The Ukrainian Union of Industrialists and Entrepreneurs is in favor of sending for a second second reading the draft law No. 8087 “On Amendments to Certain Laws of Ukraine Regarding Urgent Measures to Strengthen Cyber Protection Capabilities of State Information Resources and Critical Information Infrastructure”.
.in_text_content_22 { width: 300px; height: 600px; } @media(min-width: 600px) { .in_text_content_22 { width: 580px; height: 400px; } }
The innovation expands the powers of the State Service for Special Communications and Information Protection and obliges private companies to have a cybersecurity officer. Experts believe that the bill needs to be improved in many ways, because, firstly, it affects not only cybersecurity issues, but also national security, the private sector, and advocacy.
This was discussed at public hearings organized by the Ukrainian Union of Industrialists and Entrepreneurs (USPP) together with the Kyiv Region Bar Council.
USPP President Anatoly Kinakh considers it necessary to return bill No. 8087 for a second second reading for significant revision. In his opinion, the shortcomings included in the text of the bill do not meet European standards, especially with regard to state control in this area, the inadmissibility of monopolizing the functions of such control.
I am sure that today we have formed a list of proposals and comments at a serious professional and state level. I hope that today’s hearings will also be taken into account in the course of regulatory procedures in the Verkhovna Rada during further consideration of the bill,” Kinakh said.
USPP experts and management, in particular, Union Vice President Ivan Petukhov, expert Igor Dyadyura and member of the Kiev Region Bar Council Oleg Chernobay criticized the too wide scope of this law, unlike European counterparts, which affect medium-sized businesses at most.
Bill 8087 also covers any act of storing personal data or other digitally restricted information, and thus, according to Chernobay, even an individual lawyer who maintains a database of clients and stores information subject to attorney-client privilege must hire a specialist (officer) in cybersecurity.
There is a nice name for the bill, but when we look at the specifics, we see that it is being amended not only for state information resources and critical infrastructure facilities, but also for the private sector. Thus, the goal of the bill is the same, but its implementation is completely different,” Chernobay added.
Petukhov noted that even a small business that maintains a database of employees or customers can also be subject to the law and incur additional costs.
According to him, the rights of business to appeal against unlawful orders of state bodies are also violated. If he does not have to comply with it, if there is an administrative appeal against the decision, then according to draft law No. 8087, this instruction must be complied with, and then, after the fact, it can already be appealed.
Vitaliy Deinega, Deputy Minister of Defense of Ukraine for Digital Development, Digital Transformation and Digitization, also criticized the bill.
This law may prevent us from digitalizing the army and deploying a digital infrastructure in the conditions of hostilities, he stressed.
Deynega noted that the Ministry of Defense should retain independence in determining the conditions and criteria for the supply of goods, works and services for the functioning of the information and communication systems of the armed forces.
The resolution of public hearings will be formed in a short time and submitted to the Council and the Cabinet of Ministers. Its main demand is the need to return bill No. 8087 for a second second reading with significant modifications.
Background
Recall that bill No. 8087 was developed by a group of people’s deputies headed by Alexander Fedienko.
On January 12, it was adopted in the first reading, the relevant committee on national security, defense and intelligence recommends that it be approved in the second reading.
The document significantly expands the powers of the State Service for Special Communications and Information Protection (Gosspetssvyaz) and imposes on it the responsibility for monitoring compliance with legal requirements in the field of technical information protection and cyber protection.
Among other things, the supervisory authority will have access to facilities and premises, any documentation related to the storage and processing of personal data, if it deems it appropriate, has the right to appoint a “cyber protection officer” in public authorities and critical infrastructure enterprises, establish their functions and capabilities .
In general, the adoption of the bill is intended to implement the requirements of the EU Network and Information Security Directive (NIS2 Directive), adopted on December 14, 2022 and coming into force in the EU on October 18, 2024.
Source: Racurs
I am David Wyatt, a professional writer and journalist for Buna Times. I specialize in the world section of news coverage, where I bring to light stories and issues that affect us globally. As a graduate of Journalism, I have always had the passion to spread knowledge through writing.