Brussels has a knack for regulating through stealth and with far-reaching consequences simultaneously. The European Commission’s proposed reform of the Cybersecurity Act, informally known as “CSA2,” is no different. Published on 20 January 2026, the new draft regulation will replace the 2019 framework and enter into force together with a reform of the EU’s cybersecurity directive, Directive (EU) 2022/2555.

From Technical Update to Geopolitical Instrument

At first glance, it is a mere technical update. In truth, it represents a paradigm shift in the interplay between market access, digital sovereignty, and political trust in global supply chains. The proposed regulation introduces a new competence for the European Commission to qualify so-called “key ICT assets” in the sectors that fall under NIS2, and, more controversially, to qualify foreign suppliers as “high risk.” This is no theoretical categorization. It may trigger EU-wide bans, including exclusion from cybersecurity certification schemes, public procurement, and standardization activities. In the telecommunication sector, products from high-risk suppliers must be replaced within narrowly defined time limits. This is a structural risk for Brussels. The Commission argues that supply chains are no longer merely commercial networks but rather strategic infrastructure vulnerable to geopolitical pressure.

External laws requiring early warning systems for software vulnerabilities to national authorities, the absence of an independent judicial review procedure, or proof of malicious cyber activity may all be taken into account in a high-risk assessment. This is a clear extension of the debate, which was hitherto confined almost entirely to the 5G providers. CSA2 extends the debate to other areas. In this process, it enshrines a European ideal of digital sovereignty that is less about rhetorical moments on industrial policy and more about wielding regulatory muscle. But the ideal of sovereignty is a fraught one in the digital politics of Europe. The European Pirate Party, whose manifesto sees the digital revolution as an opportunity for democratic transformation rather than technocratic consolidation, has long argued that resilience must never come at the cost of transparency and basic rights. The Pirates’ program calls for open standards, accountability of state power, and robust judicial safeguards whenever digital governance is expanded. CSA2 does expand governance.

When Stronger Enforcement Meets Sharper Deadlines

The Commission will gain implementing powers to exclude certain actors from using specific ICT components or to specify mitigation measures that vary from supplier-transparency obligations to bans on remote data processing from nations outside of the EU. Non-compliance will incur fines of up to 7 percent of global annual turnover for the most serious infractions, a severity that matches the EU’s toughest enforcement instruments. The telecommunication sector will have sharper corners. Mobile network operators will have no more than 36 months to strip out components from suppliers that are deemed to be high-risk once a list is published. Fixed and satellite communications will follow a schedule that will be determined in further implementing decisions. The implication is clear: in strategic communications infrastructure, caution defeats gradualism. However, CSA2 also proposes to update the European Cybersecurity Certification Framework as established in Regulation (EU) 2019/881. Certification will no longer be exclusive to products and services. For the first time, it may also include an organization’s overall cybersecurity posture, maturity, readiness, and governance structures. This is a result of a broader regulatory strategy.

Cybersecurity is no longer a property that is inherent in hardware and software; it is a systemic property of organizations and, by extension, markets. The certification frameworks would be established by ENISA under the Commission’s mandate, with periodic reviews at least every four years. There would be little room for Member States to establish their own schemes if there are schemes in the EU. Harmonization and simplification are what the supporters of this regulation see. Centralization is what the opponents might see. ENISA is poised to take on a much bigger role. It is not only going to be responsible for the establishment of certification frameworks but will also be involved in EU-level risk assessments, administer the European Vulnerability Database under NIS2, and coordinate the EU Cybersecurity Reserve and crisis response efforts across borders, such as EU-CyCLONe. The challenge for digital rights campaigners is not that Europe needs improved cybersecurity. It clearly does.

How Security Ambition Threatens Democratic Safeguards

Ransomware attacks, state-sponsored hacking, and supply chain attacks have shown the weaknesses. The challenge is whether new powers like blacklisting suppliers, EU vulnerability registers, reporting mechanisms, are matched by similar robust safeguards on transparency, judicial review, and democratic oversight. The Pirate Party’s manifesto is crystal clear that the digital revolution must empower citizens and strengthen basic rights, not lock them into a permanent state of technological exception. CSA2 is not a surveillance bill. It is framed in industrial and security language.

