This document is an excerpt from the EUR-Lex website
Document C:2008:181:FULL
Official Journal of the European Union, C 181, 18 July 2008
Official Journal of the European Union, C 181, 18 July 2008
Official Journal of the European Union, C 181, 18 July 2008
Display all documents published in this Official Journal
|
ISSN 1725-2423 |
||
|
Official Journal of the European Union |
C 181 |
|
|
||
|
English edition |
Information and Notices |
Volume 51 |
|
Notice No |
Contents |
page |
|
|
I Resolutions, recommendations and opinions |
|
|
|
OPINIONS |
|
|
|
European Data Protection Supervisor |
|
|
2008/C 181/01 |
||
|
|
II Information |
|
|
|
INFORMATION FROM EUROPEAN UNION INSTITUTIONS AND BODIES |
|
|
|
Commission |
|
|
2008/C 181/02 |
||
|
2008/C 181/03 |
Non-opposition to a notified concentration (Case COMP/M.5162 — Avnet/Horizon) ( 1 ) |
|
|
|
V Announcements |
|
|
|
PROCEDURES RELATING TO THE IMPLEMENTATION OF THE COMMON COMMERCIAL POLICY |
|
|
|
Commission |
|
|
2008/C 181/09 |
||
|
|
PROCEDURES RELATING TO THE IMPLEMENTATION OF THE COMPETITION POLICY |
|
|
|
Commission |
|
|
2008/C 181/10 |
Prior notification of a concentration (Case COMP/M.5231 — Bain Capital/D&M) — Candidate case for simplified procedure ( 1 ) |
|
|
2008/C 181/11 |
Prior notification of a concentration (Case COMP/M.5227 — Robert Bosch/Samsung/JV) ( 1 ) |
|
|
2008/C 181/12 |
Prior notification of a concentration (Case COMP/M.5267 — Sun Capital/SCS Group) — Candidate case for simplified procedure ( 1 ) |
|
|
|
|
|
|
(1) Text with EEA relevance |
|
EN |
|
I Resolutions, recommendations and opinions
OPINIONS
European Data Protection Supervisor
|
18.7.2008 |
EN |
Official Journal of the European Union |
C 181/1 |
Opinion of the European Data Protection Supervisor on the Proposal for a Directive of the European Parliament and of the Council amending, among others, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications)
(2008/C 181/01)
THE EUROPEAN DATA PROTECTION SUPERVISOR,
Having regard to the Treaty establishing the European Community, and in particular its Article 286,
Having regard to the Charter of Fundamental Rights of the European Union, and in particular its Article 8,
Having regard to Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (1),
Having regard to Directive 2002/58/EC of the European Parliament and of the Council of the 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (2),
Having regard to Regulation (EC) No 45/2001 of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data, and in particular its Article 41 (3),
Having regard to the request for an opinion in accordance with Article 28(2) of Regulation (EC) No 45/2001 received on 16 November 2007 from the European Commission,
HAS ADOPTED THE FOLLOWING OPINION:
I. INTRODUCTION
|
1. |
On 13 November 2007, the Commission adopted a Proposal for a Directive amending, among others, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communication sector (hereinafter ‘Proposal’ or ‘proposed amendments’). The current version of Directive 2002/58/EC is usually, also in this Opinion, referred to as the ePrivacy Directive. |
|
2. |
The Proposal aims at enhancing the protection of individuals' privacy and personal data in the electronic communications sector. This is done not by entirely reshaping the existing ePrivacy Directive but rather by proposing ad hoc amendments to it, which mainly aim at strengthening the security-related provisions and improving the enforcement mechanisms. |
|
3. |
The Proposal is part of a wider reform of the five EU telecom Directives (‘the telecoms package’). In addition to the proposals for the review of the telecoms package (4) the Commission has also adopted at the same time a Proposal for a Regulation establishing the European Electronic Communications Market Authority (5). |
|
4. |
The remarks contained in this Opinion are limited to the proposed amendments to the ePrivacy Directive unless such proposed amendments rely on concepts or provisions contained in proposals for review of the telecoms package. In addition, some comments contained in this Opinion refer to provisions of the ePrivacy Directive which have not been amended by the Proposal. |
|
5. |
This Opinion addresses the following topics: (i) the scope of the ePrivacy Directive, in particular, the services concerned (proposed amendment to Article 3(1)); (ii) the notification of security breaches (proposed amendment creating Article 4(3) and 4(4)); (iii) the provisions on cookies, spyware and similar devices (proposed amendment to Article 5(3)); (iv) the legal actions initiated by electronic communication services providers and other legal persons (proposed amendment creating Article 13(6)); and (v) the strengthening of the enforcement provisions (proposed amendment creating Article 15a). |
Consultation with the EDPS and broader public consultation
|
6. |
The Proposal was sent by the Commission to the EDPS on 16 November 2007. The EDPS understands this communication as a request to advise Community institutions and bodies, as foreseen in Article 28(2) of Regulation (EC) No 45/2001 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data (hereinafter ‘Regulation (EC) No 45/2001’). |
|
7. |
Prior to the adoption of the Proposal, the Commission informally consulted the EDPS on the draft Proposal, which the EDPS welcomed as it gave him an opportunity to make some suggestions on the draft proposal prior to its adoption by the Commission. The EDPS is glad to see that some of his suggestions have been reflected in the Proposal. |
|
8. |
The adoption of the Proposal was preceded by a wide public consultation exercise, a practice valued by the EDPS. Indeed in June 2006 the Commission launched a public consultation on its Communication on the Review of the telecoms package where the Commission described its views on the situation and put forward some proposals for amendments (6). The Article 29 Data Protection Working Party (‘WP 29’), of which the EDPS is a member, used this opportunity to provide its views on the proposed amendments in an Opinion adopted on 26 September 2006 (7). |
EDPS overall views
|
9. |
On the whole the EDPS views on the Proposal are positive. The EDPS fully supports the aims of the Commission in adopting a Proposal enhancing the protection of individuals' privacy and personal data in the electronic communications sector. The EDPS particularly welcomes the adoption of a mandatory security breach notification system (Amendment to Article 4 of the ePrivacy Directive, adding paragraphs 3 and 4). When data breaches occur, notification has clear benefits, it reinforces the accountability of organizations, is a factor that drives companies to implement stringent security measures and it permits the identification of the most reliable technologies towards protecting information. Furthermore, it allows the affected individuals the opportunity to take steps to protect themselves from identify theft or other misuse of their personal information. |
|
10. |
The EDPS welcomes other amendments in the Proposal such as the ability for legal persons with legitimate interest to have a cause of action against those who infringe some of the provisions of the ePrivacy Directive (Amendment to Article 13, adding paragraph 6). Also positive is the strengthening of the investigatory powers of national regulatory authorities as it will enable them to assess whether or not any processing of data is carried out in compliance with the law and to identify infringers (Addition of Article 15a(3)). To be able to stop unlawful processing of personal data and infringements of privacy as soon as possible is a necessary measure in order to protect the rights and freedoms of individuals. To this end the proposed Article 15a(2) which recognizes the national regulatory authorities' power to order the cessation of infringements is much welcomed as it will enable them to bring seriously unlawful processing to an immediate halt. |
|
11. |
The approach of the Proposal and most of the proposed amendments are in line with the views on the future data protection policy which were put forward in previous EDPS Opinions such as the Opinion on the implementation of the Data protection Directive (8). Among others, the approach is based on the belief that while no new data protection principles are necessary, there is a need for more specific rules to address data protection issues raised, by new technologies such as the Internet, RFID, etc, as well as tools that contribute to enforce and make effective data protection legislation such as enabling legal entities to initiate actions for violation of data protection and obliging data controllers to notify security breaches. |
|
12. |
Despite the overall positive approach of the Proposal, the EDPS regrets that the Proposal is not as ambitious as it could have been. Indeed, since 2003 the application of the provisions contained in the ePrivacy Directive as well as careful analysis of the subject has shown that some of its provisions are far from clear, generating legal uncertainty and compliance problems. For example, this is the case regarding the extent to which semi-public providers of electronic communication services are covered by the ePrivacy Directive. One would have hoped that the Commission would have made use of the review of the telecom package, and in particular of the ePrivacy Directive, to resolve some of the outstanding problems. Furthermore, in dealing with new issues, such as the setting up of a mandatory breach notification system, the Proposal only offers a partial solution, not including within the scope of the organizations obliged to notify security breaches, entities that process very sensitive types of data such as on-line banks or providers of on-line health services. The EDPS regrets this approach. |
|
13. |
The EDPS is hopeful that as the Proposal makes its way through the legislative process, the legislator will take into account the comments and proposals contained in this Opinion towards solving the issues that the Commission's Proposal has failed to address. |
II. ANALYSIS OF THE PROPOSAL
II.1. Scope of the ePrivacy Directive, in particular, services concerned
|
14. |
A key issue in the current ePrivacy Directive is the question of its scope of application. The Proposal contains some positive elements towards defining and clarifying the scope of the Proposal, particularly, the services concerned by the Directive, which are discussed below under Section (i). Unfortunately, the proposed amendments do not solve all existing problems. As discussed under Section (ii) below, the amendments unfortunately do not seek to broaden the scope of application of the Directive to include electronic communication services in private networks. |
|
15. |
Article 3 of the ePrivacy Directive describes the services concerned by the Directive, in other words, the services to which the obligations set forth in the Directive apply: ‘This Directive shall apply to the processing of personal data in connection with the provision of publicly available electronic communication services in public communications networks’. |
