On 7 December 2015, the EU Council reached an informal agreement with the EU Parliament on the draft Network and Information Security (NIS) Directive.The draft Directive sets out cybersecurity obligations for operators of essential services in the healthcare, banking, energy and transport sectors, and also digital service providers (including e-commerce platforms, search engines, social networks, internet payment gateways, and cloud services). These operators will be required to take measures to manage cyber risks and report major security incidents.
The CJEU has ruled in Svensson and Others v Retriever Sverige AB (C466/12) (Svensson) that providing a hyperlink to copyrighted works which are already freely available online does not constitute an infringement of copyright. However, if a link allows users to bypass technical measures restricting access to a site on which a copyrighted work appears, then infringement may occur.
The decision had been awaited with some trepidation due to the essential role linking plays in the day to day operation of the internet. A contrary ruling would have created a serious barrier to the interconnectivity upon which the internet thrives.