Germany: Adopted Second Law to increase the security of Information Technology Systems ( IT Security Act 2.0) including registration requirement

On 7 May 2021, the Security of Information Technology Systems (IT Security Act 2.0), including registration requirements for critical entities, was adopted. The Act would expand the list of critical sectors and establish a new regulated category of service providers, companies in the special public interest, defined as companies that provide or manufacture products classified as essential based on the Foreign Trade and Payments Ordinance, have economic importance to Germany or are operators of an upper-tier establishment based on the Hasardous Incident Ordinance. In particular, the Act requires critical infrastructure operators and companies in the special public interest to register with the Federal Office for Information Security, specify all the services they provide that were classified as critical infrastructure, and designate a contact person.