|
16. |
Therefore, the services concerned by the ePrivacy Directive are the providers of public electronic communication services in public networks (‘PPECS’). The definition of a PPECS is provided under Article 2(c) of the Framework Directive (9). Public communication networks are defined under Article 2(d) of the Framework Directive (10). Examples of PPECS include providing access to the Internet, transmission of information through electronic networks, mobile and telephone connections, etc. |
(i) Proposed amendment to Article 3 of the ePrivacy Directive: Services concerned to include public communication networks supporting data collection and identification devices
|
17. |
The Proposal amends Article 3 of the ePrivacy Directive by specifying that public electronic communication networks include ‘public communication networks supporting data collection and identification devices’. Recital 28 explains that the development of applications entailing the collection of information, including personal data, using radio frequencies, such as RFID, must be subject to the ePrivacy Directive when they are connected or make use of public communication networks or services. |
|
18. |
The EDPS finds this provision positive as it clarifies that a number of RFID applications fall within the scope of the ePrivacy Directive, thus removing some uncertainty on this point and definitively removing misunderstandings or misinterpretation of the law. |
|
19. |
Indeed, under the current Article 3 of the ePrivacy Directive certain RFID applications are already covered by the Directive. This happens for several cumulative reasons. Firstly, because RFID applications fall within the definition of electronic communication services. Secondly, because they are provided over an electronic communication network insofar as the applications are supported by a transmission system that conveys signals in a wireless way. And finally, the network may be public and private. If public, RFID applications will be deemed as ‘services concerned’ and thus fall within the scope of application of the ePrivacy Directive. However, the proposed amendment will eliminate any remaining doubt about it and thus provide more legal certainty. |
|
20. |
Of course, as pointed out in a previous EDPS Opinion on RFID (11), this provision does not preclude the possible need to enact additional legal instruments as far as RFID is concerned. However, such measures should be adopted in another context, not as part of this Proposal. |
(ii) Need to include electronic communication services in private or semi private networks
|
21. |
While the EDPS welcomes the clarification described above, he regrets that the Proposal has not tackled the issue of the increasingly blurred distinction between private and public networks. Furthermore, the EDPS regrets that the definition of services covered by the ePrivacy Directive has not been broadened to include private networks. As it currently stands, Article 3(1) of the ePrivacy Directive applies only to electronic communication services in public networks. |
|
22. |
The EDPS notes the tendency of services to increasingly become a mixture of private and public ones. Think for example of universities allowing thousands of students to use Internet and e-mail. The ability of this semi-public (or semi/private) networks to impinge on individuals' privacy is obvious and therefore calls for this type of services to be subject to the same set of rules as apply to purely public networks. Furthermore, private networks such as those of employers providing employees with Internet access, hotels or apartment owners providing guests with telephone and e-mail as well as Internet cafes have an impact on the data protection and privacy of their users which suggests that they should also be covered by the scope of application of the ePrivacy Directive. |
|
23. |
In fact, case law of some Member States has already held electronic communication services provided in private networks under the same obligations as those provided in public ones (12). Also, under German law, data protection authorities have found that allowing private email usage within a company can cause the company to be deemed as an operator of public telecommunications services, and thus to fall under the ePrivacy Directive's provisions. |
|
24. |
In short, the rising importance of the mixed (private/public) and private networks in everyday life, with the risk to personal data and privacy increasing accordingly, justifies the need to apply to such services the same set of rules that apply to public electronic communication services. To this end, the EDPS considers that the Directive should be amended to broaden its scope to include such type of private services; a view that is shared by the Working Party 29 (7). |
II.2. Notification of Security Breaches: Amendment to Article 4
|
25. |
Article 4 of the ePrivacy Directive is amended with the inclusion of two new paragraphs (3 and 4) which set forth an obligation to notify security breaches. Indeed, according to Article 4(3), PPECS are compelled to, on the one hand, notify national regulatory authorities, without undue delay of any breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to personal data transmitted, stored or otherwise processed in connection with the provision of electronic communications services (collectively ‘compromise of data’); on the other hand, PPECS are also compelled to notify their customers. |
Benefits of this obligation
|
26. |
The EDPS welcomes these provisions (Article 4(3) and 4(4)) introducing a mandatory notification of security breaches. The notification of security breaches carries positive effects from the perspective of the protection of personal data and privacy, which have already been tested in the United States where breach notification legislation at state level has been in place for several years already. |
|
27. |
Firstly, breach notification legislation enhances the accountability of the PPECS regarding the information which has been compromised. Under the data protection or privacy policy framework, accountability means that each and every organization is responsible for the information that is under its care and control. The obligation to notify is tantamount to a re-statement, on the one hand, that the data which have been compromised were under the control of the PPECS and, on the other hand, that it is the responsibility of this organization to take the necessary measures vis-à-vis such data. |
|
28. |
Secondly, the existence of a security breach notification has proved to be a factor that drives security investment at organizations that process personal data. Indeed, the simple fact of having to publicly notify security breaches causes organizations to implement stronger security standards that protect personal information and prevent breaches. Furthermore, the notification of security breaches will help to identify and carry out reliable statistical analysis regarding the most effective security solutions and mechanisms. For a long time there has been a shortage of hard data about information security failures and the most appropriate technologies to protect information. This problem is likely to be solved with the security breach notification obligations, as was the case with the US security breach reporting laws, because notification will give information on the technologies more favourable to breaches (13). |
|
29. |
Finally, the notification of security breaches makes individuals aware of the risks they face when their personal data are compromised and helps them to take the necessary measures to mitigate such risks. For example, if bank details have been compromised, the individual who is informed may decide to change his/her access details to his/her bank account to prevent someone from taking this information and using it for an unlawful purpose (usually referred to as ‘identity theft’). In sum, this obligation reduces the likelihood of individuals becoming victims of identity theft and also may help victims to take the actions necessary to resolve problems. |
Shortfall of the proposed amendment
|
30. |
While the EDPS is pleased with the security breach notification system set forth under Articles 4(3) and 4(4), he would have favored their application at a wider scale to include providers of information society services. This would mean that on-line banks, on-line businesses, on-line providers of health services, etc would also be covered by the law (14). |
|
31. |
The reasons that justify imposing the security breach notification upon providers of public electronic communication services, i.e. PPECS, also exist regarding other organizations which also process massive amounts of personal data, the disclosure of which may be particularly harmful to data subjects. This includes on-line banks, data brokers and other on-line providers such as those who process sensitive data (which includes health data, political views, etc.). The compromise of information held by on-line banks and on-line business which may include not only bank account numbers but also credit card details may trigger identity theft, in which case it is essential for individuals to be made aware in order to take the necessary measures. In the latter case (on-line health), if not financial damage, surely individuals are likely to suffer non-economic damage when sensitive information is compromised. |
|
32. |
Furthermore, by broadening the scope of the obligation, the benefits described above, expected from the imposition of this obligation, will not be limited to one sector of activity, that of providers of publicly available electronic communication services, but will be expanded to information society services in general. Indeed, the imposition of security breach notification obligations upon information society services such as on-line banks will not only increase their accountability but also motivate such actors to strengthen their security measures and thus avoid future potential security breaches. |
|
33. |
There are other precedents where the ePrivacy Directive already applies to entities other than PPECS, such as Article 5 on the confidentiality of communications and Article 13 on spam. This confirms that in the past the legislator, very wisely, took the decision to broaden the scope of application of certain provisions of the ePrivacy Directive because it felt that it was appropriate and necessary. The EDPS hopes that currently the legislator will not hesitate to take a similar sensible and flexible approach and broaden the scope of application of Article 4 in order to include providers of information society services. To this end, it would be sufficient to insert in Article 4(3) a reference to the providers of information society services as follows: ‘In case of a breach of security leading to the accidental or … the provider of publicly available communication services and the provider of information society services, shall … notify the subscriber concerned and the national regulatory authority of such a breach’. |