But its architecture is part of a broader pattern: the progressive enhancement of regulatory and operational capabilities at the EU level in the name of resilience. The legislative procedure will now proceed to the European Parliament and the Council in the ordinary legislative procedure. The negotiations are likely to stretch into 2026. As amendments are tabled and compromises are struck, the debate is likely to polarize around familiar European divides-security vs. openness, sovereignty vs. global interdependence, harmonization vs. decentralization. In this debate, CSA2 will show whether the Union can build a more secure digital space without sacrificing the very values that made it a self-proclaimed global leader on digital rights in the first place.

europeanpirates.eu/europes-new…

Dear Friend of Press Freedom,

The U.S.-Israeli war in Iran, all parties to which have abysmal recent records on press freedom, is sure to bring an escalation in censorship and retaliation against journalists. That makes it a perfect time (as it has been for over a century) to reform the Espionage Act, one of the primary weapons the government uses to stifle whistleblowing and war reporting. Read on for more.

The public deserves to know when Iran war reporting is stifled

Journalists covering the U.S. and Israel’s new war on Iran should be telling their audiences not only what they know but what they were prevented from finding out, and by whom.

That doesn’t just mean an occasional editorial bemoaning threats to press freedom. Those are valuable, but on their own, they turn speech suppression into a side issue. With an unprecedented censorship infrastructure surrounding this war, it’s anything but that. Freedom of the Press Foundation (FPF) Chief of Advocacy Seth Stern wrote about why reporting should include acknowledgment and explanation of how censorship impacts what the public sees and reads in each story.

• Read more

Florida should not get its own mini-CIA

If Florida enacts House Bill 945, it will create a national first — a CIA-style structure at the state level that blurs the traditional line between state law enforcement and intelligence work. And it likely wouldn’t remain a local experiment. Red states often borrow aggressively from one another’s policy playbooks, on everything from gerrymandering to anti-abortion laws to transporting immigrants to Democratic-led states.

Stern, along with FPF’s Daniel Ellsberg Chair on Government Secrecy Lauren Harper and Florida First Amendment Foundation Executive Director Bobby Block, wrote for The Guardian that state-level intelligence offices empowered to scrutinize residents based on ideology are sure to be used against journalists.

• Read the op-ed

A judge finally called a newsroom raid what it is

When a judge orders a journalist not to publish a story, everyone recognizes it as a prior restraint — the most serious First Amendment violation there is, according to the Supreme Court, and one that has never been allowed against the press. But when the government kicks down a reporter’s door and walks out with computers, or seizes a news photographer’s equipment at a protest, that’s often seen as something different.

It’s not — in both cases, the reporter is left unable to publish news, which is the harm that the prohibition on prior restraints seeks to avoid. Magistrate Judge William Porter’s February order restricting how prosecutors could search materials seized from Washington Post reporter Hannah Natanson recognizes this reality by treating the seizure of her materials, containing terabytes of data, source communications, and works in progress, as a prior restraint. We’ve been critical of other aspects of Porter’s order but he at least deserves credit for that.

• Read more

Assange case coming back to bite ‘conventional’ journalists

For years we warned that the Espionage Act prosecution of WikiLeaks founder Julian Assange, started by the first Trump administration and shamefully continued by the Biden administration, would lead to attacks on more conventional reporters, regardless of official claims that Assange wasn’t really a journalist so the press needn’t worry.

In the past two months, the federal government and its defenders have used the Assange case to normalize and defend everything from seizing Natanson’s devices in violation of federal law to accusing journalist Seth Harp of illegally “leaking” identities of government officials. FPF Executive Director Trevor Timm explained this troubling trend in a video (and we’ve got plenty of other great video content on YouTube).

• Watch it here

Help our SecureDrop team make our lives online more secure

WEBCAT, a new software tool under development at FPF, has just entered alpha testing. The goal of the project is to allow web browsers to verify the origin of code before they run it. By guarding against hacked web servers, WEBCAT aims to make our lives online more secure.

We invite adventurous web users to try out our Firefox browser extension, and web application developers to experiment with our new decentralized web domain enrollment system.

• Read more

What we’re reading

Nashville reporter who has detailed ICE activity detained in South Nashville stop

Nashville Banner
We don’t yet know if Estefany Rodríguez’s detention was in retaliation for her reporting, but we certainly wouldn’t be surprised. Immigration and Customs Enforcement abductions of immigrant journalists take the reporters best equipped to cover the agency’s activities off the beat.

