|
13.3.2004 |
EN |
Official Journal of the European Union |
CE 65/144 |
(2004/C 65 E/160)
WRITTEN QUESTION E-2412/03
by Charlotte Cederschiöld (PPE-DE) to the Commission
(21 July 2003)
Subject: Network and information security
The European Parliament together with industry have welcomed the Commission proposal for a Regulation establishing the European Network and Information Security Agency.
What other steps is the Commission envisaging in order to accelerate the Union's network and information security agenda? Can we expect any initiatives taking a global approach to these issues?
Can we expect the dialogue between policy-makers and parties with an interest in the field to continue and even intensify, e.g. within such fora as the Cybercrime Forum?
Answer given by Mr Liikanen on behalf of the Commission
(18 September 2003)
The Commission thanks the Honourable Member for the interest in the network and information security agenda. As she is aware, the Commission's proposal to establishing a European Network and Information Security Agency will be discussed shortly in the Parliament. The Commission hopes it can count on the Honourable Member's support for a swift adoption of the Regulation.
Already a substantial amount of activities have been deployed in the area of network and information security and cybercrime following the Commission's Communications ‘Network and Information Security: proposal for a European policy approach’ from June 2001, and ‘Creating a Safer Information Society by Improving the Security of Information Infrastructures and Combating Computer-related crime’ from January 2001.
These activities range from an increased emphasis on security within the eEurope 2002 and 2005 action plans, through sustained research efforts in the Information Society Technology (IST) research programmes and the review of existing legislation (e.g. the new electronic communications legal framework and the Electronic Signatures Directive (1)) to supporting standardisation efforts at European level and increased security requirements for the exchange of data between public administrations, and a proposal for a Framework Decision on attacks against information systems (2).
The broader approach on cyber-security mentioned by the Honourable Member consists in the Commission's view of the three categories of actions conducted respectively in the areas of the electronic communications and data protection legal framework, the network and information security activities and the policy on cyber-crime and information infrastructure protection.
Concerning cyber-crime related activities, the Commission intends to intensify the discussions on the security and protection of information infrastructures between involved parties of the public and private sector through the organisation of workshops and expert meetings in fora such as the Forum on the prevention of organised crime. An initial workshop with the private sector is scheduled to take place in October 2003.
(1) Directive 1999/93/EC of the Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures, OJ L 13, 19.1.2000.