Commission refers Ireland to CJEU for failing to enact cyber rules

July 9, 2026 at 08:00 AM UTC
Silicon Republic
Original: EN
Commission refers Ireland to CJEU for failing to enact cyber rules

The European Commission has taken a significant step by referring Ireland to the Court of Justice of the European Union (CJEU) for failing to transpose the Network and Information Security (NIS2) directive into national law. This directive, a cornerstone of the EU's cybersecurity strategy, aims to bolster the resilience of critical infrastructure and essential services against cyber threats. Ireland's delay, alongside Spain, France, and the Netherlands, highlights persistent challenges in harmonizing digital security measures across member states. NIS2 expands the scope of cybersecurity obligations beyond traditional critical sectors to encompass a wider range of entities, including those in manufacturing, energy, and digital services. The directive mandates enhanced risk management measures and reporting obligations for affected organizations, requiring them to notify authorities of any significant cybersecurity incidents. The extended application of NIS2 is crucial for creating a more robust and unified digital defense across the European Union. This referral to the CJEU underscores the urgency with which the EU is pursuing its digital sovereignty and cybersecurity agenda. By holding member states accountable for timely implementation, the Commission seeks to ensure a consistent and high level of cybersecurity protection for businesses and citizens across the bloc. The outcome of this legal action will likely reinforce the importance of swift and accurate transposition of EU digital legislation for all member states.

Curated and translated by Europe Digital for our multilingual European audience.

Why this matters for European digital sovereignty

The European Commission's referral of Ireland to the CJEU for failing to transpose the NIS2 directive underscores the EU's commitment to its digital sovereignty and cybersecurity agenda. This directive is crucial for harmonizing digital security measures across member states and bolstering the resilience of critical infrastructure and essential services. Holding members accountable for timely implementation ensures a consistent level of cybersecurity protection for businesses and citizens.

Source Information

Publication: Silicon Republic
Published: July 9, 2026 at 08:00 AM UTC
All rights remain with the original publisher.