Photographer indicted after Minnesota church protest coverage

U.S. Press Freedom Tracker
Junn Bollmann is the latest journalist charged for covering the same church protest that prompted the Trump administration’s outrageous arrests of Don Lemon and Georgia Fort. The Justice Department will likely lose these cases, and the journalists should sue.

Chicago appeals court vacates judge’s use-of-force injunction on immigration agents

Chicago Tribune
The 7th Circuit has apparently decided it’s in the business of correcting “injustices” no one asked it to correct. The one it chose to start with? An already dismissed order restraining violent immigration agents from assaulting journalists.

Prairieland ICE shooting trial jury gets closer look at ‘antifa’ materials defendants owned

KERA News
“Zines are really like this little atomic unit of freedom of the press with simple pamphlets that you just pass around. It begs the question of whether the prosecution believes that we should have a First Amendment in the first place,” said Lydia Koza, wife of defendant Autumn Hill. Also, read our 2025 op-ed on how the federal case in Texas threatens press freedom.

Some of the best news stories start with a public records request

Poynter
Nearly everything is fair game for a records request at public universities, “even the amount of money dining halls spend on ranch dressing,” write student journalists for Michigan State University’s The State News.

The New York Times takes the Pentagon to court

Columbia Journalism Review
The Pentagon’s media policy is “unconstitutional, but ... what they say after the fact makes their arguments even worse,” Timm said. They “admitted that they don’t care if people break this as long as they agree with them.”

Use our action center to tell Congress to pass Rep. Tlaib’s bill to fix the arcane and dangerous Espionage Act so the government can no longer treat whistleblowers and journalists like enemy spies.

• EMAIL CONGRESS

freedom.press/issues/press-mus…

When a judge orders a journalist not to publish a story, everyone recognizes it as a prior restraint — the most serious First Amendment violation there is, according to the Supreme Court, and one that has never been allowed against the press. But when the government kicks down a reporter’s door and walks out with computers, or seizes a news photographer’s camera at a protest, that’s often seen as something different.

It’s not. In both cases, the reporter is left unable to publish news, which is the exact harm that the prohibition on prior restraints seeks to avoid. Magistrate Judge William Porter’s February order restricting how prosecutors could search materials seized from Washington Post reporter Hannah Natanson recognizes this reality. Porter treated the seizure of her devices, containing terabytes of data, source communications, and works in progress, as a prior restraint — a recognition long overdue, and one that courts have been notably reluctant to make explicit.

We’ve been critical of other aspects of Porter’s order. He should have required that Natanson’s materials be returned outright and should have sanctioned prosecutors for omitting the Privacy Protection Act of 1980 — a law that prohibits exactly this kind of raid in most circumstances — from their warrant application. He admitted the Trump administration has a track record of falsely claiming national security threats, but deferred to them anyway. But at least he framed the issue correctly before his anticlimactic conclusion.

There’s actually an argument that seizures are worse than orders not to publish. Traditional prior restraints are so nakedly unconstitutional that news outlets sometimes opt to just ignore them, dare the court to hold a journalist in contempt of court for reporting the news, and publish anyway. That happened in Colorado, where a reporter from BusinessDen defied an order to return court records the court itself had released. The judge backed down.

But you can’t choose to ignore a seizure and risk contempt. When the FBI has your hard drives, you don’t have the option of printing the story anyway.

Plus, a traditional prior restraint targets specific information that the government claims (almost always falsely) poses some kind of extraordinary threat, the most famous example being the Pentagon Papers. A seizure of a modern journalist’s devices captures everything from stories in progress to research notes to contacts, most of which have nothing to do with whatever law enforcement is investigating. The seizure of Natanson’s materials likely killed far more stories than any targeted court order ever could have, which also increases the potential chilling effect among other journalists’ worried about losing not just one scoop, but all of their hard work, by publishing materials that upset the government.

The seizure of Natanson’s materials likely killed far more stories than any targeted court order ever could have.

Florida journalist Tim Burke faced the same predicament. Agents raided his Tampa home in 2023 and walked out with essentially every piece of equipment in his newsroom. The seized data included reporting that had nothing to do with his purported crime of violating computer fraud laws by publishing newsworthy information (outtakes of Tucker Carlson’s interview with Ye, formerly Kanye West, where the recording artist went on antisemitic rants) that he found on an unencrypted website.

