Council Conclusions on Cybersecurity of Connected Devices
20 January 2021
2018-Max_Planck_Herr_Wahl_1355_black white_Zuschnitt.jpg Thomas Wahl

On 2 December 2020, the Council approved conclusions on the cybersecurity of connected devices. The Council highlights that connected devices, including machines, sensors and networks that make up the Internet of Things (IoT) will not only play a key role in further shaping Europe’s digital future, but also entail numerous security issues. The conclusions set out priorities to address risks related to privacy, information security and cybersecurity, and to boost the global competitiveness of the EU’s IoT industry by ensuring the highest standards of resilience, safety and security. They, inter alia, highlight the importance of reinforcing resilient and secure infrastructures, products and services for building trust in the Digital Single Market and within the European society. The EU’s core values must be preserved, in particular privacy, security, equality, human dignity, rule of law, and open internet. Priorities in the area of cybersecurity of connected devices should be:

  • Assessing the need for a horizontal legislation that addresses all cybersecurity aspects and that will also serve as the basis for product placement on the market;
  • Elaborating additional certification schemes for connected devices, which will also require the setting of cybersecurity norms, standards, and technical specifications;
  • Supporting SMEs, which should be an essential building block of the European cybersecurity ecosystem, in particular if standardisations are developed.

The policy in cybersecurity comes along with the EU’s efforts to the digital transformation. This is one of the key policy priorities of Commission President Ursula van der Leyen and is also backed by the EU leaders. At the Special European Council meeting on 1-2 October 2020, the heads of state and government confirmed the ambition for an acceleration of the digital transition and agreed that at least 20% of the funds under the Recovery and Resilience Facility would be made available for achieving objectives such as:

  • Fostering the European development of the next generation of digital technologies, including supercomputers, quantum computing, blockchain and human-centric artificial intelligence;
  • Accelerating the deployment of very high capacity and secure network infrastructures (e.g. 5G) all over the EU
  • Enhancing the EUʼs ability to protect itself against cyber threats.

News Guide

EU Data Protection


2018-Max_Planck_Herr_Wahl_1355_black white_Zuschnitt.jpg
Thomas Wahl

Max Planck Institute for the Study of Crime, Security and Law (MPI CSL)

Public Law Department

Senior Researcher