|
34. |
The EDPS views this obligation and its application to both PPECS and information society service providers as a first step of a development which may eventually be applied to all data controllers in general. |
Specific legal framework for security breaches to be addressed through comitology
|
35. |
The Proposal does not address a number of questions related to the obligation to provide notification on security breaches. Examples of issues that need to be addressed are the circumstances of the notice, the format and the procedures applicable. Instead, Article 4(4) of the Proposal leaves these decisions for adoption through a ‘comitology’ committee (15), namely the Communications Committee set up by Article 22 of the Framework Directive, pursuant to Council Decision of 28 June 1999. In particular, such measures would be adopted in accordance with Article 5 of the Council Decision of 28 June 1999 which set up rules for the Regulatory procedure, as regards ‘measures of general scope designed to apply essential provisions of basic instruments’. |
|
36. |
The EDPS does not oppose the choice of leaving all these issues to implementing legislation. Adoption of legislation through comitology is likely to shorten the legislative procedure. Also, comitology will help to ensure harmonization which is a goal that should be definitively sought. |
|
37. |
Taking into account the large number of issues that will need to be addressed in the implementing measures and their relevance, as highlighted below, it seems appropriate to tackle them altogether in a single piece of legislation rather than in a piecemeal approach whereby some of the issues would be addressed in the ePrivacy Directive whereas others would be left to implementing legislation. Thus, the Commission's approach consisting in leaving these decisions to implementing legislation, to be adopted after consulting the EDPS, and hopefully other stakeholders (see point below), is to be welcomed. |
Issues that will need to be addressed through implementing measures
|
38. |
The relevance of the implementing measures is highlighted if one foresees with some level of detail the issues that will need to be addressed by the implementing measures. Indeed, implementing measures may determine the standards under which notices must be delivered. For example, they will specify what constitutes a security breach, the conditions under which notices to individuals and to the authorities must be delivered, the timing for the notice and notification. |
|
39. |
The EDPS considers that the ePrivacy Directive and particularly Article 4 should not contain any exception to the obligation to notify. In this regard, the EDPS is glad with the Commission's approach embodied in Article 4 which sets forth an obligation to notify and does not foresee any exception to it but allows this and other questions to be dealt with by implementing legislation. Although the EDPS is aware of arguments that might justify the setting up of some exceptions to the obligation, the EDPS favors this and other questions to be carefully addressed through implementing legislation, after a thorough and global debate of all the issues at stake. As indicated above, the complex nature of the questions related to the obligation to provide notification on security breaches, including whether exceptions or limitations are appropriate, calls for its treatment in a unified way, i.e. in a single piece of legislation which exclusively deals with this issue. |
Consultation with the EDPS and the need to broaden the consultation
|
40. |
Taking into account the extent to which the implementing measures will affect the protection of the personal data of individuals, it is important that prior to the adoption of these measures the Commission engages in a proper consultation exercise. For this reason, the EDPS welcomes Article 4(4) of the Proposal which explicitly establishes that prior to adopting implementing measures, the Commission will consult the European Data Protection Supervisor. Such measures will not only concern but have an important impact on the protection of personal data and privacy of individuals. It is important therefore to seek the advice of the EDPS as required under Article 41 of Regulation (EC) No 45/2001. |
|
41. |
In addition to consultation with the EDPS, it may be appropriate to include a provision establishing that draft implementation measures will be subject to public consultation, in order to obtain advice and encourage the sharing of experience of best practices in these matters. This will provide a proper channel not only to industry but also other stakeholders, including other data protection authorities and the Article 29 Working Party to put forward their views. The need for public consultation is reinforced if one takes into account that the procedure for adoption of legislation is comitology, with limited intervention of the European Parliament. |
|
42. |
The EDPS notes that Article 4(4) of the Proposal foresees that the Commission will also consult the Electronic Communications Market Authority prior to adopting implementing rules. In this regard, the EDPS values the principle of consulting the Electronic Communications Market Authority as depositary of ENISA's experience and knowledge on network and information security issues. Until the Electronic Communications Market Authority is created it may be appropriate as an interim solution to foresee in the proposed amendment (Article 4(4)) the consultation of ENISA. |
II.3. Provision on cookies, spyware and similar devices: Amendment to Article 5(3)
|
43. |
Article 5(3) of the ePrivacy Directive addresses the issue of technologies that permit the access to information and the storage of information in the users' terminal equipment, via electronic communication networks. An example of the application of Article 5(3) is the use of cookies (16). Other examples include the use of technologies such as spyware (hidden espionage programs) and Trojan horses (programs hidden in messages or in other apparently innocent software). The aim of such technologies and purposes varies enormously, whereas some are perfectly harmless or even useful for the user, other objectives are clearly very harmful and threatening. |
|
44. |
Article 5(3) of the ePrivacy Directive sets forth the conditions that apply when gaining access to or storing information on the terminal equipment of users using, among others, the technologies mentioned above. In particular, pursuant to Article 5(3): (i) Internet users must be provided with clear and comprehensive information in accordance with Directive 95/46/EC, inter alia about the purposes of the processing; and (ii) Internet users must be allowed to refuse such processing, i.e. to opt out from the processing of information retrieved from his/her terminal equipment. |
Benefits of the proposed amendment
|
45. |
The existing Article 5(3) of the ePrivacy Directive limits its scope of application to situations where access to information and the storage of information in the users' terminal equipment is carried out via electronic communication networks. This includes the situation described above regarding the use of cookies as well as other technologies such as spyware delivered via electronic communication networks. However, it is far from clear whether Article 5(3) applies in situations where similar technologies (cookies/spyware and the likes) are distributed through software provided on external storage media and downloaded into the users' terminal equipment. Given that the threat to privacy exists independently of the communication channel, the limitation of Article 5(3) to one communication channel only is unfortunate. |
|
46. |
The EDPS is therefore pleased with the Amendment to Article 5(3) which, by removing the reference to ‘electronic communication networks’, in fact, broadens the scope of application of Article 5(3). Indeed, the amended version of Article 5(3) encompasses both situations where access to information and the storage of information in the users' terminal equipment is carried out via electronic communication networks but also via other external data storage media such as CDs, CD-ROMs, USB Keys, etc. |
Technical storage for the purpose of facilitating the transmission
|
47. |
The last sentence of Article 5(3) of the ePrivacy Directive remains unmodified in its amended version. Pursuant to the last sentence, the requirements of the first paragraph of Article 5(3) ‘shall not prevent any technical storage or access for the sole purpose of carrying out or facilitating the transmission of a communication over an electronic communication network or as strictly necessary in order to provide an information society service …’. Thus, the mandatory rules of the first sentence of Article 5(3) (the need to provide information and offer the possibility to refuse) will not apply when access to the terminal equipment of the user or the storage of information has the sole purpose of facilitating a transmission or when it is strictly necessary for providing information society services requested by the user. |
|
48. |
The Directive does not describe when the access or storage of information has the sole purpose of facilitating a transmission or providing information. One situation that would clearly be covered by this exception is the establishment of an Internet connection. This is because to establish an Internet connection is necessary to obtain an IP address (17). The computer of the end user will be asked to disclose to the Internet access provider certain information about itself and in return the Internet access provider will provide him an IP address. In this case, information stored in the end user terminal equipment will be transferred to the Internet access provider for the purpose of providing the user with access to the Internet. In this case, the Internet access provider is exempted from both the obligation to announce this collection of information and to provide the right to refuse insofar as it is needed to provide the service. |
|
49. |
Once connected to the Internet, if a user wants to view a given website, he/she must send a request to the server where the website is hosted. The latter will respond if it knows where to send the information, i.e. if it knows the user's IP address. Because of how this address is stored, it again requires the website which the user wants to visit to access information on the Internet users' terminal equipment. Clearly this transaction would also fall within the scope of the exception. Indeed, in these cases it seems appropriate to be outside the scope of application of the requirements of Article 5(3). |