The seizure was, for all intents and purposes, an indefinite prior restraint on his First Amendment right to report and publish newsworthy information. The government prevented Burke from reporting for more than nine months before even indicting him. Then the indictment sought forfeiture of his computers, claiming that his reporting in progress was criminal “contraband,” an argument the government is now floating in Natanson’s case as well.

The raid of the Marion County Record is another example. Police in Kansas walked out with computers, phones, and reporting materials, forcing the newspaper to pivot in order to publish its next edition on time. It makes little difference to the impacted journalists whether the government says “you can’t publish this” or “you no longer have what you want to publish.”

Less dramatic infringements can have the same effect — journalists covering civil unrest, for example, might be working with a single phone or camera. Seizure of those devices stops them from publishing their coverage (and potentially exposes their sources) just like a newsroom raid. The latter are relatively rare, but the former happens all the time.

Porter is not the first to recognize this dynamic. The Supreme Court has said that seizures of materials protected by the First Amendment run “the risk of prior restraint” and can’t be justified by probable cause alone. As one federal appellate court put it, “The government need not ban a protected activity … if it can simply proceed upstream and dam the source.”

But the judge may be the first to put it so plainly in the newsgathering context. He deserves credit for understanding the constitutional implications of silencing Natanson and not shying away from expanding the legal concept of “prior restraints” to seizures of electronics that the courts that developed that jurisprudence decades ago could never have anticipated. Maybe next time, he’ll follow through with the right remedy — ordering the immediate return of all the seized materials and sanctioning the prosecutors who took them under false pretenses.

freedom.press/issues/a-judge-f…

The following was submitted by a Pirate supporter using the pseudonym “Hoodlump”, advocating for and sharing money advice on how to move away from the banking system towards credit unions. This article is apart of the project “Message in a Bottle”, allowing supporters of the US Pirate Party to submit editorial articles to the United States Pirate Party website.

Remember when the legendary redditor “DeepF****ingValue” ignited the hilarious short squeeze against giant hedge funds in 2021, essentially teaching the masses that it is in fact possible to shake the ground under the financial vultures that we once thought were untouchable?

It seemed like everyone went from not giving those giant hedge funds much thought to suddenly and collectively becoming aware of sinister financial practices that were always present.

Many learned what hedge funds were, what short-selling is, who the stock exchange is really for (when RobinHood banned further purchases of the GME stock) and, most importantly, that collective action seriously makes waves.

Perhaps the most important takeaway is that the correct action in our time is going to be a financial one.

After all, to whom do each and every one of us, regardless of who we are in the workforce, must answer to? Who sits at the top of the chain of command?

Ultimately, it is the shareholder; the enemy to all humankind itself.

It took for me to land a job within a financial brokerage firm to learn one important thing about banks:

They have an alternative.

While banks exist as a for-profit enterprise, using the money we all deposit as their own investment capital so that the returns can be dispersed among the vultures that already own everything, credit unions are not-for-profit.

They work the way banks are intended: for community.

The “shareholder” is you.

Instead of investing your money in weapons, tobacco, private-owned housing, etc., the credit union is allowed to invest only in the ventures that another member takes up.

According to the Credit Union National Association, credit union members save an average of $179 per member (or $376 per household) annually simply by banking with a not-for-profit cooperative rather than a shareholder-owned bank.

[1] In addition to the moral imperative, banking with a credit union actually offers better financial incentives.

(Of course it does, right? When you remove the greedy shareholder, the money suddenly becomes available to you.)

CUs offer lower fees, better savings account rates (if you don’t already know, please learn about certificates of deposit), and better loan rates.

If you want to start a business, the CU will give you personal support, as they are more directly concerned with your success, as you are not an inconsequential borrower.

When I learned about this, I immediately made the switch. I want to tell everyone and their mother and father to do the same.

Actually, I want to scream it until everyone falls in line.

We should not leave one nickel in excess to be invested by the companies that are ruining our lives and our planet.

If you have a 401k, it is a bit harder to tackle but you should absolutely still take ownership there as well.

One day, I took a look at mine and saw it was absolutely littered with weapons manufacturers, big pharma and big tech companies, and while that’s not surprising, we should not accept that either.

