wants to improve access to data while protecting personal information. Can strong data protection and the growth needs of the data economy coexist?
The ongoing mid-term review of the General Data Protection Regulation provides an opportunity to assess how the European data protection system can be reconciled with the growth goals of the European data economy. We support considering a more risk-based approach to the processing of personal data and international data transfers, as well as a critical examination of the consent mechanism. At the same time, it is important to promote the introduction of anonymisation solutions for personal data. This not only protects privacy, but also enables data-driven value creation. In other words, strong data protection and the development needs of the data economy can coexist if the right framework is in place.
Due to geopolitical events, cyber security has also risen more prominently to the EU agenda. What issues would you stress on this front?
In particular, Russia’s illegal invasion of Ukraine has affected the EU’s agenda. Additionally, as part of its war effort, Russia is trying to harm Ukraine by digital means. Russia also engages in similar malign actions in other countries and in their business sector. Taking care of the security of the data and information systems of different actors is thus even more important.
The EU’s cybersecurity policy must be based on proactive and comprehensive cooperation between the private and public sectors, rather than on a military defense mentality. This includes the use of technological and organizational solutions. The EU must focus on creating and maintaining effective mechanisms for detecting, responding to, and recovering from cyber threats. The holders of data and information systems should be placed at the heart of the operations. EU legislation, such as the Cyber Resilience Act and the Cybersecurity Directive, provides a framework for the consistent implementation of risk management.
The cybersecurity industry also needs more qualified experts. In this respect, the EU has a key role to play in supporting Member States, including investments in cybersecurity training and awareness-raising. Finally, Europe must strengthen cooperation with like-minded democracies, for example in the field of information influence protection measures.
Technology Industries of Finland has long promoted the real-time economy, i.e., the digitalisation of trading receipts in Finland. How could the topic also be raised at EU level?
We propose to expand the soft digital infrastructure of the Single Market by creating the building blocks of the European real-time economy. This includes interoperable e-invoices, e-receipts, and other key transaction documents. The aim is to facilitate interaction between companies and streamline official reporting also in cross-border trade. Finland is at the forefront of this development, which provides an opportunity to scale up the solutions developed by us more extensively.
The EU aims to achieve technological leadership in global competition. What measures should the EU focus on in today’s changing geopolitical environment?
Europe’s economic security will improve above all by improving its own technological competitiveness. This is why, firstly, the EU must increase its investment in research and development of critical technologies such as artificial intelligence, quantum computing, distributed computing, and advanced semiconductors. This can be done, for example, by strengthening the resources and technology focus of existing EU research and innovation programs and by implementing sector-specific solutions such as the EU Chips Act.
Secondly, the EU must accelerate the roll-out of 5G networks and maintain its leading position in the development of 6G mobile technology. This will increase the agility, productivity, and sustainability of European industry.
The EU must also promote the interoperability of XR technology, i.e., virtual and augmented reality, by producing standards and voluntary norms. The EU’s new digital regulation must be applied flexibly so that we can adapt to the rapid technological development of XR platforms and related services.
In addition, in a changing geopolitical environment, it is also increasingly important to work more closely with key allies to set norms and standards for the digital age. International cooperation must be a more central part of the EU’s digital agenda. Europe needs to strengthen ties with partner countries, including in the areas of information flows and strategic technologies.