|
50. |
The EDPS considers appropriate to exempt from the need to inform and give the possibility to refuse in situations as those illustrated above when technical storage or access to a user's terminal equipment is necessary for the sole purpose of carrying out the transmission of a communication over an electronic communication network. The same applies when the technical storage or access is strictly necessary in order to provide an information society service. However, the EDPS does not see the need to exclude from the obligation to provide information and offer the right to refuse in those situations where the technical storage or access has the purpose of merely facilitating the transmission of a communication. For example, pursuant to the last sentence of this Article a data subject may not benefit from information and the right to oppose the processing of his/her data if a cookie collects his language preferences or his location (e.g. Belgium, China) as this kind of cookies could be presented as having as objective the facilitation of the transmission of a communication. The EDPS is aware that at the level of software, the possibility is given in practice to data subjects to refuse or modulate the storage of cookies. However this is not backed-up clearly enough by any legal provision that would formally entitle the data subject to defend his rights in the context described above. |
|
51. |
To avoid this outcome the EDPS suggests making a minor amendment to the last part of Article 5(3) which consists in deleting the word ‘facilitating’ from the sentence: ‘shall not prevent any technical storage or access for the sole purpose of carrying out or facilitating the transmission of a communication over an electronic communication network or as strictly necessary in order to provide an information society service …’. |
II.4. Legal actions initiated by PPECS and legal persons: Addition of paragraph 6 to Article 13
|
52. |
The proposed Article 13(6) provides civil law remedies for any individual or legal person with a legitimate interest particularly for electronic communication service providers, having a business interest to fight those who infringe Article 13 of the ePrivacy Directive. This Article deals with the sending of unsolicited commercial communications. |
|
53. |
The proposed amendment will allow, for example, Internet access providers to tackle spammers for abusing their networks, to sue entities counterfeiting sender addresses or hacking servers for use as spam relays, etc. |
|
54. |
The ePrivacy Directive was not clear on whether it allowed PPECS the right of action against spammers and on a very few occasions PPECS have brought actions before courts for infringement of Article 13 as implemented in Member State legislation (18). By recognizing a cause of action for electronic communications service providers to protect their business interests the Proposal confirms that the ePrivacy Directive intends not only to protect individual subscribers, but also the providers of electronic communication services. |
|
55. |
The EDPS is satisfied that the Proposal introduces the possibility for electronic communication service providers having a business interest to bring actions against spammers. Save in exceptional circumstances, individual subscribers have neither the money nor the incentives to initiate this type of court action. Conversely, Internet access providers and other PPECS have the financial strength and technological capability to investigate spam campaigns, to identify the perpetrators and it only seems appropriate that they have the right to take legal actions against spammers. |
|
56. |
The EDPS values particularly the proposed amendment insofar as it would also permit consumer associations and trade unions representing the interest of spammed consumers to take legal action on their behalf before courts. As outlined above, the damage inflicted upon a data subject who has been spammed, individually considered, is usually not sufficient in itself for him/her to initiate legal action before courts. In fact, the EDPS already proposed this measure as to privacy and data protection infringements generally speaking in his Opinion on the follow-up of the Work Programme for better implementation of the Data Protection Directive (19). In the EDPS view, the Proposal could have gone further and propose class actions, empowering groups of citizens to jointly use litigation in matters concerning protection of personal data. In the case of spam, where a large number of individuals are receiving spam, the potential exists for classes of individuals to join together and launch class actions against spammers. |
|
57. |
The EDPS especially regrets that the Proposal limits the possibility for legal persons to take legal actions to situations where there is an infringement of Article 13 of the Directive, i.e. situations where there is a violation of the provision on unsolicited email communications. Indeed, under the proposed amendment, legal persons would not be able to take legal actions about infringements of the other provisions of the ePrivacy Directive. For example, the current provision does not enable a legal person such as a consumer association to take legal action against an Internet access provider who had disclosed personal data of millions of customers. The enforcement of the ePrivacy Directive as a whole, not only of a given Article, would be greatly improved if the provision of Article 13(6) was made general to enable legal persons to take legal actions for infringement of any provision of the ePrivacy Directive. |
|
58. |
To fix this problem the EDPS suggests converting Article 13(6) into a separate Article (Article 14). In addition, the language of Article 13(6) should be slightly amended as follows: Where it says ‘pursuant to this Article’ it should say ‘pursuant to this Directive’. |
II.5. Strengthening enforcement provisions: Addition of Article 15a
|
59. |
The ePrivacy Directive does not contain explicit enforcement provisions. Instead, it refers to the enforcement Section of the Data Protection Directive (20). The EDPS welcomes the new Article 15a of the Proposal, which explicitly addresses enforcement issues under this Directive. |
|
60. |
Firstly, the EDPS notes that an effective enforcement policy in this field assumes, as required under the proposed Article 15a(3), that national authorities have investigative powers in order to gather the necessary information. Very often the evidence of infringement of the provisions of the ePrivacy Directive will be of electronic nature and may be stored on different computers and devices or networks. In this context, it is important for enforcement agencies to be given the possibility to obtain search warrants conferring powers of entry, search and seizure. |
|
61. |
Secondly, the EDPS particularly welcomes the proposed amendment, i.e. Article 15a(2), pursuant to which national regulatory authorities must have the power to order injunctions, i.e. the cessation of infringements and have the necessary investigation powers and resources. National regulatory authorities, including national data protection authorities, should have the power to impose injunctions requiring wrongdoers from continuing an activity that infringes the ePrivacy Directive. Injunctions or the power to order a cessation of an infringement is a useful tool in case of an ongoing course of conduct that violates individuals' rights. Injunctions will be very useful in order to stop infringements of the ePrivacy Directive such as for example the violation of Article 13 on unsolicited commercial communications which by its very nature is an ongoing course of conduct. |
|
62. |
Thirdly, the Proposal enables the Commission to enact technical implementing measures to ensure effective cross border cooperation in the enforcement of national laws (proposed amendment Article 15a(4)). Experience of cooperation until now includes the agreement set up at the initiative of the Commission establishing a common procedure for handling cross-border complaints on spam. |
|
63. |
The EDPS considers that, if legislation supports regulators to assist their counterpart in other countries, it will undoubtedly assist the cross border enforcement. It is therefore appropriate for the Proposal to enable the Commission to create the conditions to ensure cross-border cooperation, including the procedures for sharing information. |
III. CONCLUSIONS AND RECOMMENDATIONS
|
64. |
The EDPS fully welcomes the Proposal. The proposed amendments strengthen the protection of individuals' privacy and personal data in the electronic communications sector and this is done with a light touch, without creating unjustified and unnecessary burdens upon organizations. More specifically, the EDPS considers that for the most part the proposed amendments should not be modified insofar as they fulfill properly their pursued objective. Point 69 below lists the amendments that the EDPS would hope to remain unmodified. |
|
65. |
Notwithstanding the overall positive consideration of the Proposal, the EDPS considers that some of its amendments should be improved to ensure that they effectively provide for a proper protection of the personal data and the privacy of individuals. This is particularly true regarding the provisions on security breach notification and for those that deal with the legal actions initiated by electronic communication service providers for violation of spam provisions. In addition, the EDPS regrets that the Proposal fails to tackle some issues, not properly dealt with in the current ePrivacy Directive, missing the opportunity of this review exercise to resolve the outstanding problems. |
|
66. |
To solve both problems, i.e. issues not properly addressed in the Proposal and those not dealt with at all, this Opinion has put forward some drafting proposals. Points 67 and 68 summarize the problems and propose specific language. The EDPS calls upon the legislator to take them into account as the Proposal makes its way through the legislative process. |
|
67. |
The amendments contained in the Proposal where the EDPS would strongly favor modification, include the following:
|
|
68. |
The scope of application of the ePrivacy Directive which is currently limited to providers of public electronic communication networks is one of the most worrisome issues that the Proposal has failed to address. The EDPS considers that the Directive should be amended to broaden its application to include providers of electronic communication services also in mixed (private/public) and private networks. |
|
69. |
The amendments that the EDPS would strongly favor to remain unmodified include the following:
|
Done at Brussels, 10 April 2008.
Peter HUSTINX
European Data Protection Supervisor
(1) OJ L 281, 23.11.1995, p. 31.
(2) OJ L 201, 31.7.2002, p. 37.