Your 401k likely looks the same, and if you don’t have it in you to research 100 different companies to do an ethics check and reallocate your retirement funds, don’t be shy about getting someone on the phone to help you.

You don’t need your money to be sitting in the top 500 American Companies’ hands for your golden years to be secure.

There are generally other options, and if for you there are none, perhaps you can cease any further deposits from your checks and look for better ways to invest your money yourself.

We don’t need to be relying on this broken system anymore to take care of us, because it’s clear it isn’t even trying to take care of us.

In an endless mission to put individuals before institutions, it’s important to teach said individuals how to put themselves first. This is one way you can do that.

The onus has been on us a long time now. It’s time to stop being dismissive or careless about our money, and instead be skeptical, accountable, and as the jits say, standing on business.

Sources:

[1] Credit Human

uspirates.org/message-in-a-bot…

Journalists covering the U.S. and Israel’s war on Iran should be telling their audiences not only what they know but what they were prevented from finding out, and by whom. That doesn’t just mean an occasional editorial bemoaning threats to press freedom. Those are valuable, but on their own, they turn speech suppression into a side issue. The reporting itself should include acknowledgment and explanation of how censorship impacts what the public sees and reads.

The censorship infrastructure surrounding this war is extraordinary. On the American side, self-proclaimed Secretary of War Pete Hegseth has virtually eliminated press access to the military and limited press credentialing to journalists who pledge to remain official stenographers. As a result of his policy, the press corps covering the Pentagon is composed of Trump-aligned outlets like One America News, Turning Point USA’s Frontlines, and MyPillow CEO Mike Lindell’s LindellTV streaming service.

It’s arguably not the worst outcome for serious reporters to get their time back so they can dig through public records instead of listening to Hegseth’s lies and weird pep talks. But if they try, they’re sure to run into problems caused by the Trump administration’s widespread gutting of public records and transparency mechanisms, elimination of government websites, and blatant noncompliance with the Freedom of Information Act.

Some of the same outlets excluded from the Pentagon are likely to face harassment from Brendan Carr’s Federal Communications Commission and others within the administration eager to use their leverage over corporate transactions to deter criticism.

Trump has claimed that kitchen cabinets threaten national security during peacetime — imagine what he’ll say about investigative journalism while at war.

The administration’s war on leaks is sure to accelerate as whistleblowers seek to expose the embarrassing mistakes and awful human rights abuses that the war is almost certain to bring. After the raid of Washington Post reporter Hannah Natanson’s home over her source’s alleged Espionage Act violations, further intrusions on newsgathering seem inevitable. Trump has reportedly been looking for an opportunity to take it one step further and prosecute a journalist under the same archaic law.

The congressional subpoena of journalist Seth Harp, for identifying a military official leading Trump’s attack on Venezuela, likely foreshadows what’s to come for journalists who publish news the administration seeks to conceal about the war.

The administration’s efforts to distort the concept of “doxxing” to criminalize reporting on Immigration and Customs Enforcement’s abduction spree may prove to have been a practice run for tactics to silence war correspondents. President Donald Trump has claimed that kitchen cabinets threaten national security during peacetime — imagine what he’ll say about investigative journalism while at war.

Attacks that don’t silence critics directly are apt to lead to self-censorship. Sources won’t come forward at risk of federal investigation. Corporate news moguls will tone down their coverage to avoid government threats to their more lucrative holdings. Smaller outlets and independent journalists will hesitate to risk incurring life-altering legal fees.

Sure, some journalists and whistleblowers are courageous enough to risk everything to tell the truth, but we shouldn’t be dependent on heroism for uncensored reporting.

On the Israeli side, the censorship is often even more direct. Israel’s military censor, which reportedly banned publication of 1,635 articles and partially censored another 6,265 in 2024, will be back at it — likely emboldened by U.S. backsliding under Trump. Journalists who disobey the censor — which also prohibits them from reporting they’ve been silenced — risk arrest.

Stories that aren’t killed by the censor are deterred with the threat of being blown to bits. Israel has systematically targeted news outlets and individual journalists in Gaza, as well as Iran. There’s no reason to assume Iran will be any different — an Iranian state media complex has reportedly already been bombed. Add to that the “accidental” killings of journalists resulting from unwillingness to take basic measures to protect civilians.