(4) The proposed amendments to the telecoms Directives are put forward in the following Proposals: (i) proposal for a Directive of the European Parliament and of the Council amending Directive 2002/21/EC on a common regulatory framework for electronic communications networks and services, Directive 2002/19/EC on access to, and interconnection of, electronic communications networks and services, and Directive 2002/20/EC on the authorisation of electronic communications networks and services, 13 November 2007, COM(2007) 697 final; (ii) proposal for a Directive of the European Parliament and of the Council amending Directive 2002/22/EC on universal service and users' rights relating to electronic communications networks, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector and Regulation (EC) No 2006/2004 on consumer protection cooperation, 13 November 2007, COM(2007) 698 final.
(5) Proposal for a Regulation of the European Parliament and of the Council establishing the European Electronic Communications Market Authority, 13 November 2007, COM(2007) 699 final.
(6) Communication on the EU Regulatory Framework for electronic communications networks and services (SEC(2006) 816) adopted on 29 June 2006. The Communication was complemented by a Commission Staff Working Document (COM(206) 334 final).
(7) Opinion 8/2006 on the review of the regulatory Framework for Electronic Communications and Services, with focus on the ePrivacy Directive, adopted on 26 September 2006.
(8) Opinion of the European Data Protection Supervisor of 25 July 2007 on the Communication from the Commission to the European Parliament and the Council on the follow-up of the Work Programme for better implementation of the Data Protection Directive (OJ C 255, 27.10.2007, p. 1).
(9) Directive 2002/21/EC of the European Parliament and of the Council of 7 March 2002 on a common regulatory framework for electronic communications networks and services (OJ L 108, 24.4.2002, p. 33). The Framework Directive delimits what should be understood by electronic communication system, namely: (i) An ‘electronic communications service’ is a service that is normally provided for a fee and consists of conveying signals on networks and includes telecommunications and transmission services in networks. (ii) Services that provide content transmitted using electronic communications networks and services are excluded from the definition of electronic communications services. (iii) Provision of services means the establishment, operation, control, or making available of a network. (iv) Electronic communications services do not include information society services, which are defined in the E-Commerce Directive as service[s], normally provided for remuneration, at a distance, by electronic means and at the individual request of a recipient of services.
(10) Public communications network means an electronic communications network used wholly or mainly for the provision of publicly available electronic communications services.
(11) Opinion of 20 December 2007 on the communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions on Radio Frequency Identification (RFID) in Europe: steps towards a policy framework, COM(2007) 96.
(12) For example the Paris Court of Appeal judgment in BNP Paribas v World Press Online delivered on 4 February 2005 found that there was no distinction between Internet service providers who offered Internet access on a commercial basis and employers who gave Internet access to their staff.
(13) See report ‘Security Economics and the Internal Market’, commissioned by ENISA to by Prof. Ross Anderson, Rainer Böhme, Richard Clayton and Tyler Moore. The report is available at:
http://www.enisa.europa.eu/doc/pdf/report_sec_econ_&_int_mark_20080131.pdf
(14) Providers of information society services are defined in the E-Commerce Directive as service[s], normally provided for remuneration, at a distance, by electronic means and at the individual request of a recipient of services.
(15) Law-making procedures in the EC which involve committees composed of the representatives of the governments of the Member States at the level of civil servants.
(16) Cookies are placed by ISSP (websites) in users' terminal equipments, for different purposes, including recognizing a visitor when he/she revisits a website. In practice when a cookie is sent to an Internet user by a website, the user's computer is assigned a unique number (i.e. the computer that received cookies from website A become ‘computer holder of cookie 111’). The website keeps this number as a reference. If the user/s of the computer that received the cookie 111 does not delete the cookie file, the next time he/she visits the same website, the site will be able to identify the computer as the holder of cookie 111. The website naturally deduces that this computer has visited on previous occasions. The mechanism that allows a website to recognize a computer as a repeat visitor is simple. When the visiting computer holds cookies, such as cookie 111, and visits the site that on an earlier visited generated that cookie, it will search the hard disk of the user for the cookie file number. If the user's browser finds a cookie file to match the reference number kept by the website, it informs the website that the computer holds a cookie 111.
(17) An IP address (Internet Protocol address) is a unique address that certain electronic devices use in order to identify and communicate with each other on a computer network utilizing the Internet Protocol standard (IP) — in simpler terms, a computer address. Any participating network device — including routers, switches, computers, infrastructure servers (e.g. NTP, DNS, DHCP, SNMP, etc.), printers, Internet fax machines, and some telephones — can have its own address that is unique within the scope of the specific network. Some IP addresses are intended to be unique within the scope of the global Internet, while others need to be unique only within the scope of an enterprise.
(18) One case when this happens is the case Microsoft corporation v Paul McDonald t/a Bizards UK (2006 All Er (D) 153).
(19) Opinion of the European Data Protection Supervisor on the Communication from the Commission to the European Parliament and the Council on the follow-up of the Work Programme for better implementation of the Data Protection Directive (OJ C 255, 27.10.2007, p. 1).
(20) Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
II Information
INFORMATION FROM EUROPEAN UNION INSTITUTIONS AND BODIES
Commission
|
18.7.2008 |
EN |
Official Journal of the European Union |
C 181/14 |
Authorisation for State aid pursuant to Articles 87 and 88 of the EC Treaty
Cases where the Commission raises no objections
(2008/C 181/02)
|
Date of adoption of the decision |
15.10.2007 |
||||
|
Reference number of the aid |
N 204/06 and N 605/06 |
||||
|
Member State |
Spain |
||||
|
Region |
Extremadura, Andalucía, Canarias, Castilla y León, Cataluña, Galicia, Baleares, Castilla la Mancha, Asturias y Valencia |
||||
|
Title |
Ayudas para compensar los daños causados por los incendios (verano 2005) |
||||
|
Legal basis |
Real Decreto-Ley no 11/2005, de 22 de julio Real Decreto no 949/2005, de 29 de julio Real Decreto no 609/2006, de 19 de mayo |
||||
|
Type of measure |
Aid scheme |
||||
|
Objective |
Compensation for losses in agricultural production caused by fires |
||||
|
Form of aid |
Direct grant, interest rate subsidy, tax relief |
||||
|
Budget |
EUR 4 million Budget heading of EUR 20 million for interest rate subsidies |
||||
|
Intensity |
Up to 100 % of the cost of the production losses |
||||
|
Duration |
Until the final payment is made |
||||
|
Economic sectors |
Agriculture (livestock and beekeeping sector) |
||||
|
Name and address of the granting authority |
|
||||
|
Other information |
The tax relief does not constitute State aid as defined in the Commission notice on the application of the State aid rules to measures relating to direct business taxation (OJ C 384, 10.12.1998, p. 3) |
The authentic text(s) of the decision, from which all confidential information has been removed, can be found at:
http://ec.europa.eu/community_law/state_aids/
|
Date of adoption of the decision |
5.12.2007 |
||||
|
Reference number of the aid |
N 327/07 |
||||
|
Member State |
Spain |
||||
|
Region |
— |
||||
|
Title (and/or name of the beneficiary) |
Ayudas para la reparación de daños causados por los incendios ocurridos durante el año 2006 en diferentes regiones españolas |
||||
|
Legal basis |
Orden APA/1446/2007, de 16 de mayo, por la que se dictan disposiciones para el desarrollo del Real Decreto no 86/2007, de 26 de enero, por el que se declara, para incendios acaecidos en diversas Comunidades Autónomas, la aplicación de las disposiciones contenidas en el Real Decreto-Ley no 8/2006, de 28 de agosto, por el que se aprueban medidas urgentes en materia de incendios forestales en la Comunidad Autónoma de Galicia |
||||
|
Type of measure |
Aid scheme |
||||
|
Objective |
To provide compensation for damage caused by the 2006 fires on agricultural, livestock and beekeeping holdings located in several municipalities in the Canaries (Island of Hierro), Extremadura (Caceres), Castilla-La Mancha (Toledo), Aragon (Huesca) and Galicia (Lugo) |
||||
|
Form of aid |
Direct grant |
||||
|
Budget |
EUR 800 000 |
||||
|
Intensity |
Maximum 100 % |
||||
|
Duration |
Ad hoc |
||||
|
Economic sector(s) |
Agriculture |
||||
|
Name and address of the granting authority |
|
||||
|
Other information |
— |
The authentic text(s) of the decision, from which all confidential information has been removed, can be found at:
http://ec.europa.eu/community_law/state_aids/
|
Date of adoption of the decision |
14.11.2007 |
||||||
|
Reference number of the aid |
N 346/07 |
||||||
|
Member State |
United Kingdom |
||||||
|
Region |
England |
||||||
|
Title (and/or name of the beneficiary) |
Woodland Management Grant for Access |
||||||
|
Legal basis |
The Forestry Act 1979 |
||||||
|
Type of measure |
Scheme |
||||||
|
Objective |
Forestry |
||||||
|
Form of aid |
Grant |
||||||
|
Budget |
Annual amount: GBP 300 000 (approximately EUR 440 000) Overall amount: GBP 2,10 million (approximately EUR 3,08 million) |
||||||
|
Intensity |
Up to 70 % |
||||||
|
Duration |
Date of Commission decision until 31.12.2013 |
||||||
|
Economic sectors |
Forestry |
||||||
|
Name and address of the granting authority |
|
||||||
|
Other information |
— |
The authentic text(s) of the decision, from which all confidential information has been removed, can be found at:
http://ec.europa.eu/community_law/state_aids/
|
18.7.2008 |
EN |
Official Journal of the European Union |
C 181/17 |
Non-opposition to a notified concentration
(Case COMP/M.5162 — Avnet/Horizon)
(Text with EEA relevance)
(2008/C 181/03)
On 26 June 2008, the Commission decided not to oppose the above notified concentration and to declare it compatible with the common market. This decision is based on Article 6(1)(b) of Council Regulation (EC) No 139/2004. The full text of the decision is available only in English and will be made public after it is cleared of any business secrets it may contain. It will be available:
|
— |
from the Europa competition website (http://ec.europa.eu/comm/competition/mergers/cases/). This website provides various facilities to help locate individual merger decisions, including company, case number, date and sectoral indexes, |
|
— |
in electronic form on the EUR-Lex website under document number 32008M5162. EUR-Lex is the on-line access to European law (http://eur-lex.europa.eu). |
IV Notices
NOTICES FROM EUROPEAN UNION INSTITUTIONS AND BODIES
Commission
|
18.7.2008 |
EN |
Official Journal of the European Union |
C 181/18 |
Euro exchange rates (1)
17 July 2008
(2008/C 181/04)
1 euro=
|
|
Currency |
Exchange rate |
|
USD |
US dollar |
1,5849 |
|
JPY |
Japanese yen |
167,43 |
|
DKK |
Danish krone |
7,4588 |
|
GBP |
Pound sterling |
0,79140 |
|
SEK |
Swedish krona |
9,4778 |
|
CHF |
Swiss franc |
1,6145 |
|
ISK |
Iceland króna |
122,11 |
|
NOK |
Norwegian krone |
8,0640 |
|
BGN |
Bulgarian lev |
1,9558 |
|
CZK |
Czech koruna |
23,142 |
|
EEK |
Estonian kroon |
15,6466 |
|
HUF |
Hungarian forint |
230,13 |
|
LTL |
Lithuanian litas |
3,4528 |
|
LVL |
Latvian lats |
0,7027 |
|
PLN |
Polish zloty |
3,2235 |
|
RON |
Romanian leu |
3,5620 |
|
SKK |
Slovak koruna |
30,318 |
|
TRY |
Turkish lira |
1,9109 |
|
AUD |
Australian dollar |
1,6246 |
|
CAD |
Canadian dollar |
1,5860 |
|
HKD |
Hong Kong dollar |
12,3581 |
|
NZD |
New Zealand dollar |
2,0661 |
|
SGD |
Singapore dollar |
2,1414 |
|
KRW |
South Korean won |
1 603,13 |
|
ZAR |
South African rand |
11,9765 |
|
CNY |
Chinese yuan renminbi |
10,8111 |
|
HRK |
Croatian kuna |
7,2271 |
|
IDR |
Indonesian rupiah |
14 498,67 |
|
MYR |
Malaysian ringgit |
5,1232 |
|
PHP |
Philippine peso |
70,631 |
|
RUB |
Russian rouble |
36,8300 |
|
THB |
Thai baht |
52,985 |
|
BRL |
Brazilian real |
2,5190 |
|
MXN |
Mexican peso |
16,2001 |
Source: reference exchange rate published by the ECB.
NOTICES FROM MEMBER STATES
|
18.7.2008 |
EN |
Official Journal of the European Union |
C 181/19 |
Information communicated by Member States regarding State aid granted under Commission Regulation (EC) No 1628/2006 on the application of Articles 87 and 88 of the EC Treaty to national regional investment aid
(Text with EEA relevance)
(2008/C 181/05)
|
Aid No |
XR 37/08 |
|||
|
Member State |
France |
|||
|
Region |
Corse 87(3)c |
|||
|
Title of aid scheme or the name of the undertaking receiving ad hoc aid supplement |
Mesures fiscales d'aide à l'investissement en Corse: crédit d'impôt et exonération de taxe professionnelle |
|||
|
Legal basis |
Articles 244 quater E et 1466 C du code général des impôts |
|||
|
Type of measure |
Aid scheme |
|||
|
Annual budget |
EUR 43 million |
|||
|
Maximum aid intensity |
15 % |
|||
|
In conformity with Article 4 of the Regulation |
||||
|
Date of implementation |
1.1.2007 |
|||
|
Duration |
31.12.2012 |
|||
|
Economic sectors |
— |
|||
|
NACE A, D (sine DA 15.2, DF 23.1, DF 24.7, DJ 27.1, DJ 27.2, DJ 27.3, DM 34, DM 35.1), DM 35.1 A, E, F, G, GA 50.2, GA 52.7, H, I, J, JA 65.2, JA 67, K, KA 72, KA 72.5, KA 74, M, N, O, O92 |
||||
|
Name and address of the granting authority |
|
|||
|
Internet address of the publication of the aid scheme |
http://www.legifrance.gouv.fr/./affichCode.do?cidTexte=LEGITEXT000006069577 |
|||
|
Other information |
— |
|
18.7.2008 |
EN |
Official Journal of the European Union |
C 181/20 |
Information communicated by Member States regarding State aid granted under Commission Regulation (EC) No 70/2001 on the application of Articles 87 and 88 of the EC Treaty to State aid to small and medium-sized enterprises
(Text with EEA relevance)
(2008/C 181/06)
|
Aid No |
XS 87/08 |
|||
|
Member State |
Poland |
|||
|
Region |
Centralny PL 12 |
|||
|
Title of aid scheme or name of company receiving individual aid |
Przedsiębiorstwo produkcyjno handlowo usługowe Bomet |
|||
|
Legal basis |
Ustawa z dnia 8 października 2004 r. o zasadach finansowania nauki art. 10, Rozporządzenie Ministra Nauki i Szkolnictwa Wyższego Dz.U. nr 221 z 14 listopada 2007 r. § 3 ust. 1, umowa nr II-189/P-218/2008 |
|||
|
Type of measure |
Ad hoc |
|||
|
Budget |
Annual budget: — Overall budget: EUR 66 487,86 |
|||
|
Maximum aid intensity |
In conformity with Articles 4(2)-(6) and 5 of the Regulation |
|||
|
Date of implementation |
18.3.2008 |
|||
|
Duration |
18.3.2008 |
|||
|
Objective |
Small and medium-sized enterprises |
|||
|
Economic sectors |
All sectors eligible for aid to SMEs |
|||
|
Name and address of the granting authority |
|
|
Aid No |
XS 88/08 |
|||
|
Member State |
Poland |
|||
|
Region |
Północny PL 63 |
|||
|
Title of aid scheme or name of company receiving individual aid |
Remprodex Sp. z o.o. |
|||
|
Legal basis |
Ustawa z dnia 8 października 2004 r. o zasadach finansowania nauki art. 10, Rozporządzenie Ministra Nauki i Szkolnictwa Wyższego Dz.U. nr 221 z 14 listopada 2007 r. § 3 ust. 1, umowa nr II-188/P-208/2008 |
|||
|
Type of measure |
Ad hoc |
|||
|
Budget |
Annual budget: — Overall budget: EUR 0,10951177 million |
|||
|
Maximum aid intensity |
In conformity with Articles 4(2)-(6) and 5 of the Regulation |
|||
|
Date of implementation |
13.2.2008 |
|||
|
Duration |
13.2.2008 |
|||
|
Objective |
Small and medium-sized enterprises |
|||
|
Economic sectors |
All sectors eligible for aid to SMEs |
|||
|
Name and address of the granting authority |
|
|
18.7.2008 |
EN |
Official Journal of the European Union |
C 181/22 |
Information communicated by Member States regarding State aid granted under Commission Regulation (EC) No 68/2001 on the application of Articles 87 and 88 of the EC Treaty to training aid
(Text with EEA relevance)
(2008/C 181/07)
|
Reference number of the aid |
XT 49/08 |
|||
|
Member State |
Czech Republic |
|||
|
Region |
Regiony soudržnosti NUTS II Střední Čechy, Jihozápad, Severozápad, Severovýchod, Jihovýchod, Střední Morava, Moravskoslezsko |
|||
|
Title (and/or name of the beneficiary) |
Operační program Podnikání a inovace 2007–2013. Podprogram Inovace – školení |
|||
|
Legal basis |
Zákon č. 47/2002 Sb., o podpoře malého a středního podnikání. Zákon č. 218/2000 Sb., o rozpočtových pravidlech a o změně některých souvisejících zákonů |
|||
|
Type of measure |
Aid scheme |
|||
|
Budget |
Annual budget: CZK 45 million Overall budget: — |
|||
|
Maximum aid intensity |
In conformity with Article 4(2)-(7) of the Regulation |
|||
|
Date of implementation |
1.6.2007 |
|||
|
Duration |
31.12.2008 |
|||
|
Objective |
Specific training |
|||
|
Economic sectors |
Manufacture of transport equipment Other manufacturing Other services |
|||
|
Name and address of the granting authority |
|
|
Reference number of the aid |
XT 52/08 |
|||
|
Member State |
Poland |
|||
|
Region |
PL 421 — Podregion szczeciński |
|||
|
Title (and/or name of the beneficiary) |
Wojewódzka Handlowa Spółdzielnia Inwalidów ZPCH |
|||
|
Legal basis |
Art. 30, 31 ustawy z dnia 20 kwietnia 2004 r. o Narodowym Planie Rozwoju (Dz.U. nr 116, poz. 1206). Rozporządzenie Ministra Gospodarki i Pracy z dnia 21 września 2004 r. w sprawie przyjęcia Uzupełnienia programu operacyjnego — Program Inicjatywy Wspólnotowej EQUAL dla Polski 2004–2006 (Dz.U. nr 214, poz. 2172). Umowa szkoleniowa nr SZCZECIN/WHSI/4/2007 z dnia 7 grudnia 2007 r. |
|||
|
Type of measure |
Ad hoc |
|||
|
Budget |
Annual budget: — Overall budget: EUR 508,9 |
|||
|
Maximum aid intensity |
In conformity with Article 4(2)-(7) of the Regulation |
|||
|
Date of implementation |
7.12.2007 |
|||
|
Duration |
14.12.2007 |
|||
|
Objective |
General training |
|||
|
Economic sectors |
All sectors eligible for training aid |
|||
|
Name and address of the granting authority |
|
|
Reference number of the aid |
XT 53/08 |
|||
|
Member State |
Poland |
|||
|
Region |
PL 421 — Podregion szczeciński |
|||
|
Title (and/or name of the beneficiary) |
Wojewódzka Handlowa Spółdzielnia Inwalidów ZPCH |
|||
|
Legal basis |
Art. 30, 31 ustawy z dnia 20 kwietnia 2004 r. o Narodowym Planie Rozwoju (Dz.U. nr 116, poz. 1206). Rozporządzenie Ministra Gospodarki i Pracy z dnia 21 września 2004 r. w sprawie przyjęcia Uzupełnienia programu operacyjnego — Program Inicjatywy Wspólnotowej EQUAL dla Polski 2004–2006 (Dz.U. nr 214, poz. 2172). Umowa szkoleniowa nr SZCZECIN/WHSI/2/2007 z dnia 5 listopada 2007 r. |
|||
|
Type of measure |
Ad hoc |
|||
|
Budget |
Annual budget: — Overall budget: EUR 586,64 |
|||
|
Maximum aid intensity |
In conformity with Article 4(2)-(7) of the Regulation |
|||
|
Date of implementation |
5.11.2007 |
|||
|
Duration |
16.11.2007 |
|||
|
Objective |
General training |
|||
|
Economic sectors |
All sectors eligible for training aid |
|||
|
Name and address of the granting authority |
|
|
18.7.2008 |
EN |
Official Journal of the European Union |
C 181/24 |
Information communicated by Member States regarding State aid granted under Commission Regulation (EC) No 1628/2006 on the application of Articles 87 and 88 of the EC Treaty to national regional investment aid
(Text with EEA relevance)
(2008/C 181/08)
|
Aid No |
XR 10/08 |
||||
|
Member State |
Malta |
||||
|
Region |
Malta |
||||
|
Title of aid scheme or the name of the undertaking receiving ad hoc aid supplement |
Investment Aid Scheme |
||||
|
Legal basis |
Investment Aid Regulations |
||||
|
Type of measure |
Aid scheme |
||||
|
Annual budget |
MTL 13 million |
||||
|
Maximum aid intensity |
30 % |
||||
|
In conformity with Article 4 of the Regulation |
|||||
|
Date of implementation |
1.1.2008 |
||||
|
Duration |
31.12.2013 |
||||
|
Economic sectors |
Limited to specific sectors |
||||
|
NACE D, K072, K0731, K07482, K07486, M0803, N0851, O0921 |
|||||
|
Name and address of the granting authority |
|
||||
|
Internet address of the publication of the aid scheme |
www.maltaenterprise.com |
||||
|
Other information |
— |
V Announcements
PROCEDURES RELATING TO THE IMPLEMENTATION OF THE COMMON COMMERCIAL POLICY
Commission
|
18.7.2008 |
EN |
Official Journal of the European Union |
C 181/25 |
Notice of initiation of a partial interim review of the anti-dumping measures applicable to imports of farmed salmon originating in Norway
(2008/C 181/09)
The Commission has decided on its own initiative to initiate a partial interim review pursuant to Article 11(3) of Council Regulation (EC) No 384/96 of 22 December 1995 on protection against dumped imports from countries not members of the European Community (1) (‘the basic Regulation’). The review is limited to the examination of the product scope as regards the clarification of whether certain product types fall within the scope of the measures on farmed salmon.
1. Product
The product under review is farmed (other than wild) salmon whether or not filleted, fresh, chilled or frozen, originating in Norway (‘the product concerned’), currently classifiable within CN codes ex 0302 12 00, ex 0303 11 00, ex 0303 19 00, ex 0303 22 00, ex 0304 19 13 and ex 0304 29 13. These CN codes are given only for information.
2. Existing measures
The measures currently in force are a definitive anti-dumping duty imposed by Council Regulation (EC) No 85/2006 of 17 January 2006 on imports of farmed salmon originating in Norway (2).
3. Grounds for the review
The Tallinn Administrative Court has applied to the European Court of Justice for a preliminary ruling on the question whether frozen backbones (bones with fish meat) of salmon fall within one of the Taric codes mentioned in Article 1 of Regulation (EC) No 85/2006 imposing a definitive anti-dumping duty on imports of farmed salmon originating in Norway, and on the subsequent question regarding the implications of this classification for the anti-dumping measures. Article 1 of the above mentioned Regulation imposes measures at different levels depending on the presentations of the product concerned. One of these presentations is ‘other farmed salmon (including gutted, head off), fresh, chilled or frozen’. The Commission has decided on its own initiative that the product scope of the anti-dumping measures should be clarified as far as the above mentioned presentation is concerned (including the same backbones, fresh or chilled), so that it is made clear whether frozen backbones of salmon fall within the definition of the product concerned.
Therefore it is appropriate to review the case as far as the scope of the product definition is concerned with the decision thereon possibly having retroactive effect as of the date of imposition of the relevant measures. All operators, and in particular importers are invited to make their views known on this issue, and submit any evidence supporting those views.
4. Procedure
Having determined, after consulting the Advisory Committee, that sufficient evidence exists to justify the initiation of a partial interim review, the Commission hereby initiates a review in accordance with Article 11(3) of the basic Regulation, limited to the examination of the product scope.
(a) Questionnaires
In order to obtain the information it deems necessary for its investigation, the Commission will send questionnaires to the Community industry, to other known producers in the Community, to known importers, to known users, to known exporting producers in Norway and to the authorities of that country. This information and supporting evidence should reach the Commission within the time limit set in point 5(a).