And then there’s Iran itself, which, to paraphrase Hegseth, didn’t start this war but is sure going to censor it. The remnants of the regime are likely to lash out to violently stifle all sorts of dissent, including journalism that doesn’t parrot their narratives.

Stories that aren’t killed by the censor are deterred with the threat of being blown to bits.

Iran — which ranked 176th out of 180 on Reporters Without Borders’ global Press Freedom Index last year — is intolerant of adversarial journalism during peacetime and will surely escalate censorship now, as we saw during the Israel-Iran war last year.

Since the start of the current war, Iran has already blacked out phone and internet access, as it did during its horrifically violent suppression of January’s uprisings. It will almost certainly continue to do so, thereby severely limiting the information that comes out of the war’s primary battleground, and leaving journalists and news consumers to gauge the credibility of competing government narratives.

None of this is unprecedented in isolation — the George W. Bush administration used highly restricted embed access in Iraq as a propaganda tool, subpoenaed reporters, and floated prosecuting them under the Espionage Act. The Obama administration pursued more Espionage Act cases against whistleblowers than all prior administrations combined. The Biden administration extracted a plea deal from Julian Assange over WikiLeaks’ exposure of Iraq war crimes. But all of that is going to be on steroids now, in terms of both scale and brazenness.

Journalists will find a way to report the news and investigate government abuses and lies, despite it all. Lawyers and activists will do what they can to help. But it’s unrealistic to expect reporters to overcome this multipronged attack entirely.

What they can and should do, even if it feels awkward, is let the public in on the obstacles they are dealing with and how the lack of reliable information during modern conflicts harms us all, allowing politicians to lie their way into wars that enrich their friends while killing schoolchildren.

If reporters are going to quote Pentagon spokespeople or news releases, the public deserves to know who the reporter was not allowed to interview and what documents they were not permitted to review. It’s vital context without which the reporting is arguably misleading. And reporters from the U.S. — which is somehow still the least censored of the three main parties to this war — may be the only ones who can provide it.

It might not fix the secrecy surrounding this war, but it could lead to greater demand for transparency and greater skepticism of official narratives in the run-up to the next “forever war.” Maybe it could even help avoid the next one altogether.

freedom.press/issues/the-publi…

March 4 – It weighs on our hearts that our government has decided to take action against the crews shipping oil. Just as we are against civil asset forfeiture, this too is an action that just steals from those sailors who are simply trying to make a living. With zero due process in international waters, Trump has directed our military to steal from those who do not align with his political stance.

This is not a dissent against our military brothers and sisters, who carried out the raids. They did so without harming the ships or the people, preforming at a level of excellence we have come to expect from them. Instead, this is a top down action that put both our military personnel and the merchant marine in harms way. They were not transporting illegal goods. They were transporting oil.

Those in the administration claim this is to stop tyranny while they are acting tyrannical. They claim this is for justice while holding no due process nor giving those arrested the right to representation. They claim the crews are breaking international law and are part of a shadow fleet, so does that mean the US is the end-all be-all of policing international trade?

We must not let this distract us from the real issues. We must push back again those who think they are above the law. No one is above the law and we all deserve justice with due process.

Image Source: Public Domain, Link.

The above was previously posted by the Massachusetts Pirate Party. Similar to the statements they previously made on Iran that we echoed and adopted as our own, we chose to share the words of our Massachusetts Pirates and echo that here.

uspirates.org/pirates-condemn-…

What has the EDRi network been up to over the past few weeks? Find out the latest digital rights news in our bi-weekly newsletter. In this edition: Chat Control in final stretch, breaking extractive business models with Digital Fairness Act, & more!

The post EDRi-gram, 4 March 2026 appeared first on European Digital Rights (EDRi).

Privacy First is drawing attention to the risks to financial privacy and fundament rights arising from the European Union’s anti-money laundering and counter-terrorist financing (AML/CFT) framework. Over the past decade, the EU has increasingly shifted the responsibility of detecting financial crime from public authorities to banks, bookkeepers and other companies (called“obliged entities”). With a completely revised AML Package set to enter into force in mid-2027, this system will expand further, turning ordinary citizens and civil society organisations into subjects of systems of financial surveillance.

The post Outsourcing crime control: How EU anti-money laundering rules threaten financial privacy appeared first on European Digital Rights (EDRi).