(b) Collection of information and holding of hearings
All interested parties are hereby invited to make their views known, submit information, including information other than questionnaire replies, and to provide supporting evidence. This information and supporting evidence must reach the Commission within the time limit set in point 5(a).
Furthermore, the Commission may hear interested parties, provided that they make a request showing that there are particular reasons why they should be heard. This request must be made within the time limit set in point 5(b).
5. Time limits
(a) For parties to make themselves known, to submit questionnaire replies and any other information
All interested parties, if their representations are to be taken into account during the investigation, must make themselves known by contacting the Commission, present their views and submit questionnaire replies or any other information within 40 days of the date of publication of this notice in the Official Journal of the European Union, unless otherwise specified. Attention is drawn to the fact that the exercise of most procedural rights set out in the basic Regulation depends on the party's making itself known within the aforementioned period.
(b) Hearings
All interested parties may also apply to be heard by the Commission within the same 40-day time limit.
6. Written submissions, questionnaire replies and correspondence
All submissions and requests made by interested parties must be made in writing (not in electronic format, unless otherwise specified) and must indicate the name, address, e-mail address, telephone and fax and/or telex numbers of the interested party. All written submissions, including the information requested in this notice, questionnaire replies and correspondence provided by interested parties on a confidential basis shall be labelled as ‘Limited’ (3) and, in accordance with Article 19(2) of the basic Regulation, shall be accompanied by a non-confidential version, which will be labelled ‘For inspection by interested parties’.
Commission address for correspondence:
|
European Commission |
|
Directorate-General for Trade |
|
Directorate H |
|
Office: J-79 4/23 |
|
B-1049 Brussels |
|
Fax (32-2) 295 65 05 |
7. Non-co-operation
In cases in which any interested party refuses access to or does not provide the necessary information within the time limits, or significantly impedes the investigation, provisional or final findings, affirmative or negative, may be made in accordance with Article 18 of the basic Regulation, on the basis of the facts available.
Where it is found that any interested party has supplied false or misleading information, the information shall be disregarded and use may be made, in accordance with Article 18 of the basic Regulation, of the facts available. If an interested party does not cooperate or cooperates only partially, and findings are therefore based on best facts available, in accordance with Article 18 of the basic Regulation, the result may be less favourable to that party than if it had cooperated.
8. Schedule of the investigation
The investigation will be concluded, according to Article 11(5) of the basic Regulation, within 15 months of the date of the publication of this notice in the Official Journal of the European Union.
9. Other interim reviews under Article 11(3) of the basic Regulation
The scope of the current review is as set out in point 3 above. Any party wishing to claim a review on the basis of other grounds may do so in accordance with the provisions of Article 11(3) of the basic Regulation.
The present product scope review has no effect on the period of application of the current anti-dumping measures.
10. Processing of personal data
It is noted that any personal data collected in this investigation will be treated in accordance with Regulation (EC) No 45/2001 of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data (4).
11. Hearing Officer
It is also noted that if interested parties consider that they are encountering difficulties in the exercise of their rights of defence, they may request the intervention of the Hearing Officer of DG Trade. He acts as an interface between the interested parties and the Commission services, offering, where necessary, mediation on procedural matters affecting the protection of their interests in this proceeding, in particular with regard to issues concerning access to file, confidentiality, extension of time limits, and the treatment of written and/or oral submission of views. For further information and contact details, interested parties may consult the Hearing Officer's web pages on the website of DG Trade (http://ec.europa.eu/trade).
(1) OJ L 56, 6.3.1996, p. 1. Regulation as last amended by Regulation (EC) No 2117/2005 (OJ L 340, 23.12.2005, p. 17).
(3) This means that the document is for internal use only. It is protected pursuant to Article 4 of Regulation (EC) No 1049/2001 of the European Parliament and of the Council of 30 May 2001 regarding public access to European Parliament, Council and Commission documents (OJ L 145, 31.5.2001, p. 43). It is a confidential document pursuant to Article 19 of the basic Regulation and Article 6 of the WTO Agreement on Implementation of Article VI of the GATT 1994 (Anti-dumping Agreement).
PROCEDURES RELATING TO THE IMPLEMENTATION OF THE COMPETITION POLICY
Commission
|
18.7.2008 |
EN |
Official Journal of the European Union |
C 181/28 |
Prior notification of a concentration
(Case COMP/M.5231 — Bain Capital/D&M)
Candidate case for simplified procedure
(Text with EEA relevance)
(2008/C 181/10)
|
1. |
On 9 July 2008, the Commission received a notification of a proposed concentration pursuant to Article 4 of Council Regulation (EC) No 139/2004 (1) by which the undertaking Bain Capital Investors LLC (USA) acquire(s) within the meaning of Article 3(1)(b) of the Council Regulation control of the whole of the undertaking D&M Holdings Inc. (Japan) by way of public bid. |
|
2. |
The business activities of the undertakings concerned are:
|
|
3. |
On preliminary examination, the Commission finds that the notified transaction could fall within the scope of Regulation (EC) No 139/2004. However, the final decision on this point is reserved. Pursuant to the Commission Notice on a simplified procedure for treatment of certain concentrations under Council Regulation (EC) No 139/2004 (2) it should be noted that this case is a candidate for treatment under the procedure set out in the Notice. |
|
4. |
The Commission invites interested third parties to submit their possible observations on the proposed operation to the Commission. Observations must reach the Commission not later than 10 days following the date of this publication. Observations can be sent to the Commission by fax ((32-2) 296 43 01 or 296 72 44) or by post, under reference number COMP/M.5231 — Bain Capital/D&M, to the following address:
|
|
18.7.2008 |
EN |
Official Journal of the European Union |
C 181/29 |
Prior notification of a concentration
(Case COMP/M.5227 — Robert Bosch/Samsung/JV)
(Text with EEA relevance)
(2008/C 181/11)
|
1. |
On 10 July 2008, the Commission received a notification of a proposed concentration pursuant to Article 4 of Council Regulation (EC) No 139/2004 (1) by which the undertakings Robert Bosch GmbH (‘Bosch’, Germany) and Samsung SDI Co. Ltd (‘Samsung SDI’, South-Korea) acquire within the meaning of Article 3(1)(b) of the Council Regulation joint control of SB LiMotive Ltd (‘SB LiMotive’, South-Korea) by way of purchase of shares in a newly created company constituting a joint venture. |
|
2. |
The business activities of the undertakings concerned are:
|
|
3. |
On preliminary examination, the Commission finds that the notified transaction could fall within the scope of Regulation (EC) No 139/2004. However, the final decision on this point is reserved. |
|
4. |
The Commission invites interested third parties to submit their possible observations on the proposed operation to the Commission. Observations must reach the Commission not later than 10 days following the date of this publication. Observations can be sent to the Commission by fax ((32-2) 296 43 01 or 296 72 44) or by post, under reference number COMP/M.5227 — Robert Bosch/Samsung/JV, to the following address:
|
|
18.7.2008 |
EN |
Official Journal of the European Union |
C 181/30 |
Prior notification of a concentration
(Case COMP/M.5267 — Sun Capital/SCS Group)
Candidate case for simplified procedure
(Text with EEA relevance)
(2008/C 181/12)
|
1. |
On 9 July 2008, the Commission received a notification of a proposed concentration pursuant to Article 4 of Council Regulation (EC) No 139/2004 (1) by which Sun Capital Partners V, L.P. (‘Sun Capital’, USA) acquires within the meaning of Article 3(1)(b) of the Council Regulation control of operational parts of SCS Upholstery plc, namely Share & Sons Ltd (‘SCS Group’, United Kingdom) by way of purchase of shares. |
|
2. |
The business activities of the undertakings concerned are:
|
|
3. |
On preliminary examination, the Commission finds that the notified transaction could fall within the scope of Regulation (EC) No 139/2004. However, the final decision on this point is reserved. Pursuant to the Commission Notice on a simplified procedure for treatment of certain concentrations under Council Regulation (EC) No 139/2004 (2) it should be noted that this case is a candidate for treatment under the procedure set out in the Notice. |
|
4. |
The Commission invites interested third parties to submit their possible observations on the proposed operation to the Commission. Observations must reach the Commission not later than 10 days following the date of this publication. Observations can be sent to the Commission by fax ((32-2) 296 43 01 or 296 72 44) or by post, under reference number COMP/M.5267 — Sun Capital/SCS Group, to the following address:
|